WO2014117383A1 - Method and apparatus for identifying device in network - Google Patents

Method and apparatus for identifying device in network Download PDF

Info

Publication number
WO2014117383A1
WO2014117383A1 PCT/CN2013/071247 CN2013071247W WO2014117383A1 WO 2014117383 A1 WO2014117383 A1 WO 2014117383A1 CN 2013071247 W CN2013071247 W CN 2013071247W WO 2014117383 A1 WO2014117383 A1 WO 2014117383A1
Authority
WO
WIPO (PCT)
Prior art keywords
code
broadcast
codel
preset function
network
Prior art date
Application number
PCT/CN2013/071247
Other languages
French (fr)
Chinese (zh)
Inventor
张冬梅
陈璟
崔洋
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201380001002.6A priority Critical patent/CN104186005A/en
Priority to PCT/CN2013/071247 priority patent/WO2014117383A1/en
Publication of WO2014117383A1 publication Critical patent/WO2014117383A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method and apparatus for identifying devices in a network.
  • the embodiments of the present invention provide a method and a device for identifying devices in a network, so as to prevent an attacker from obtaining network information of a device in the network, such as a track, a location, and the like.
  • the second device substitutes the code into the preset function to obtain a second network code code2;
  • the first device is a target device of the second device.
  • the second device substitutes the code into a preset function to obtain a second network code code2, including: The second device substitutes at least one parameter of the code and the first set into the preset function to obtain code2, where the first set is equal to ⁇ the broadcast time of the first device, the random value nonce, the first The first network code codel ⁇ broadcasted by the device on the round, wherein the nonce is broadcast by the first device.
  • the code1 broadcast by the first device is that the code and at least one parameter in the first set pass the preset The result of the function operation.
  • the second device substitutes the code into a preset function to obtain a second network code code2, including:
  • the code1 of the first round broadcast of the first device is that the at least one parameter in the code and the second set passes the pre- Set the result obtained after the function operation;
  • the codel of the first device that is not broadcast by the first round is a result obtained by the codel of the round broadcast on the first device and the at least one parameter of the second set being operated by the preset function.
  • the embodiment of the present invention provides another method for identifying a device in a network, including: the first device storing its original network code code in a server;
  • the first device substitutes the code into a preset function to obtain a first network code codel, including:
  • the first device when the time is selected to be substituted into the preset function, the first device simultaneously broadcasts the code1 and the time.
  • the second set of the second set is equal to ⁇ the broadcast time of the first device, the random value nonce ⁇ .
  • the second device When the code1 monitored by the second device is a message broadcast by the first device in the first round, the second device substitutes at least one parameter of the code and the second set into a preset function.
  • the operation gets code2;
  • the second device When the code1 that is monitored by the second device is not the broadcast message of the first round of the first device, the second device sends at least one of the codel and the second set of the round broadcast on the first device.
  • the parameter is substituted into the preset function to perform the operation to obtain code2.
  • the method for identifying a device in a network may be applied to a D2D network;
  • the server may be an MME server or a Proximity server; and
  • the preset function may be a hash function.
  • a calculation module configured to substitute the code acquired by the obtaining module into the preset function to obtain a second network code C0 de2;
  • the method for identifying the device in the network uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device and the first device If the second device is a non-malicious attacker, the second device may obtain the original network code code of the first device from the server, and obtain the second network through the same preset function operation.
  • the code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby preventing the malicious attack device from obtaining the broadcast message.
  • the original network code code of the first device ensures the security of the first device.
  • FIG. 1 is a schematic flowchart of a method for identifying a device in a network according to an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of another method for identifying a device in a network according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of a method for calculating a first network code according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of another method for calculating a first network code according to an embodiment of the present invention
  • FIG. 6 is another schematic diagram of a device for identifying a network in an embodiment of the present invention
  • FIG. 7 is a schematic structural diagram of an apparatus for identifying a device in a network according to an embodiment of the present invention.
  • Embodiments of the present invention provide a method and apparatus for identifying devices in a network, so as to prevent an attacker from obtaining network information of a device, such as a track, a location, and the like, through network code information broadcast by devices in the network.
  • the second device monitors the first network code code1 broadcasted by the first device, where the code1 is a result obtained by the first device after the code of the first device is calculated by a preset function;
  • the above server may be an MME server or a Proximity server
  • the first device may perform at least one parameter in the code and the first set to obtain a code by using a preset function, where the first set is equal to ⁇ the broadcast time of the first device, the random value nonce, and the first device.
  • the first network code codel ⁇ of the round broadcast, and when the nonce is selected as the input value of the preset function, the first device simultaneously broadcasts the calculated codel and nonce, and selects the first network code codel of the previous round as the preset.
  • the first device simultaneously broadcasts the calculated codel and the number of rounds of the current broadcast.
  • the first device may broadcast only the calculated codel, or Broadcast codel and time, for example: The first device calculates the code and time through a preset function to obtain codel, and then broadcasts codel, or broadcasts codel and time; or
  • the first device obtains codel by using the code and the currently generated random value nonce through a preset function, and then broadcasts code 1 and nonce; or
  • the codel broadcasted by the first round of the first device is a result obtained by the at least one parameter of the code and the second set being operated by the preset function;
  • the device having the communication authority with the first device can obtain the original network code code of the first device from the server, and check the first network code code 1 broadcasted by the first device, thereby determining whether the first device is For the target device.
  • the method for identifying the device in the network uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device has the same
  • the right of communication of a device that is, the second device is a non-malicious attacker
  • the second device may obtain the original network code code of the first device from the server, and obtain the second operation code of the original network code through the same preset function.
  • the network code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby avoiding malicious attacking the device from the broadcast message.
  • the second device monitors the first network code code1 broadcasted by the first device, or listens to the first network code code1 broadcasted by the first device, and the broadcast time time of the first device, or listens to the first network code code1 broadcast by the first device.
  • the random value nonce, or the first network code code1 the broadcast time time and the nonce broadcasted by the first device, or the codel broadcasted by the first device and the current broadcast number count of the first device, or the monitoring station
  • the code1, the count, and the time of the first device broadcast, wherein the nonce broadcasted by the first device may be the same or different, and it should be noted that, in the embodiment of the present invention, each device in the network Instead of broadcasting its actual network code, that is, the original network code code, the original network code is converted by a certain function, and the obtained result is broadcasted. Therefore, the device in the network cannot obtain the original by listening to the broadcast message of the target device.
  • the original network code code of the first device the broadcast time time is used as the input value of the hash function, and the result of the operation is broadcasted as the first network code codel.
  • the hash function may be replaced by other functions;
  • the time time may or may not be broadcast with the first network code codel.
  • the second device uses the time when it receives the broadcast message as the broadcast time time.
  • the original network code code of the first device, the random value Nonce (ie, parameter) generated by the first device is used as an input value of the hash function, and the result of the operation is broadcast as the first network code code1;
  • the hash function can also be replaced by other functions.
  • the first device needs to broadcast the first network code codel and the random value Nonce;
  • the original network code code of the first device, the first network code code 1 broadcasted on the first device as the input value of the hash function, and the result of the operation is used as the broadcast message of the first round of the first device, that is, the current round
  • the first network code codel of course, the hash function can also be replaced by other functions.
  • the first device needs to broadcast the first network code codel and the number of rounds of the current broadcast;
  • the first network code code1 broadcasted by the previous round may be used as the input value of the hash function.
  • the result is the broadcast message of the first round of the first device, that is, the first network codel of the current round;
  • the original network code code of the first device, the first network code code 1 broadcasted on the first device, and the broadcast time time are used as input values of the hash function, and the obtained result is used as the broadcast message of the first round of the first device. That is, the first network code codel of this round, of course, the hash function can also be replaced by other functions.
  • the first device needs to broadcast the first network code codel and the first round of broadcast on the first device.
  • the first network code codel. Broadcast time can be broadcast or not broadcast;
  • the first device substitutes at least one parameter of the code and the first set into a preset function to obtain a codel, where the first set is equal to ⁇ the broadcast time of the first device, the random value nonce, and the first device Broadcast the first network code codel ⁇ ;
  • the nonce is selected to be substituted into the preset function
  • the first device simultaneously broadcasts the code1 and the nonce
  • the first network code code1 broadcasted by the first device is selected into the preset function
  • the first device simultaneously broadcasts codel and the number of rounds of the current broadcast.
  • the second device substitutes at least one parameter of the code and the first set into the preset function to perform operation to obtain code2.
  • the first device may perform the operation by substituting the code into the preset function to obtain the first network code codel.
  • At least one of the codel and the second set of the broadcast of the first device is substituted into a preset function to obtain the current broadcast codel;
  • the second device When the code1 that is monitored by the second device is not the broadcast message of the first round of the first device, the second device sends at least one of the codel and the second set of the round broadcast on the first device.
  • the parameter is substituted into the preset function to perform the operation to obtain code2.
  • the first device when the first device selects the random value nonce as the input value of the preset function, the first device simultaneously broadcasts the calculated code1 and the selected random value nonce; when the first device selects the first device to be used When the first network code code1 of the round broadcast is used as the input value of the preset function, the first device simultaneously broadcasts the calculated codel and the number of rounds of the current broadcast, so that the second device can know the codel of the previous round according to the count.
  • the first device selects the broadcast time time of the first device as the input value of the preset function, the first device may only broadcast codel or simultaneously broadcast codel and Time.
  • the method for identifying the device in the network uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device has the same
  • the right of communication of a device that is, the second device is a non-malicious attacker, the second device may obtain the original network code code of the first device from the server, and obtain the second operation code of the original network code through the same preset function.
  • the network code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby avoiding malicious attacking the device from the broadcast message. Obtaining the original network code code of the first device ensures the security of the first device.
  • Another embodiment of the present invention provides a method for identifying a device in a network, including:
  • the first device stores its original network code code in the server, and the server stores a white list, wherein the white list is a set of devices having communication authority with the first device, and the white list records Having a second device; or the whitelist is a set of devices having communication rights with the second device, and the first device is recorded in the whitelist;
  • the first device substitutes the code and the broadcast time time into a preset function to obtain a first network code code1, and broadcasts the code1, or broadcasts the code1 and the broadcast time time, so that the second device Computing the code obtained from the server and the time into the preset function to obtain a second network code code2, and comparing the code2 with the codel obtained by monitoring, when the two are the same,
  • the first device is the target device of the second device; or the first device substitutes the code and the random value nonce into a preset function to obtain a first network code code1, and broadcasts the codel and the a parameter, such that the second device substitutes the code obtained by the server and the parameter obtained by the monitoring into the preset function to obtain a second network code code2, and obtains the code2 and the intercepted
  • the codel compares, when the two are the same, the first device is a target device of the second device;
  • the first device substitutes the code and the codel broadcasted on the first device into a preset function to obtain a codel of the current device, and broadcasts the obtained codel and the number of broadcasts of the current round. And causing the second device to obtain a codel of the round broadcast on the first device according to the count, and substituting the code acquired from the server and the codel broadcasted on the first device into the pre- Let the operation in the function get the second network code code2, and pass the code2 and pass Comparing the obtained codel for comparison, when the two are the same, the first device is the target device of the second device;
  • the first device substitutes the code, the time, and the parameter into a preset function to obtain a first network code code1, and broadcasts the code1 and the parameter, so that the second device
  • the code obtained in the server, the time and the parameter obtained by the monitoring are substituted into the preset function to obtain a second network code code2, and the code2 is compared with the codel obtained by the monitoring, when the two are At the same time, the first device is the target device of the second device; or the first device substitutes the code, the time, and the codel broadcasted by the first device into the preset function.
  • the first device substitutes the codel of the previous round broadcast or the codel and the time broadcasted by the previous round into the preset function to obtain the codel of the first round of the first device, and broadcasts the obtained codel. And counting the number of broadcasts of the current round, so that the second device obtains the codel of the round broadcast on the first device according to the count, and substitutes the codel of the round broadcast on the first device into the preset function.
  • the operation is performed to obtain the second network code code2, and the code2 is compared with the coded obtained by the monitoring.
  • the first device is the target device of the second device.
  • the above preset function may be a hash function or other encryption algorithm
  • the first device may use its original network code code and broadcast time time as input values of the hash function, and the obtained result is broadcast as the first network code codel;
  • the first device may also use its original network code code and the generated random value nonce as the input value of the hash function, and the obtained result is broadcasted as the first network code codel, and broadcasts the current random value nonce;
  • the first device may also broadcast its own original network code code and the generated random value nonce, and the broadcast time time as an input value of the hash function, and the obtained result is broadcasted as the first network code code1, and the random value nonce is broadcasted;
  • the first device may also broadcast its own original network code code and the first network code codel broadcasted in the previous round, and the broadcast time time as an input value of the hash function, and the obtained result is broadcasted as the first network code code 1 and broadcasted.
  • the number of broadcasts in this round is count.
  • the first device is determined to be the first The target device of the second device, thereby avoiding that other devices in the whitelist that are not in the first device obtain the original network code code of the first device, and ensure network security of the first device.
  • An embodiment of the present invention further provides an apparatus for identifying a device in a network, including:
  • An obtaining module configured to obtain, from a server, an original network code of the first device
  • a monitoring module configured to monitor a first network code code1 broadcast by the first device, where the codel is a result obtained by the first device after the code of the first device is operated by a preset function;
  • a calculation module configured to substitute the code acquired by the obtaining module into the preset function to obtain a second network code C0 de2;
  • the determining module is configured to compare the code2 calculated by the calculating module with the code1 monitored by the monitoring module, and when the two are the same, determine that the first device is a target device.
  • the calculation module may be configured to perform the code2 by substituting the code acquired by the obtaining module and at least one parameter in the first set into the preset function, where the first set is equal to ⁇ the broadcast of the first device. Time time, random value nonce, first network code broadcast on the first device Codel ⁇ , wherein the nonce is broadcast by the first device.
  • the code1 broadcast by the first device is a result obtained by the code and at least one parameter in the first set being operated by the preset function.
  • the calculating module may be further configured to perform at least one parameter of the code and the second set into a preset function when the code1 monitored by the listening module is a message broadcast by the first device of the first device.
  • the operation obtains code2; when the codel monitored by the interception module is a message that the first device is not broadcast by the first round, at least one parameter of the first broadcast of the first device and the second set of the second set Substituting into the preset function to perform operation to obtain code2;
  • the second set is equal to ⁇ the broadcast time of the first device, the random value nonce ⁇ , and the nonce is broadcast by the first device.
  • the codel broadcasted by the first round of the first device is a result obtained by the at least one parameter of the code and the second set being operated by the preset function;
  • the codel of the first device that is not broadcast by the first round is a result obtained by the codel of the round broadcast on the first device and the at least one parameter of the second set being operated by the preset function.
  • the device for identifying a device in a network is configured as follows: an obtaining module 401, configured to acquire an original network code code of a first device from a server;
  • the monitoring module 402 is configured to monitor the first network code code1 broadcast by the first device, where the codel is a result obtained by the first device after the code of the first device is operated by a preset function;
  • the whitelist is stored in the server, where the whitelist is a set of devices having the communication authority with the first device, and the second device is recorded in the whitelist; or the whitelist is A set of devices having communication rights with the second device, and the first device is recorded in the whitelist.
  • the preset function used by the calculation module 403 is the same as the function used by the first device to calculate the first network code codel.
  • the first network code code1 broadcast by the first device is a result obtained by the code and the time being operated by the preset function;
  • the codel is a result obtained by the code and the nonce being operated by the preset function
  • the codel is a result obtained by the code, the time, and the nonce being processed by the preset function, and the like;

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Embodiments of the present invention provide a method and an apparatus for identifying a device in a network. The method comprises: performing preset function operation on an original network code of a first device to obtain a first network code code1 and broadcast the code1, recording a device capable of communicating with the first device or a device capable of communicating with a second device in a whitelist, and storing the whitelist and the original network code of the first device in a server, so that the second device can obtain the original network code of the first device from the server; and performing the same preset function operation on the original network code to obtain a second network code code2, comparing the second network code code2 and the first network code code1, and when the two are the same, determining that the first device is a target device of the second device, which prevents other devices that do not belong to the whitelist of the first device from obtaining the original network code of the first device, thereby ensuring the security of the first device.

Description

一种识别网络中设备的方法和装置 技术领域  Method and device for identifying devices in a network
本发明涉及通信技术领域, 具体涉及一种识别网络中设备的方法和装置。  The present invention relates to the field of communications technologies, and in particular, to a method and apparatus for identifying devices in a network.
背景技术 Background technique
现有技术中, UE ( User Equipment, 用户设备 )发现临近有 D2D ( Device to Device, 设备对设备 )能力的 UE的基本机制为: 网络为有 D2D能力的 UE 分配 D2D code, 该 UE通过广播自己的 D2D code来表明自己的存在, 临近想 要发现该 UE的其它 UE, 通过监听该 UE的 D2D code, 来发现目标 UE。  In the prior art, the basic mechanism for the UE (User Equipment) to discover the UE with the D2D (Device to Device) capability is: The network allocates the D2D code to the D2D-capable UE, and the UE broadcasts itself. The D2D code indicates its existence, and the other UEs that want to discover the UE are located, and the target UE is discovered by listening to the D2D code of the UE.
其中, D2D code可能是一组由固定长度的二进制码构成, 由运营商动态 分配。 如果 UE的 D2D code由 MME ( Mobility Management Entity, 移动管理 实体 )分配, 则 UE在该 MME范围内时, 该 D2D code可能一直不会改变。 或者, 如果 UE的 D2D code由 Proximity (近距离 )服务器分配, 该 D2D code 可能在较大范围较长时间内都不会改变, 攻击者可以通过跟踪监听到的 UE的 D2D code来跟踪 UE的轨迹, 或者获知 UE的位置信息, 这些都是 UE的隐私 信息, 需要受到保护。  Among them, the D2D code may be a set of fixed length binary codes, which are dynamically allocated by the operator. If the D2D code of the UE is allocated by the MME (Mobility Management Entity), the D2D code may not change until the UE is within the MME range. Alternatively, if the D2D code of the UE is allocated by the Proximity server, the D2D code may not change over a long period of time, and the attacker can track the trajectory of the UE by tracking the D2D code of the monitored UE. Or, to know the location information of the UE, these are the privacy information of the UE and need to be protected.
发明内容 Summary of the invention
本发明实施例提供一种识别网络中设备的方法和装置,以期防止攻击者通 过网络中设备广播的网络代码信息,获知设备的隐私信息,例如轨迹、位置等。  The embodiments of the present invention provide a method and a device for identifying devices in a network, so as to prevent an attacker from obtaining network information of a device in the network, such as a track, a location, and the like.
第一方面, 本发明实施例提供一种识别网络中设备的方法, 包括: 第二设备从服务器获取第一设备的原始网络代码 code;  The first aspect, the embodiment of the present invention provides a method for identifying a device in a network, including: acquiring, by a second device, an original network code code of the first device from a server;
所述第二设备监听所述第一设备广播的第一网络代码 codel , 其中, 所述 codel为所述第一设备将其 code经过预设函数运算后得到的结果;  The second device monitors the first network code code1 broadcasted by the first device, where the code1 is a result obtained by the first device after the code of the first device is calculated by a preset function;
所述第二设备将所述 code代入所述预设函数中进行运算得到第二网络代 码 code2;  The second device substitutes the code into the preset function to obtain a second network code code2;
将所述 code2和所述 codel进行比较, 若相同, 则所述第一设备为所述第二 设备的目标设备。  Comparing the code2 with the codel, if the same, the first device is a target device of the second device.
在第一种可能的实施方式中, 结合第一方面, 所述第二设备将所述 code 代入预设函数中进行运算得到第二网络代码 code2包括: 所述第二设备将所述 code和第一集合中至少一个参数代入所述预设函数 中进行运算得到 code2, 所述第一集合等于 {第一设备的广播时间 time、 随机值 nonce, 第一设备上轮广播的第一网络代码 codel } , 其中, 所述 nonce由所述第 一设备广播。 In a first possible implementation, in combination with the first aspect, the second device substitutes the code into a preset function to obtain a second network code code2, including: The second device substitutes at least one parameter of the code and the first set into the preset function to obtain code2, where the first set is equal to {the broadcast time of the first device, the random value nonce, the first The first network code codel } broadcasted by the device on the round, wherein the nonce is broadcast by the first device.
在第二种可能的实施方式中, 结合第一方面的第一种可能的实施方式, 所述第一设备广播的 codel为所述 code和所述第一集合中至少一个参数经 过所述预设函数运算后得到的结果。  In a second possible implementation manner, in combination with the first possible implementation manner of the first aspect, the code1 broadcast by the first device is that the code and at least one parameter in the first set pass the preset The result of the function operation.
在第三种可能的实施方式中, 结合第一方面, 所述第二设备将所述 code 代入预设函数中进行运算得到第二网络代码 code2包括:  In a third possible implementation, in combination with the first aspect, the second device substitutes the code into a preset function to obtain a second network code code2, including:
所述第二设备判断监听到的 codel是否为所述第一设备第一轮广播的消 息, 若是, 则将所述 code和第二集合中至少一个参数代入预设函数中进行运算 得到 code2, 若否, 则将所述第一设备上一轮广播的 codel和所述第二集合中至 少一个参数代入预设函数中进行运算得到 code2;  Determining, by the second device, whether the monitored code1 is a message broadcast by the first device in the first round, and if yes, substituting at least one parameter of the code and the second set into a preset function to obtain a code2, if No, the codel of the first round of broadcasting on the first device and at least one parameter of the second set are substituted into a preset function to obtain a code2;
其中, 所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce } , 所 述 nonce由所述第一设备广播。  The second set is equal to {the broadcast time of the first device, the random value nonce }, and the nonce is broadcast by the first device.
在第四种可能的实施方式中, 结合第一方面的第三种可能的实施方式, 所 述第一设备第一轮广播的 codel为所述 code和第二集合中至少一个参数经过所 述预设函数运算后得到的结果;  In a fourth possible implementation, in combination with the third possible implementation manner of the first aspect, the code1 of the first round broadcast of the first device is that the at least one parameter in the code and the second set passes the pre- Set the result obtained after the function operation;
所述第一设备非第一轮广播的 codel为所述第一设备上一轮广播的 codel 和第二集合中至少一个参数经过所述预设函数运算后得到的结果。  The codel of the first device that is not broadcast by the first round is a result obtained by the codel of the round broadcast on the first device and the at least one parameter of the second set being operated by the preset function.
第二方面, 本发明实施例提供另一种识别网络中设备的方法, 包括: 第一设备将自身的原始网络代码 code存储于服务器中 ;  In a second aspect, the embodiment of the present invention provides another method for identifying a device in a network, including: the first device storing its original network code code in a server;
所述第一设备将所述 code代入预设函数中进行运算得到第一网络代码 codel同时广播所述 codel , 使得所述第二设备将从服务器获取的 code代入所述 预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监得到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标设备。  The first device substitutes the code into a preset function to obtain a first network code code1 and simultaneously broadcasts the codel, so that the second device substitutes the code acquired by the server into the preset function to perform operation. The second network code code2 compares the code2 with the coded obtained by the monitoring. When the two are the same, the first device is the target device of the second device.
在第一种可能的实施方式中, 结合第二方面, 所述第一设备将所述 code 代入预设函数中进行运算得到第一网络代码 codel包括:  In a first possible implementation, in combination with the second aspect, the first device substitutes the code into a preset function to obtain a first network code codel, including:
所述第一设备将所述 code和第一集合中至少一个参数代入预设函数中进 行运算得到 codel ,所述第一集合等于 {第一设备的广播时间 time、随机值 nonce、 第一设备上轮广播的第一网络代码 codel }; The first device substitutes at least one parameter of the code and the first set into a preset function The row operation is coded, and the first set is equal to {the broadcast time of the first device, the random value nonce, the first network code codel } broadcasted by the first device;
当选择将所述 nonce代入预设函数中时, 所述第一设备同时广播 codel和所 述 nonce; 当选择将第一设备上轮广播的第一网络代码 codel代入预设函数中 时, 所述第一设备同时广播 codel和本次广播轮数 count。  When the nonce is selected to be substituted into the preset function, the first device simultaneously broadcasts the code1 and the nonce; when the first network code code1 broadcasted by the first device is selected into the preset function, The first device simultaneously broadcasts codel and the number of rounds of the current broadcast.
在第二种可能的实施方式中, 结合第二方面的第一种可能实施方式, 当选 择将所述 time代入预设函数中时, 所述第一设备同时广播所述 codel和所述 time。  In a second possible implementation manner, in combination with the first possible implementation manner of the second aspect, when the time is selected to be substituted into the preset function, the first device simultaneously broadcasts the code1 and the time.
在第三种可能的实施方式中, 结合第二方面的第一种可能实施方式, 所述 代码 code2包括:  In a third possible implementation manner, in combination with the first possible implementation manner of the second aspect, the code code2 includes:
所述第二设备将所述 code和第一集合中至少一个参数代入所述预设函数 中进行运算得到 code2。  The second device substitutes at least one parameter of the code and the first set into the preset function to perform operation to obtain code2.
在第四种可能的实施方式中, 结合第二方面, 所述第一设备将所述 code 代入预设函数中进行运算得到第一网络代码 codel包括:  In a fourth possible implementation, in combination with the second aspect, the first device, by substituting the code into a preset function, to obtain the first network code code1 includes:
所述第一设备第一轮广播时,将所述 code和第二集合中至少一个参数代入 预设函数中进行运算得到本轮广播的 codel ;  When the first device broadcasts in the first round, at least one parameter of the code and the second set is substituted into a preset function to obtain a codel of the current round broadcast;
所述第一设备非第一轮广播时, 将所述第一设备上一轮广播的 codel和第 二集合中至少一个参数代入预设函数中进行运算得到本轮广播 codel;  When the first device is not in the first round of broadcasting, at least one of the codel and the second set of the broadcast of the first device is substituted into a preset function to obtain the current broadcast codel;
其中, 所述第二所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce }。  The second set of the second set is equal to {the broadcast time of the first device, the random value nonce }.
在第五种可能的实施方式中, 结合第二方面的第四种可能的实施方式, 所 络代码 code2包括:  In a fifth possible implementation manner, in combination with the fourth possible implementation manner of the second aspect, the network code code2 includes:
当所述第二设备监听到的所述的 codel为所述第一设备第一轮广播的消息 时,所述第二设备将所述 code和第二集合中至少一个参数代入预设函数中进行 运算得到 code2;  When the code1 monitored by the second device is a message broadcast by the first device in the first round, the second device substitutes at least one parameter of the code and the second set into a preset function. The operation gets code2;
当所述第二设备监听到的所述 codel非所述第一设备第一轮的广播消息 时, 所述第二设备将所述第一设备上一轮广播的 codel和第二集合中至少一个 参数代入预设函数中进行运算得到 code2。 When the code1 that is monitored by the second device is not the broadcast message of the first round of the first device, the second device sends at least one of the codel and the second set of the round broadcast on the first device. The parameter is substituted into the preset function to perform the operation to obtain code2.
在第五种可能的实施方式中, 所述服务器中还存储有白名单, 其中, 所述 白名单为具有与所述第一设备通信权限的设备的集合,并且所述白名单中记录 有第二设备;或者所述白名单为具有与所述第二设备进行通信权限的设备的集 合, 并且所述第一设备记录于所述白名单。  In a fifth possible implementation, the server further includes a whitelist, where the whitelist is a set of devices having communication rights with the first device, and the whitelist records And the whitelist is a set of devices having communication authority with the second device, and the first device is recorded in the whitelist.
需要说明是,本发明实施例提供的识别网络中设备的方法可应用于 D2D网 络中; 所述服务器可以为 MME服务器或者 Proximity服务器; 所述预设函数可 以为哈希函数。  It should be noted that the method for identifying a device in a network provided by the embodiment of the present invention may be applied to a D2D network; the server may be an MME server or a Proximity server; and the preset function may be a hash function.
第三方面, 本发明实施例还提供一种识别网络中设备的装置, 包括: 获取模块, 用于从服务器获取第一设备的原始网络代码 code;  The third aspect, the embodiment of the present invention further provides an apparatus for identifying a device in a network, including: an acquiring module, configured to acquire an original network code code of the first device from a server;
监听模块, 用于监听所述第一设备广播的第一网络代码 codel , 其中, 所 述 codel为所述第一设备将其 code经过预设函数运算后得到的结果;  a monitoring module, configured to monitor a first network code code1 broadcast by the first device, where the codel is a result obtained by the first device after the code of the first device is operated by a preset function;
计算模块,用于将所述获取模块获取的 code代入所述预设函数中进行运算 得到第二网络代码 C0de2; a calculation module, configured to substitute the code acquired by the obtaining module into the preset function to obtain a second network code C0 de2;
判断模块, 用于将所述计算模块计算得到的 code2和所述监听模块监听到 的 codel进行比较, 当两者相同时, 则确定所述第一设备为目标设备。  The determining module is configured to compare the code2 calculated by the calculating module with the code1 monitored by the monitoring module, and when the two are the same, determine that the first device is a target device.
在第一种可能的实施方式中,结合第三方面,所述服务器中存储有白名单, 所述白名单为具有与所述第一设备通信权限的设备的集合,并且所述识别网络 中设备的装置所属的设备记录于所述白名单; 或者, 所述白名单为具有与所述 识别网络中设备的装置所属的设备进行通信权限的设备的集合,并且所述第一 设备记录于所述白名单中。  In a first possible implementation, in combination with the third aspect, the server stores a whitelist, where the whitelist is a set of devices having communication rights with the first device, and the device in the identifying network The device to which the device belongs is recorded in the white list; or the white list is a set of devices having communication authority with the device to which the device of the device in the network is identified, and the first device is recorded in the In the white list.
由上可见,发明实施例提供的识别网络中设备的方法采用将第一设备的原 始网络代码 code经过预设函数运算得到第一网络代码 codel后进行广播, 因 此, 若第二设备与第一设备之间可以通信, 即第二设备为非恶意攻击者, 则第 二设备可以从服务器获得第一设备的原始网络代码 code, 并将该原始网络代 码 code经过同样的预设函数运算得到第二网络代码 code2,最后将第二网络代 码 code2和第一网络代码 codel进行比较, 当两者相同时, 即可以确定第一设 备为第二设备的目标设备,从而避免了恶意攻击设备从广播消息中获得第一设 备的原始网络代码 code, 保证了第一设备的安全。 附图说明 It can be seen that the method for identifying the device in the network provided by the embodiment of the present invention uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device and the first device If the second device is a non-malicious attacker, the second device may obtain the original network code code of the first device from the server, and obtain the second network through the same preset function operation. The code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby preventing the malicious attack device from obtaining the broadcast message. The original network code code of the first device ensures the security of the first device. DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施 例或现有技术描述中所需要使用的附图作筒单地介绍,显而易见地, 下面描述 中的附图仅仅是本发明的一些实施例,对于本领域技术人员来讲,在不付出创 造性劳动的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description It is only some embodiments of the present invention, and those skilled in the art can obtain other drawings according to these drawings without any creative work.
图 1是本发明实施例提供识别网络中设备的方法的流程示意图;  1 is a schematic flowchart of a method for identifying a device in a network according to an embodiment of the present invention;
图 2是本发明实施例提供的另一种识别网络中设备的方法流程示意图; 图 3是本发明实施例提供的一种计算第一网络代码方法的示意图; 图 4是本发明实施例提供的另一种计算第一网络代码方法的示意图; 图 5是本发明实施例提供的另一种计算第一网络代码方法的示意图; 图 6是本发明实施例提供的另一种识别网络中设备的方法流程示意图; 图 7是本发明实施例提供的一种识别网络中设备的装置的结构示意图。  2 is a schematic flowchart of another method for identifying a device in a network according to an embodiment of the present invention; FIG. 3 is a schematic diagram of a method for calculating a first network code according to an embodiment of the present invention; FIG. 5 is a schematic diagram of another method for calculating a first network code according to an embodiment of the present invention; FIG. 6 is another schematic diagram of a device for identifying a network in an embodiment of the present invention; FIG. 7 is a schematic structural diagram of an apparatus for identifying a device in a network according to an embodiment of the present invention.
具体实施方式 detailed description
本发明实施例提供一种识别网络中设备的方法和装置,以防止攻击者通过 网络中设备广播的网络代码信息, 获知设备的隐私信息, 例如轨迹、 位置等。  Embodiments of the present invention provide a method and apparatus for identifying devices in a network, so as to prevent an attacker from obtaining network information of a device, such as a track, a location, and the like, through network code information broadcast by devices in the network.
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清 楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实施例, 而不是 全部的实施例。基于本发明中的实施例, 本领域技术人员在没有作出创造性劳 动前提下所获得的所有其他实施例, 都属于本发明保护的范围。 本发明实施例提供一种识别网络中设备的方法, 包括:  BRIEF DESCRIPTION OF THE DRAWINGS The technical solutions in the embodiments of the present invention will be described in detail below with reference to the accompanying drawings. All other embodiments obtained by a person skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention. An embodiment of the present invention provides a method for identifying a device in a network, including:
第二设备从服务器获取第一设备的原始网络代码 code;  The second device obtains the original network code of the first device from the server;
所述第二设备监听所述第一设备广播的第一网络代码 codel , 其中, 所述 codel为所述第一设备将其 code经过预设函数运算后得到的结果;  The second device monitors the first network code code1 broadcasted by the first device, where the code1 is a result obtained by the first device after the code of the first device is calculated by a preset function;
所述第二设备将所述 code代入所述预设函数中进行运算得到第二网络代 码 code2;  The second device substitutes the code into the preset function to obtain a second network code code2;
将所述 code2和所述 codel进行比较, 若相同, 则所述第一设备为所述第二 设备的目标设备。  Comparing the code2 with the codel, if the same, the first device is a target device of the second device.
需要说明的是,本发明实施例提供的识别网络中设备的方法可以应用于设 备对设备( Device to Decice , 筒称 D2D ) 网络中, D2D网络中每个设备有一个 预先分配的用于区别其它设备的原始网络代码 code;若第二设备为可以与第一 设备通信的设备, 即具有获取第一设备的 code权限, 则第二设备可以从服务器 中获得第一设备的 code, 若第二设备为恶意攻击者, 则其无法从服务器中获得 第一设备的 code , 也无法从第一设备的广播消息中获得第一设备的 code; It should be noted that the method for identifying devices in a network provided by the embodiments of the present invention may be applied to a device to device (D2D) network, and each device in the D2D network has one. a pre-allocated original network code code for distinguishing other devices; if the second device is a device that can communicate with the first device, that is, has the code permission to acquire the first device, the second device can obtain the first device from the server Code, if the second device is a malicious attacker, it cannot obtain the code of the first device from the server, nor can obtain the code of the first device from the broadcast message of the first device;
本发明实施例中, 网络中的设备都有监听广播的能力, 因此对于第一设备 广播的第一网络代码 codel , 其它的设备都能够获得。  In the embodiment of the present invention, the devices in the network have the capability of listening to the broadcast, so that the first network code code1 broadcasted by the first device can be obtained by other devices.
上述服务器可以为 MME服务器或者 Proximity服务器;  The above server may be an MME server or a Proximity server;
参见图 1所示, 本实施例提供的识别网络中设备的方法具体流程如下: S 101、 第二设备从服务器获取第一设备的原始网络代码 code;  Referring to FIG. 1 , the specific process of the method for identifying a device in a network provided by this embodiment is as follows: S 101. The second device acquires an original network code code of the first device from the server.
S102、 第二设备监听第一设备广播的第一网络代码 codel , 其中, codel 为第一设备将其 code经过预设函数运算后得到的结果;  S102: The second device monitors the first network code code1 broadcasted by the first device, where codel is a result obtained by the first device after the code is subjected to a preset function.
S 103、第二设备将获取的 code代入同样的预设函数中进行运算得到第二网 络代码 code2;  S 103, the second device substitutes the obtained code into the same preset function to obtain a second network code code2;
S104、 第二设备将 code2和 odel进行比较, 若相同, 则第一设备为第二设 备的目标设备。  S104. The second device compares code2 and odel. If they are the same, the first device is the target device of the second device.
在本发明实施例中,第一设备可以将 code和第一集合中至少一个参数经过 预设函数运算得到 code , 第一集合等于 {第一设备的广播时间 time、 随机值 nonce、 第一设备上轮广播的第一网络代码 codel } , 并且当选择 nonce作为预设 函数的输入值时, 第一设备同时广播计算得到的 codel和 nonce, 当选择上一轮 广播的第一网络代码 codel作为预设函数的输入值时, 第一设备同时广播计算 得到的 codel和本次广播轮数 count, 当选择广播时间 time作为预设函数的输入 值时, 第一设备可以只广播计算得到的 codel , 也可以广播 codel和 time, 例如: 第一设备将 code和 time经过预设函数运算得到 codel , 然后广播 codel , 或 者广播 codel和 time; 或者,  In the embodiment of the present invention, the first device may perform at least one parameter in the code and the first set to obtain a code by using a preset function, where the first set is equal to {the broadcast time of the first device, the random value nonce, and the first device. The first network code codel } of the round broadcast, and when the nonce is selected as the input value of the preset function, the first device simultaneously broadcasts the calculated codel and nonce, and selects the first network code codel of the previous round as the preset. When the input value of the function is used, the first device simultaneously broadcasts the calculated codel and the number of rounds of the current broadcast. When the broadcast time is selected as the input value of the preset function, the first device may broadcast only the calculated codel, or Broadcast codel and time, for example: The first device calculates the code and time through a preset function to obtain codel, and then broadcasts codel, or broadcasts codel and time; or
第一设备将 code和当前产生的随机值 nonce经过预设函数运算得到 codel , 然后广播 code 1和 nonce; 或者,  The first device obtains codel by using the code and the currently generated random value nonce through a preset function, and then broadcasts code 1 and nonce; or
第一设备将 code、 time和 nonce经过预设函数运算得到 codel , 然后广播 codel和 nonce, 或广播 codel、 time和 nonce; 或者,  The first device calculates codel, time, and nonce through a preset function, and then broadcasts codel and nonce, or broadcasts codel, time, and nonce; or,
第一设备将 code和第一设备上一轮广播的 codel经过预设函数运算得到 codel , 然后广播 codel和本轮广播次数 count; 或者, The first device calculates the code and the codel broadcasted on the first device by a preset function. Codel , then broadcast codel and the number of rounds of this round broadcast; or,
第一设备将 code、 time和第一设备上一轮广播的 codel经过预设函数运算得 到 codel , 然后广播 codel和本轮广播次数 count, 或者广播 codel、 count和 time 等等;  The first device calculates code, time, and codel of the first round of broadcast on the first device to obtain codel through a preset function, and then broadcasts codel and the number of broadcasts of the current round, or broadcasts codel, count, and time, and the like;
相应的, 当第二设备为具有与第一设备通信权限的设备, 则第二设备可以 从服务器获得第一设备的 code, 并将 code和第一集合中至少一个参数代入相同 的预设函数中进行运算得到 code2, 需要说明的是, 当第一设备广播的 codel为 code和 time经过预设函数运算得到的结果时, 第二设备采用将获得的 code和 time代入预设函数运算得到 code2; 当第一设备广播的 codel为 code和随机值 nonce经过预设函数运算得到的结果时, 第二设备采用将获得的 code和监听到 的 nonce经过预设函数运算得到 code2等等。  Correspondingly, when the second device is a device having communication authority with the first device, the second device may obtain the code of the first device from the server, and substitute at least one parameter in the code and the first set into the same preset function. Performing the operation to obtain code2, it should be noted that when the codel broadcasted by the first device is the result of the code and time being calculated by the preset function, the second device uses the obtained code and time into the preset function operation to obtain the code2; When the code1 broadcasted by the first device is the result of the code and the random value nonce subjected to the preset function operation, the second device uses the obtained code and the monitored nonce to obtain the code2 through the preset function operation and the like.
在本发明实施例中, 第一设备也可以进一步判断监听到的 codel是否为第 一设备第一轮广播的消息, 若是, 则第二设备将 code和第二集合中至少一个参 数代入预设函数中进行运算得到 code2 , 若否, 则将第一设备上一轮广播的 codel和所述第二集合中至少一个参数代入预设函数中进行运算得到 code2; 其中, 所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce } , 所 述 nonce由所述第一设备广播。  In the embodiment of the present invention, the first device may further determine whether the monitored code1 is a message broadcast by the first device in the first round, and if yes, the second device substitutes at least one parameter in the code and the second set into a preset function. Performing an operation to obtain code2, and if not, substituting at least one parameter of the first round of broadcasting on the first device and at least one parameter of the second set into a preset function to obtain code2; wherein, the second set is equal to { A broadcast time of a device, a random value of nonce }, the nonce being broadcast by the first device.
相应的, 第一设备第一轮广播的 codel为所述 code和第二集合中至少一个 参数经过所述预设函数运算后得到的结果;  Correspondingly, the codel broadcasted by the first round of the first device is a result obtained by the at least one parameter of the code and the second set being operated by the preset function;
第一设备非第一轮广播的 codel为所述第一设备上一轮广播的 codel和第 二集合中至少一个参数经过所述预设函数运算后得到的结果,同时广播本次计 算得到的 codel和本次广播轮数 count。  The codel of the first device that is not the first round of broadcast is the result obtained by the at least one parameter of the first round of the broadcast of the codel and the second set of the first device after the operation of the preset function, and simultaneously broadcasts the codel obtained by the current calculation. And the number of rounds of this broadcast.
进一步的,本发明实施例中 D2D网络中的设备可以都包含一个自己的白名 单, 并存储于服务器当中, 该白名单记录了所有可以获取该设备的原始网络代 码 code的设备, 即可以与该设备建立连接和通信的设备, 或者记录了本设备可 以获取原始网络代码 code的设备的集合, 即本设备可以与哪些设备进行通信; 本发明实施例中,所述服务器中的白名单为具有与所述第一设备通信权限 的设备的集合, 并且所述第二设备记录于所述白名单; 或者, 所述白名单为具 有与所述第二设备通信权限的设备的集合,并且所述第一设备记录于所述白名 单; 其中, 第一设备为主动广播原始网络代码的设备, 第二设备为需获取其它 设备的原始网络代码的设备。 Further, the devices in the D2D network in the embodiment of the present invention may all include a whitelist of their own and are stored in the server, and the whitelist records all devices that can obtain the original network code code of the device, that is, the device can The device establishes a connection and communication device, or records a collection of devices that the device can obtain the original network code code, that is, which device the device can communicate with; in the embodiment of the present invention, the white list in the server has a set of devices of the first device communication authority, and the second device is recorded in the white list; or the white list is a set of devices having communication rights with the second device, and the a device recorded in the white name The first device is a device that actively broadcasts the original network code, and the second device is a device that needs to obtain the original network code of the other device.
若第二设备包含于第一设备的白名单中,或第一设备包含于第二设备的白 名单中, 则第二设备可以从服务器中获取第一设备的原始网络代码 code; 第二 设备将从服务器获得的第一设备的原始网络代码 code经过预设函数运算后得 到第二网络代码 C0de2; If the second device is included in the whitelist of the first device, or the first device is included in the whitelist of the second device, the second device may obtain the original network code code of the first device from the server; The original network code code of the first device obtained from the server is subjected to a preset function operation to obtain a second network code C0 de2;
然后第二设备将得到的第二网络代码 code2和监听得到的第一网络代码 codel进行比较, 由于第二设备计算 code2运用的函数和第一设备计算 codel运 用的函数是一致的, 若第二设备获取的第一设备的原始网络代码是真实的, 则 code2和 codel—致, 因此通过判断第二网络代码 code2和第一网络代码 codel是 否相同, 则可确定第一设备是否为第二设备要寻找的目标设备。  Then the second device compares the obtained second network code code2 with the intercepted first network code codel, because the function used by the second device to calculate code2 is consistent with the function used by the first device to calculate codel, if the second device The obtained original network code of the first device is real, then code2 and codel are consistent, so by determining whether the second network code code2 and the first network code codel are the same, it can be determined whether the first device is the second device to be found. Target device.
由于第一设备并不广播代表其实际网络代码的原始网络代码 code ,而是广 播原始网络代码 code经过转换后的第一网络代码 codel , 即实际的网络代码被 掩藏起来, 所以虽然其它攻击者能监听第一设备的广播消息,但不能通过监听 得到其实际的网络代码, 而由于攻击者并不具有与第一设备通信的权限, 因此 攻击者也不能从服务器中获得第一设备的实际网络代码。而具有与第一设备通 信权限的设备由于能从服务器中获取第一设备的原始网络代码 code,并通过对 第一设备广播的第一网络代码 code 1进行校验, 从而可以确定第一设备是否为 目标设备。  Since the first device does not broadcast the original network code code representing its actual network code, but broadcasts the converted first network code codel of the original network code code, that is, the actual network code is hidden, so although other attackers can Listening to the broadcast message of the first device, but not obtaining the actual network code through the interception, and since the attacker does not have the right to communicate with the first device, the attacker cannot obtain the actual network code of the first device from the server. . The device having the communication authority with the first device can obtain the original network code code of the first device from the server, and check the first network code code 1 broadcasted by the first device, thereby determining whether the first device is For the target device.
由上可见,本发明实施例提供的识别网络中设备的方法采用将第一设备的 原始网络代码 code经过预设函数运算得到第一网络代码 codel后进行广播, 因 此, 若第二设备具有与第一设备通信的权限, 即第二设备为非恶意攻击者, 则 第二设备可以从服务器获得第一设备的原始网络代码 code ,并将该原始网络代 码 code经过同样的预设函数运算得到第二网络代码 code2, 最后将第二网络代 码 code2和第一网络代码 codel进行比较, 当两者相同时, 即可以确定第一设备 为第二设备的目标设备,从而避免了恶意攻击设备从广播消息中获得第一设备 的原始网络代码 code, 保证了第一设备的安全。 本发明实施例还提供一种识别网络中设备的方法, 参见图 2所示, 包括: S201、 第二设备从服务器获取第一设备的原始网络代码 code; 其中, 所述 服务器中存储有白名单, 该白名单为具有与第一设备通信权限的设备的集合, 并且第二设备记录于该白名单中;或该白名单为具有与第二设备通信权限的设 备的集合, 并且所述第一设备记录于该白名单中; It can be seen that the method for identifying the device in the network provided by the embodiment of the present invention uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device has the same The right of communication of a device, that is, the second device is a non-malicious attacker, the second device may obtain the original network code code of the first device from the server, and obtain the second operation code of the original network code through the same preset function. The network code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby avoiding malicious attacking the device from the broadcast message. Obtaining the original network code code of the first device ensures the security of the first device. The embodiment of the present invention further provides a method for identifying a device in a network. As shown in FIG. 2, the method includes: S201: A second device acquires an original network code code of a first device from a server; A whitelist is stored in the server, the whitelist is a set of devices having communication rights with the first device, and the second device is recorded in the whitelist; or the whitelist is a set of devices having communication rights with the second device And the first device is recorded in the white list;
后续以白名单为具有与第一设备通信权限的设备的集合为例进行说明。 每个设备具有获得其它设备广播消息的能力,并且每个设备都有一个允许与自 己进行通信的设备的集合,存储于白名单中, 当第二设备属于第一设备的白名 单中时, 第二设备可以从服务器中获得第一设备的原始网络代码 code。  The subsequent whitelist is used as an example of a set of devices having communication authority with the first device. Each device has the ability to obtain broadcast messages from other devices, and each device has a set of devices that allow communication with itself, stored in a whitelist, when the second device belongs to the whitelist of the first device, The second device can obtain the original network code code of the first device from the server.
S202、 第二设备监听第一设备广播的第一网络代码 codel , 或者监听第一 设备广播的第一网络代码 codel和第一设备的广播时间 time, 或者监听第一设 备广播的第一网络代码 codel和随机值 nonce , 或者监听第一设备广播的第一网 络代码 codel、 广播时间 time和 nonce, 或者监听所述第一设备广播的 codel和所 述第一设备的本轮广播次数 count, 或者监听所述第一设备广播的 codel、 所述 count和 time, 其中, 第一设备每轮广播的 nonce可以相同, 也可以不相同; 需要说明的是,在本发明实施例中, 网络中的每个设备并不广播其实际的 网络代码, 即原始网络代码 code, 而是将原始网络代码经过一定的函数转化, 将得到的结果进行广播,因此网络中的设备不能通过监听目标设备的广播消息 得到其原始网络代码 code;  S202. The second device monitors the first network code code1 broadcasted by the first device, or listens to the first network code code1 broadcasted by the first device, and the broadcast time time of the first device, or listens to the first network code code1 broadcast by the first device. And the random value nonce, or the first network code code1, the broadcast time time and the nonce broadcasted by the first device, or the codel broadcasted by the first device and the current broadcast number count of the first device, or the monitoring station The code1, the count, and the time of the first device broadcast, wherein the nonce broadcasted by the first device may be the same or different, and it should be noted that, in the embodiment of the present invention, each device in the network Instead of broadcasting its actual network code, that is, the original network code code, the original network code is converted by a certain function, and the obtained result is broadcasted. Therefore, the device in the network cannot obtain the original by listening to the broadcast message of the target device. Network code
在本发明实施例中, 第一设备广播的第一网络代码 codel可以通过以下几 种方法获得:  In the embodiment of the present invention, the first network code code1 broadcast by the first device can be obtained by the following methods:
方法一, 参见图 3所示:  Method one, see Figure 3:
将第一设备的原始网络代码 code、 广播时间 time作为哈希函数的输入值, 运算得到的结果作为第一网络代码 codel进行广播, 当然, 其中的哈希函数也 可以用其它的函数代替; 广播时间 time可以随第一网络代码 codel进行广播, 也可以不进行广播。 不广播当前广播时间 time时, 第二设备将其收到广播消息 的时间作为广播时间 time。  The original network code code of the first device, the broadcast time time is used as the input value of the hash function, and the result of the operation is broadcasted as the first network code codel. Of course, the hash function may be replaced by other functions; The time time may or may not be broadcast with the first network code codel. When the current broadcast time time is not broadcast, the second device uses the time when it receives the broadcast message as the broadcast time time.
方法二, 参见图 3所示:  Method 2, see Figure 3:
将第一设备的原始网络代码 code、第一设备生成的随机值 Nonce (即参数) 作为哈希函数的输入值, 运算得到的结果作为第一网络代码 codel进行广播; 其中的哈希函数也可以用其它的函数代替。运用此种方法时, 第一设备需要广 播第一网络代码 codel和随机值 Nonce; The original network code code of the first device, the random value Nonce (ie, parameter) generated by the first device is used as an input value of the hash function, and the result of the operation is broadcast as the first network code code1; The hash function can also be replaced by other functions. When using this method, the first device needs to broadcast the first network code codel and the random value Nonce;
方法三, 参见图 4所示:  Method three, see Figure 4:
将第一设备的原始网络代码 code、 第一设备上一轮广播的第一网络代码 code 1作为哈希函数的输入值,运算得到的结果作为第一设备本轮的广播消息, 即本轮的第一网络代码 codel , 当然, 其中的哈希函数也可以用其它的函数代 替, 运用此种方法时, 第一设备需要广播第一网络代码 codel和本次广播的轮 数 count值;  The original network code code of the first device, the first network code code 1 broadcasted on the first device as the input value of the hash function, and the result of the operation is used as the broadcast message of the first round of the first device, that is, the current round The first network code codel, of course, the hash function can also be replaced by other functions. When using this method, the first device needs to broadcast the first network code codel and the number of rounds of the current broadcast;
进一步的, 除第一轮广播中以原始网络代码 code作为哈希函数的输入值 外, 后续的广播中, 可以以上一轮广播的第一网络代码 codel作为哈希函数的 输入值, 运算得到的结果作为第一设备本轮的广播消息, 即本轮的第一网络 codel ;  Further, in addition to the input value of the original network code code as the hash function in the first round of broadcasting, in the subsequent broadcast, the first network code code1 broadcasted by the previous round may be used as the input value of the hash function. The result is the broadcast message of the first round of the first device, that is, the first network codel of the current round;
方法四, 参见图 5所示:  Method four, see Figure 5:
将第一设备的原始网络代码 code、 第一设备上一轮广播的第一网络代码 code 1以及广播时间 time作为哈希函数的输入值, 运算得到的结果作为第一设 备本轮的广播消息, 即本轮的第一网络代码 codel , 当然, 其中的哈希函数也 可以用其它的函数代替, 运用此种方法时, 第一设备需要广播第一网络代码 codel和以及第一设备上一轮广播的第一网络代码 codel。 广播时间 time可以进 行广播也可以不进行广播;  The original network code code of the first device, the first network code code 1 broadcasted on the first device, and the broadcast time time are used as input values of the hash function, and the obtained result is used as the broadcast message of the first round of the first device. That is, the first network code codel of this round, of course, the hash function can also be replaced by other functions. When using this method, the first device needs to broadcast the first network code codel and the first round of broadcast on the first device. The first network code codel. Broadcast time can be broadcast or not broadcast;
进一步的, 除第一轮广播以原始网络代码 code和广播时间 time作为哈希函 数的输入值外, 在后续的, 后续的广播中, 可以以上一轮广播的第一网络代码 codel和广播时间 time作为哈希函数的输入值, 运算得到的结果作为第一设备 本轮的广播消息, 即本轮的第一网络 codel。  Further, in addition to the first round of broadcasting, the original network code code and the broadcast time time are used as the input values of the hash function, and in the subsequent, subsequent broadcasts, the first network code codel and the broadcast time time that can be broadcasted in the previous round. As the input value of the hash function, the result of the operation is used as the broadcast message of the current round of the first device, that is, the first network code1 of the current round.
需要说明的是,还可以采用其它各种变形的运算方法, 只需将第一设备的 原始网络代码 code隐藏起来即可。 如上述方法三或方法四中, code只参与第一 轮 codel的运算, 不参与后续轮次 codel的运算, 参考图 3、 图 4中去除虚线部分 的描述。  It should be noted that other various deformation calculation methods can also be used, and only the original network code code of the first device can be hidden. As in method 3 or method 4 above, code only participates in the operation of the first round of codel, and does not participate in the operation of the subsequent round of codel. Refer to the description of the dotted line in Fig. 3 and Fig. 4.
S203、 第二设备将获得的原始网络代码 code和广播时间 time, 或者将所述 code和所述参数, 或者将所述 code和第一设备上一轮广播的 codel , 或者将所 述 code、 所述 time和所述参数, 或者将第一设备上一轮广播的 codel , 或者将第 一设备上一轮广播的 codel和广播时间 time代入预设函数中进行运算得到第二 网络代码 code2; S203. The original network code code and the broadcast time time that the second device will obtain, or the code and the parameter, or the codel that is broadcast on the code and the first device, or The code, the time and the parameter, or the codel broadcasted on the first device, or the codel and the broadcast time of the first round of the first device are substituted into the preset function to obtain the second network code. Code2;
其中, 步骤 S203中运用的预设函数与第一设备计算第一网络代码 codel所 运用的函数相同。  The preset function used in step S203 is the same as the function used by the first device to calculate the first network code codel.
S204、 将获得的第二网络代码 code2和第一网络代码 codel进行比较, 当 code2等于 codel时, 则确定第一设备为第二设备的目标设备。  S204. Compare the obtained second network code code2 with the first network code codel. When code2 is equal to codel, determine that the first device is the target device of the second device.
由上可见,本发明实施例提供的识别网络中设备的方法采用对网络中的每 个设备设置一个白名单,只有白名单中记录的设备才可以从服务器获得该设备 的原始网络代码,从而与该设备进行连接和通信, 并且每个设备都不广播其真 实的网络代码, 即原始网络代码, 而是广播原始网络代码的变型形式, 即第一 网络代码 codel , 从而将原始网络代码隐藏起来, 白名单中的设备可以从服务 器获取目标设备的原始网络代码, 并将原始网络代码进行相同的变形, 然后将 所得结果与监听到的第一网络代码 codel进行比较, 当两者相同时, 则可以确 的第一网络代码也不是实际网络代码,从而攻击者无法获取其它设备的隐私信 息, 有效保护了网络中的设备。 本发明实施例还提供一种识别网络中设备的方法, 参见图 6所示, 包括: S301、 第一设备将自身的原始网络代码 code存储于服务器中 ;  It can be seen that the method for identifying devices in the network provided by the embodiment of the present invention uses a whitelist for each device in the network, and only the device recorded in the whitelist can obtain the original network code of the device from the server, thereby The device is connected and communicated, and each device does not broadcast its real network code, ie the original network code, but broadcasts a variant of the original network code, ie the first network code codel, thereby hiding the original network code, The device in the whitelist can obtain the original network code of the target device from the server, and perform the same deformation of the original network code, and then compare the obtained result with the first network code codel that is monitored. When the two are the same, The first network code is not the actual network code, so the attacker can not obtain the private information of other devices, effectively protecting the devices in the network. The embodiment of the present invention further provides a method for identifying a device in a network. As shown in FIG. 6, the method includes: S301: The first device stores its original network code code in a server;
S302、所述第一设备将所述 code代入预设函数中进行运算得到第一网络代 码 codel同时广播所述 codel , 使得所述第二设备将从服务器获取的 code代入所 述预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听得 到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标 设备。  S302. The first device substitutes the code into a preset function to obtain a first network code code1 and simultaneously broadcasts the code1, so that the second device substitutes the code acquired by the server into the preset function. The operation obtains the second network code code2, and compares the code2 with the codel obtained by the interception. When the two are the same, the first device is the target device of the second device.
其中, 第一设备将 code代入预设函数中进行运算得到第一网络代码 codel 可以具体包括:  The first device substitutes the code into the preset function to obtain the first network code. The codel may specifically include:
第一设备将所述 code和第一集合中至少一个参数代入预设函数中进行运 算得到 codel , 所述第一集合等于 {第一设备的广播时间 time、 随机值 nonce、 第 一设备上一轮广播的第一网络代码 codel }; 当选择将所述 nonce代入预设函数中时, 所述第一设备同时广播 codel和所 述 nonce; 当选择将第一设备上轮广播的第一网络代码 codel代入预设函数中 时, 所述第一设备同时广播 codel和本次广播轮数 count。 The first device substitutes at least one parameter of the code and the first set into a preset function to obtain a codel, where the first set is equal to {the broadcast time of the first device, the random value nonce, and the first device Broadcast the first network code codel }; When the nonce is selected to be substituted into the preset function, the first device simultaneously broadcasts the code1 and the nonce; when the first network code code1 broadcasted by the first device is selected into the preset function, The first device simultaneously broadcasts codel and the number of rounds of the current broadcast.
相应的,所述第二设备将从服务器获取的 code代入所述预设函数中进行运 算得到第二网络代码 code2包括:  Correspondingly, the second device substitutes the code acquired by the server into the preset function to obtain a second network code code2, including:
所述第二设备将所述 code和第一集合中至少一个参数代入所述预设函数 中进行运算得到 code2。  The second device substitutes at least one parameter of the code and the first set into the preset function to perform operation to obtain code2.
或者, 第一设备将所述 code代入预设函数中进行运算得到第一网络代码 codel也可以包括:  Alternatively, the first device may perform the operation by substituting the code into the preset function to obtain the first network code codel.
所述第一设备第一轮广播时,将所述 code和第二集合中至少一个参数代入 预设函数中进行运算得到本轮广播的 codel ;  When the first device broadcasts in the first round, at least one parameter of the code and the second set is substituted into a preset function to obtain a codel of the current round broadcast;
所述第一设备非第一轮广播时, 将所述第一设备上一轮广播的 codel和第 二集合中至少一个参数代入预设函数中进行运算得到本轮广播 codel;  When the first device is not in the first round of broadcasting, at least one of the codel and the second set of the broadcast of the first device is substituted into a preset function to obtain the current broadcast codel;
其中, 所述第二所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce }。  The second set of the second set is equal to {the broadcast time of the first device, the random value nonce }.
相应的,所述第二设备将从服务器获取的 code代入所述预设函数中进行运 算得到第二网络代码 C0de2包括: Correspondingly, the second device substitutes the code acquired by the server into the preset function to obtain a second network code C0 de2, including:
当所述第二设备监听到的所述的 codel为所述第一设备第一轮广播的消息 时,所述第二设备将所述 code和第二集合中至少一个参数代入预设函数中进行 运算得到 code2;  When the code1 monitored by the second device is a message broadcast by the first device in the first round, the second device substitutes at least one parameter of the code and the second set into a preset function. The operation gets code2;
当所述第二设备监听到的所述 codel非所述第一设备第一轮的广播消息 时, 所述第二设备将所述第一设备上一轮广播的 codel和第二集合中至少一个 参数代入预设函数中进行运算得到 code2。  When the code1 that is monitored by the second device is not the broadcast message of the first round of the first device, the second device sends at least one of the codel and the second set of the round broadcast on the first device. The parameter is substituted into the preset function to perform the operation to obtain code2.
需要说明的是, 当第一设备选择将随机值 nonce作为预设函数的输入值时, 第一设备同时广播计算得到的 codel和选择的随机值 nonce; 当第一设备选择将 第一设备上一轮广播的第一网络代码 codel作为预设函数的输入值时, 第一设 备同时广播计算得到的 codel和本次广播的轮数 count,使得第二设备根据 count 可以得知上一轮广播的 codel; 当第一设备选择将第一设备的广播时间 time作 为预设函数的输入值时, 第一设备可以只广播 codel , 或者同时广播 codel和 time。 It should be noted that, when the first device selects the random value nonce as the input value of the preset function, the first device simultaneously broadcasts the calculated code1 and the selected random value nonce; when the first device selects the first device to be used When the first network code code1 of the round broadcast is used as the input value of the preset function, the first device simultaneously broadcasts the calculated codel and the number of rounds of the current broadcast, so that the second device can know the codel of the previous round according to the count. When the first device selects the broadcast time time of the first device as the input value of the preset function, the first device may only broadcast codel or simultaneously broadcast codel and Time.
由上可见,本发明实施例提供的识别网络中设备的方法采用将第一设备的 原始网络代码 code经过预设函数运算得到第一网络代码 codel后进行广播, 因 此, 若第二设备具有与第一设备通信的权限, 即第二设备为非恶意攻击者, 则 第二设备可以从服务器获得第一设备的原始网络代码 code ,并将该原始网络代 码 code经过同样的预设函数运算得到第二网络代码 code2, 最后将第二网络代 码 code2和第一网络代码 codel进行比较, 当两者相同时, 即可以确定第一设备 为第二设备的目标设备,从而避免了恶意攻击设备从广播消息中获得第一设备 的原始网络代码 code, 保证了第一设备的安全。 本发明实施例还提供另一种识别网络中设备的方法, 包括:  It can be seen that the method for identifying the device in the network provided by the embodiment of the present invention uses the original network code code of the first device to obtain the first network code code1 after being subjected to a preset function operation, and then broadcasts, so if the second device has the same The right of communication of a device, that is, the second device is a non-malicious attacker, the second device may obtain the original network code code of the first device from the server, and obtain the second operation code of the original network code through the same preset function. The network code code2 finally compares the second network code code2 with the first network code codel. When the two are the same, the first device is determined to be the target device of the second device, thereby avoiding malicious attacking the device from the broadcast message. Obtaining the original network code code of the first device ensures the security of the first device. Another embodiment of the present invention provides a method for identifying a device in a network, including:
第一设备将自身的原始网络代码 code存储于服务器中,服务器中存储有白 名单, 其中, 所述白名单为具有与所述第一设备通信权限的设备的集合, 并且 所述白名单中记录有第二设备;或者所述白名单为具有与所述第二设备进行通 信权限的设备的集合, 并且所述第一设备记录于所述白名单;  The first device stores its original network code code in the server, and the server stores a white list, wherein the white list is a set of devices having communication authority with the first device, and the white list records Having a second device; or the whitelist is a set of devices having communication rights with the second device, and the first device is recorded in the whitelist;
所述第一设备将所述 code和广播时间 time代入预设函数中进行运算得到 第一网络代码 codel , 并广播所述 codel , 或者广播所述 codel和广播时间 time, 使得所述第二设备将从所述服务器中获取的 code和所述 time代入所述预设函 数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听得到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标设备; 或者, 所述第一设备将所述 code和随机值 nonce代入预设函数中进行运算 得到第一网络代码 codel , 并广播所述 codel和所述参数, 使得所述第二设备将 从所述服务器中获取的 code和通过监听得到的参数代入所述预设函数中进行 运算得到第二网络代码 code2, 并将所述 code2和通过监听得到的 codel进行比 较, 当两者相同时, 则所述第一设备为所述第二设备的目标设备;  The first device substitutes the code and the broadcast time time into a preset function to obtain a first network code code1, and broadcasts the code1, or broadcasts the code1 and the broadcast time time, so that the second device Computing the code obtained from the server and the time into the preset function to obtain a second network code code2, and comparing the code2 with the codel obtained by monitoring, when the two are the same, The first device is the target device of the second device; or the first device substitutes the code and the random value nonce into a preset function to obtain a first network code code1, and broadcasts the codel and the a parameter, such that the second device substitutes the code obtained by the server and the parameter obtained by the monitoring into the preset function to obtain a second network code code2, and obtains the code2 and the intercepted The codel compares, when the two are the same, the first device is a target device of the second device;
或者, 所述第一设备将所述 code和所述第一设备上一轮广播的 codel代入 预设函数中进行运算得到第一设备本轮的 codel , 并广播得到的 codel和本轮广 播次数 count, 使得所述第二设备根据所述 count得到所述第一设备上一轮广播 的 codel , 并将从所述服务器中获取的 code和所述第一设备上一轮广播的 codel 代入所述预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过 监听得到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备 的目标设备; Alternatively, the first device substitutes the code and the codel broadcasted on the first device into a preset function to obtain a codel of the current device, and broadcasts the obtained codel and the number of broadcasts of the current round. And causing the second device to obtain a codel of the round broadcast on the first device according to the count, and substituting the code acquired from the server and the codel broadcasted on the first device into the pre- Let the operation in the function get the second network code code2, and pass the code2 and pass Comparing the obtained codel for comparison, when the two are the same, the first device is the target device of the second device;
或者, 所述第一设备将所述 code、 所述 time和参数代入预设函数中进行运 算得到第一网络代码 codel , 并广播所述 codel和所述参数, 使得所述第二设备 将从所述服务器中获取的 code、 所述 time和通过监听得到的参数代入所述预设 函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听得到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标设备; 或者, 所述第一设备将所述 code、 所述 time和所述第一设备上一轮广播的 codel代入预设函数中进行运算得到第一设备本轮的 codel , 并广播得到的 codel和本轮广播次数 count, 或者, 广播得到的 codel、 所述 count和所述 time, 使得所述第二设备根据所述 count得到所述第一设备上一轮广播的 codel , 并将 从所述服务器中获取的 code、所述第一设备上一轮广播的 codel和所述 time代入 所述预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听 得到的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目 标设备;  Alternatively, the first device substitutes the code, the time, and the parameter into a preset function to obtain a first network code code1, and broadcasts the code1 and the parameter, so that the second device The code obtained in the server, the time and the parameter obtained by the monitoring are substituted into the preset function to obtain a second network code code2, and the code2 is compared with the codel obtained by the monitoring, when the two are At the same time, the first device is the target device of the second device; or the first device substitutes the code, the time, and the codel broadcasted by the first device into the preset function. Performing an operation to obtain the code1 of the current round of the first device, and broadcasting the obtained codel and the current broadcast count count, or the coded, the count, and the time obtained by the broadcast, so that the second device obtains the location according to the count Decoding a coded broadcast on the first device, and substituting the code obtained from the server, the codel of the first round of broadcasting on the first device, and the time into the pre- Function calculates a second network to obtain the code code2, and the comparing and code2 codel obtained by listening, when both are the same, the first device to the second device is the target device;
或者, 所述第一设备将其上一轮广播的 codel , 或者将其上一轮广播的 codel和所述 time代入预设函数中进行运算得到第一设备本轮的 codel , 并广播 得到的 codel和本轮广播次数 count,使得所述第二设备根据所述 count得到所述 第一设备上一轮广播的 codel , 并将所述第一设备上一轮广播的 codel代入所述 预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听得到 的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标设 备。  Alternatively, the first device substitutes the codel of the previous round broadcast or the codel and the time broadcasted by the previous round into the preset function to obtain the codel of the first round of the first device, and broadcasts the obtained codel. And counting the number of broadcasts of the current round, so that the second device obtains the codel of the round broadcast on the first device according to the count, and substitutes the codel of the round broadcast on the first device into the preset function. The operation is performed to obtain the second network code code2, and the code2 is compared with the coded obtained by the monitoring. When the two are the same, the first device is the target device of the second device.
上述预置的函数可以为哈希函数或者其它的加密算法;  The above preset function may be a hash function or other encryption algorithm;
第一设备可以将自己的原始网络代码 code和广播时间 time作为哈希函数 的输入值, 所得结果作为第一网络代码 codel进行广播;  The first device may use its original network code code and broadcast time time as input values of the hash function, and the obtained result is broadcast as the first network code codel;
第一设备也可以将自己的原始网络代码 code和生成的随机值 nonce作为哈 希函数的输入值, 所得结果作为第一网络代码 codel进行广播, 并且广播本轮 随机值 nonce;  The first device may also use its original network code code and the generated random value nonce as the input value of the hash function, and the obtained result is broadcasted as the first network code codel, and broadcasts the current random value nonce;
第一设备也可以将自己的原始网络代码 code和上一轮广播的第一网络代 码 codel作为预设函数的输入值, 所得结果作为本轮第一网络代码 codel进行广 播, 并且广播本轮广播次数 count, 从而可得知上一轮广播的第一网络代码 codel ; The first device can also put its own original network code code and the first network generation of the previous round of broadcasting. The code codel is used as the input value of the preset function, and the obtained result is broadcasted as the first network code code1 of the current round, and the number of broadcasts of the current round is counted, so that the first network code code1 of the previous round broadcast can be known;
第一设备还可以将自己的原始网络代码 code和生成的随机值 nonce, 以及 广播时间 time作为哈希函数的输入值, 所得结果作为第一网络代码 codel进行 广播, 并且广播随机值 nonce;  The first device may also broadcast its own original network code code and the generated random value nonce, and the broadcast time time as an input value of the hash function, and the obtained result is broadcasted as the first network code code1, and the random value nonce is broadcasted;
第一设备还可以将自己的原始网络代码 code和上一轮广播的第一网络代 码 codel , 以及广播时间 time作为哈希函数的输入值, 所得结果作为第一网络 代码 code 1进行广播, 并且广播本轮广播次数 count。  The first device may also broadcast its own original network code code and the first network code codel broadcasted in the previous round, and the broadcast time time as an input value of the hash function, and the obtained result is broadcasted as the first network code code 1 and broadcasted. The number of broadcasts in this round is count.
由上可见,本发明实施例提供的识别网络中设备的方法采用将第一设备的 原始网络代码 code经过预设函数运算得到第一网络代码 codel后进行广播, 并 且将可以与第一设备进行通信的设备记录于白名单中,并将该白名单和第一设 备的原始网络代码 code存储于服务器中, 因此属于白名单的第二设备可以从服 务器获得第一设备的原始网络代码 code , 并将该原始网络代码 code经过同样的 预设函数运算得打第二网络代码 code2 , 最后将第二网络代码 code2和第一网络 代码 codel进行比较, 当两者相同时, 即可以确定第一设备为第二设备的目标 设备,从而避免了不属于第一设备的白名单中的其他设备获得第一设备的原始 网络代码 code, 保证了第一设备的网络安全。 本发明实施例还提供一种识别网络中设备的装置, 包括:  It can be seen that the method for identifying a device in a network provided by the embodiment of the present invention uses the original network code code of the first device to obtain a first network code code1 after being subjected to a preset function, and then broadcasts, and can communicate with the first device. The device is recorded in the white list, and the whitelist and the original network code code of the first device are stored in the server, so the second device belonging to the whitelist can obtain the original network code code of the first device from the server, and The original network code code is operated by the same preset function to play the second network code code2, and finally the second network code code2 is compared with the first network code codel. When the two are the same, the first device is determined to be the first The target device of the second device, thereby avoiding that other devices in the whitelist that are not in the first device obtain the original network code code of the first device, and ensure network security of the first device. An embodiment of the present invention further provides an apparatus for identifying a device in a network, including:
获取模块, 用于从服务器获取第一设备的原始网络代码 code;  An obtaining module, configured to obtain, from a server, an original network code of the first device;
监听模块, 用于监听所述第一设备广播的第一网络代码 codel , 其中, 所 述 codel为所述第一设备将其 code经过预设函数运算后得到的结果;  a monitoring module, configured to monitor a first network code code1 broadcast by the first device, where the codel is a result obtained by the first device after the code of the first device is operated by a preset function;
计算模块,用于将所述获取模块获取的 code代入所述预设函数中进行运算 得到第二网络代码 C0de2; a calculation module, configured to substitute the code acquired by the obtaining module into the preset function to obtain a second network code C0 de2;
判断模块, 用于将所述计算模块计算得到的 code2和所述监听模块监听到 的 codel进行比较, 当两者相同时, 则确定所述第一设备为目标设备。  The determining module is configured to compare the code2 calculated by the calculating module with the code1 monitored by the monitoring module, and when the two are the same, determine that the first device is a target device.
具体的,计算模块可以用于将所述获取模块获取的 code和第一集合中至少 一个参数代入所述预设函数中进行运算得到所述 code2 ,所述第一集合等于 {第 一设备的广播时间 time、 随机值 nonce、 第一设备上轮广播的第一网络代码 codel } , 其中, 所述 nonce由所述第一设备广播。 Specifically, the calculation module may be configured to perform the code2 by substituting the code acquired by the obtaining module and at least one parameter in the first set into the preset function, where the first set is equal to {the broadcast of the first device. Time time, random value nonce, first network code broadcast on the first device Codel } , wherein the nonce is broadcast by the first device.
相应的, 所述第一设备广播的 codel为所述 code和所述第一集合中至少一 个参数经过所述预设函数运算后得到的结果。  Correspondingly, the code1 broadcast by the first device is a result obtained by the code and at least one parameter in the first set being operated by the preset function.
或者, 计算模块, 也可以用于当所述监听模块监听到的 codel为所述第一 设备第一轮广播的消息时,将所述 code和第二集合中至少一个参数代入预设函 数中进行运算得到 code2; 当所述监听模块监听到的 codel为所述第一设备非第 一轮广播的消息时, 将所述第一设备上一轮广播的 codel和所述第二集合中至 少一个参数代入预设函数中进行运算得到 code2;  Alternatively, the calculating module may be further configured to perform at least one parameter of the code and the second set into a preset function when the code1 monitored by the listening module is a message broadcast by the first device of the first device. The operation obtains code2; when the codel monitored by the interception module is a message that the first device is not broadcast by the first round, at least one parameter of the first broadcast of the first device and the second set of the second set Substituting into the preset function to perform operation to obtain code2;
其中, 所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce } , 所 述 nonce由所述第一设备广播。  The second set is equal to {the broadcast time of the first device, the random value nonce }, and the nonce is broadcast by the first device.
相应的, 第一设备第一轮广播的 codel为所述 code和第二集合中至少一个 参数经过所述预设函数运算后得到的结果;  Correspondingly, the codel broadcasted by the first round of the first device is a result obtained by the at least one parameter of the code and the second set being operated by the preset function;
所述第一设备非第一轮广播的 codel为所述第一设备上一轮广播的 codel 和第二集合中至少一个参数经过所述预设函数运算后得到的结果。  The codel of the first device that is not broadcast by the first round is a result obtained by the codel of the round broadcast on the first device and the at least one parameter of the second set being operated by the preset function.
参见图 7所示, 本发明实施例提供的识别网络中设备的装置结构如下: 获取模块 401 , 用于从服务器获取第一设备的原始网络代码 code;  As shown in FIG. 7, the device for identifying a device in a network according to an embodiment of the present invention is configured as follows: an obtaining module 401, configured to acquire an original network code code of a first device from a server;
监听模块 402, 用于监听所述第一设备广播的第一网络代码 codel , 其中, 所述 codel为所述第一设备将其 code经过预设函数运算后得到的结果;  The monitoring module 402 is configured to monitor the first network code code1 broadcast by the first device, where the codel is a result obtained by the first device after the code of the first device is operated by a preset function;
计算模块 403 ,用于将获取模块 401获取的 code代入所述预设函数中进行运 算得到第二网络代码 code2;  The calculation module 403 is configured to substitute the code acquired by the obtaining module 401 into the preset function to obtain a second network code code2;
判断模块 404,用于将计算模块 403计算得到的 code2和监听模块 402监听到 的 codel进行比较, 当两者相同时, 则确定所述第一设备为目标设备。  The determining module 404 is configured to compare the code2 calculated by the calculating module 403 with the code1 monitored by the monitoring module 402. When the two are the same, the first device is determined to be the target device.
其中, 服务器中存储有白名单, 其中, 所述白名单为具有与所述第一设备 通信权限的设备的集合, 并且所述第二设备记录于所述白名单; 或者, 所述白 名单为具有与所述第二设备通信权限的设备的集合,并且所述第一设备记录于 所述白名单。  The whitelist is stored in the server, where the whitelist is a set of devices having the communication authority with the first device, and the second device is recorded in the whitelist; or the whitelist is A set of devices having communication rights with the second device, and the first device is recorded in the whitelist.
需要说明的是, 本发明实施例提供的识别网络中设备的装置可以应用于 D2D网络中, 并且该识别网络中设备的装置用于网络中终端设备当中, 为网络 中的设备对网络中的其它设备进行识别; 其中, 服务器可以为 MME服务器或者 Proximity服务器; It should be noted that the device for identifying a device in a network that is provided by the embodiment of the present invention may be applied to a D2D network, and the device for identifying a device in the network is used in a terminal device in the network, and is a device in the network to other devices in the network. Equipment identification; The server may be an MME server or a Proximity server;
需要说明的是, 计算模块 403运用的预设函数与第一设备计算第一网络代 码 codel所使用的函数相同。  It should be noted that the preset function used by the calculation module 403 is the same as the function used by the first device to calculate the first network code codel.
即第一设备广播的第一网络代码 codel为所述 code和所述 time经过所述预 设函数运算后得到的结果;  That is, the first network code code1 broadcast by the first device is a result obtained by the code and the time being operated by the preset function;
或者, 所述 codel为所述 code和所述 nonce经过所述预设函数运算后得到的 结果;  Or the codel is a result obtained by the code and the nonce being operated by the preset function;
或者, 所述 codel为所述 code、 所述 time和所述 nonce经过所述预设函数运 算后得到的结果等等;  Or the codel is a result obtained by the code, the time, and the nonce being processed by the preset function, and the like;
由上可见, 本发明实施例提供的识别网络中设备的装置, 当该装置所应用 的设备具有与第一设备通信的权限或记录于第一设备的白名单中时,该装置的 获取模块可以从服务器中获取第一设备的原始网络代码 code,该装置中的监听 模块可以监听第一设备广播的的原始网络代码 code的变型形式,即第一网络代 码 codel , 并且该装置中的计算模块可以对从服务器获得的原始网络代码进行 相同形式的变型, 得到第二网络代码 code2, 该装置中的判断模块可以对第二 网络代码 code2和第一网络代码 codel进行比较, 若两者相同, 则可确定第一设 备即为该装置寻找的目标设备,从而避免了不具有通信权限的设备或者不属于 第一设备的白名单中的其他设备获得第一设备的原始网络代码 code,保证了第 一设备的网络安全。 本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步 骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读 存储介质中, 存储介质可以包括: 只读存储器(ROM, Read Only Memory ), 随机存取记忆体(RAM, Random Access Memory ) , 磁盘或光盘等。  As can be seen from the above, the device for identifying a device in a network provided by the embodiment of the present invention may be configured when the device to which the device is applied has the right to communicate with the first device or is recorded in the whitelist of the first device. Obtaining the original network code code of the first device from the server, the listening module in the device may listen to a variant of the original network code code broadcast by the first device, that is, the first network code codel, and the computing module in the device may Performing the same form of modification on the original network code obtained from the server to obtain the second network code code2, the judging module in the device may compare the second network code code2 with the first network code codel, if the two are the same, Determining that the first device is the target device that the device is looking for, thereby avoiding that the device that does not have the communication authority or the other device that is not in the whitelist of the first device obtains the original network code code of the first device, and ensures the first device. Network security. A person skilled in the art may understand that all or part of the various steps of the foregoing embodiments may be completed by a program instructing related hardware. The program may be stored in a computer readable storage medium, and the storage medium may include: Read only memory (ROM, Read Only Memory), random access memory (RAM), disk or optical disk.
同时, 在上述实施例中, 对各个实施例的描述都各有侧重, 某个实施 例中没有详述的部分, 可以参见其他实施例的相关描述。  In the above, in the above embodiments, the descriptions of the various embodiments are different, and the parts that are not detailed in an embodiment can be referred to the related descriptions of other embodiments.
以上对本发明实施例所提供的一种识别网络中设备的方法和装置进行了 上实施例的说明只是用于帮助理解本发明的方法及其核心思想; 同时,对于本 领域的技术人员,依据本发明的思想, 在具体实施方式及应用范围上均会有改 变之处, 综上所述, 本说明书内容不应理解为对本发明的限制。 The foregoing description of the method and apparatus for identifying devices in a network provided by the embodiments of the present invention is only for facilitating understanding of the method and core idea of the present invention. Meanwhile, for those skilled in the art, The idea of the invention will be changed in the specific implementation and application scope. In the above, the contents of the specification are not to be construed as limiting the invention.

Claims

权 利 要 求 Rights request
1、 一种识别网络中设备的方法, 其特征在于, 包括: 1. A method for identifying devices in a network, characterized by including:
第二设备从服务器获取第一设备的原始网络代码 code; The second device obtains the original network code code of the first device from the server;
所述第二设备监听所述第一设备广播的第一网络代码 codel , 其中, 所述 codel为所述第一设备将其 code经过预设函数运算后得到的结果; The second device monitors the first network code codel broadcast by the first device, where the codel is the result obtained by the first device after the code is subjected to a preset function operation;
所述第二设备将所述 code代入所述预设函数中进行运算得到第二网络代 码 code2; The second device substitutes the code into the preset function and performs calculation to obtain the second network code code2;
将所述 code2和所述 codel进行比较, 若相同, 则所述第一设备为所述第二 设备的目标设备。 Compare the code2 and the codel. If they are the same, the first device is the target device of the second device.
2、 根据权利要求 1所述的方法, 其特征在于, 所述第二设备将所述 code 代入预设函数中进行运算得到第二网络代码 code2包括: 2. The method according to claim 1, characterized in that the second device substitutes the code into a preset function and performs an operation to obtain the second network code code2, which includes:
所述第二设备将所述 code和第一集合中至少一个参数代入所述预设函数 中进行运算得到 code2, 所述第一集合等于 {第一设备的广播时间 time、 随机值 nonce、 第一设备上一轮广播的第一网络代码 codel } , 其中, 所述 nonce由所述 第一设备广播。 The second device substitutes the code and at least one parameter in the first set into the preset function to perform an operation to obtain code2. The first set is equal to {the broadcast time of the first device time, the random value nonce, the first The first network code codel} broadcast by the device in the previous round, wherein the nonce is broadcast by the first device.
3、 根据权利要求 2所述的方法, 其特征在于, 所述第一设备广播的 codel 为所述 code和所述第一集合中至少一个参数经过所述预设函数运算后得到的 结果。 3. The method according to claim 2, wherein the codel broadcast by the first device is the result of the code and at least one parameter in the first set subjected to the preset function operation.
4、 根据权利要求 1所述的方法, 其特征在于, 所述第二设备将所述 code 代入预设函数中进行运算得到第二网络代码 code2包括: 4. The method according to claim 1, characterized in that the second device substitutes the code into a preset function and performs an operation to obtain the second network code code2, which includes:
所述第二设备判断监听到的 codel是否为所述第一设备第一轮广播的消 息, 若是, 则将所述 code和第二集合中至少一个参数代入预设函数中进行运算 得到 code2, 若否, 则将所述第一设备上一轮广播的 codel和所述第二集合中至 少一个参数代入预设函数中进行运算得到 code2; The second device determines whether the monitored codel is the message broadcast in the first round by the first device. If so, the code and at least one parameter in the second set are substituted into the preset function to perform an operation to obtain code2. If If not, then substitute the codel broadcast by the first device in the previous round and at least one parameter in the second set into the preset function for calculation to obtain code2;
其中, 所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce } , 所 述 nonce由所述第一设备广播。 Wherein, the second set is equal to {broadcast time time of the first device, random value nonce}, and the nonce is broadcast by the first device.
5、 根据权利要求 4所述的方法, 其特征在于, 所述第一设备第一轮广播的 codel为所述 code和第二集合中至少一个参数经过所述预设函数运算后得到的 结果; 所述第一设备非第一轮广播的 codel为所述第一设备上一轮广播的 codel 和第二集合中至少一个参数经过所述预设函数运算后得到的结果。 5. The method according to claim 4, characterized in that, the codel broadcast by the first device in the first round is the result obtained by the preset function operation of the code and at least one parameter in the second set; The codel broadcast by the first device other than the first round is the result of the codel broadcast by the first device in the previous round and at least one parameter in the second set through the preset function operation.
6、 根据权利要求 3或 5所述的方法, 其特征在于, 所述第二设备监听所述 第一设备广播的 codel的同时, 监听所述第一设备广播的广播时间 time。 6. The method according to claim 3 or 5, characterized in that, while the second device monitors the codel broadcast by the first device, it also monitors the broadcast time time broadcast by the first device.
7、 根据权利要求 1至 6任一项所述的方法, 其特征在于, 所述服务器中存 储有白名单,其中,所述白名单为具有与所述第一设备通信权限的设备的集合, 并且所述第二设备记录于所述白名单; 或者, 所述白名单为具有与所述第二设 备通信权限的设备的集合, 并且所述第一设备记录于所述白名单。 7. The method according to any one of claims 1 to 6, characterized in that, a white list is stored in the server, wherein the white list is a set of devices that have permission to communicate with the first device, And the second device is recorded in the white list; or, the white list is a set of devices that have permission to communicate with the second device, and the first device is recorded in the white list.
8、 根据权利要求 1至 6任一项所述的方法, 其特征在于, 所述方法应用于 D2D网络中。 8. The method according to any one of claims 1 to 6, characterized in that the method is applied in a D2D network.
9、根据权利要求 1至 6任一项所述的方法,其特征在于,所述服务器为 MME 服务器或者 Proximity服务器。 9. The method according to any one of claims 1 to 6, characterized in that the server is an MME server or a Proximity server.
10、 根据权利要求 1至 6任一项所述的方法, 其特征在于, 所述预设函数为 哈希函数。 10. The method according to any one of claims 1 to 6, characterized in that the preset function is a hash function.
11、 一种识别网络中设备的方法, 其特征在于, 包括: 11. A method for identifying devices in a network, characterized by including:
第一设备将自身的原始网络代码 code存储于服务器中 ; The first device stores its own original network code code in the server;
所述第一设备将所述 code代入预设函数中进行运算得到第一网络代码 codel同时广播所述 codel , 使得所述第二设备将从服务器获取的 code代入所述 预设函数中进行运算得到第二网络代码 code2 , 并将所述 code2和通过监听得到 的 codel进行比较, 当两者相同时, 则所述第一设备为所述第二设备的目标设 备。 The first device substitutes the code into the preset function for operation to obtain the first network code codel and broadcasts the codel at the same time, so that the second device substitutes the code obtained from the server into the preset function for operation and obtains The second network code is code2, and the code2 is compared with the codel obtained through monitoring. When the two are the same, the first device is the target device of the second device.
12、 根据权利要求 11所述的方法, 其特征在于, 所述第一设备将所述 code 代入预设函数中进行运算得到第一网络代码 codel包括: 12. The method according to claim 11, characterized in that the first device substitutes the code into a preset function and performs an operation to obtain the first network code codel, which includes:
所述第一设备将所述 code和第一集合中至少一个参数代入预设函数中进 行运算得到 codel ,所述第一集合等于 {第一设备的广播时间 time、随机值 nonce、 第一设备上一轮广播的第一网络代码 codel }; The first device substitutes the code and at least one parameter in the first set into a preset function to perform an operation to obtain the codel. The first set is equal to {the broadcast time of the first device, the random value nonce, the The first network code of a round of broadcast code };
当选择将所述 nonce代入预设函数中时, 所述第一设备同时广播 codel和所 述 nonce; 当选择将第一设备上轮广播的第一网络代码 codel代入预设函数中 时, 所述第一设备同时广播 codel和本次广播轮数 count。 When choosing to substitute the nonce into the preset function, the first device simultaneously broadcasts the codel and the nonce; when choosing to substitute the first network code codel broadcast by the first device in the previous round into the preset function, the The first device simultaneously broadcasts the codel and the count of this broadcast round.
13、 根据权利要求 12所述的方法, 其特征在于, 当选择将所述 time代入预 设函数中时, 所述第一设备同时广播所述 code 1和所述 time。 13. The method according to claim 12, wherein when the time is selected to be substituted into the preset function, the first device broadcasts the code 1 and the time simultaneously.
14、 根据权利要求 12所述的方法, 其特征在于, 所述第二设备将从服务器 获取的 code代入所述预设函数中进行运算得到第二网络代码 code2包括: 14. The method according to claim 12, characterized in that the second device substitutes the code obtained from the server into the preset function to perform operations to obtain the second network code code2, which includes:
所述第二设备将所述 code和第一集合中至少一个参数代入所述预设函数 中进行运算得到 code2。 The second device substitutes the code and at least one parameter in the first set into the preset function to perform an operation to obtain code2.
15、 根据权利要求 11所述的方法, 其特征在于, 所述第一设备将所述 code 代入预设函数中进行运算得到第一网络代码 codel包括: 15. The method according to claim 11, characterized in that the first device substitutes the code into a preset function and performs an operation to obtain the first network code codel, which includes:
所述第一设备第一轮广播时,将所述 code和第二集合中至少一个参数代入 预设函数中进行运算得到本轮广播的 code 1; When the first device broadcasts in the first round, the code and at least one parameter in the second set are substituted into the preset function to perform calculations to obtain the code 1 of this round of broadcast;
所述第一设备非第一轮广播时, 将所述第一设备上一轮广播的 codel和第 二集合中至少一个参数代入预设函数中进行运算得到本轮广播 codel; When the first device is not in the first round of broadcast, the codel of the previous round of broadcast by the first device and at least one parameter in the second set are substituted into the preset function for calculation to obtain the current broadcast codel;
其中, 所述第二所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce }。 Wherein, the second set is equal to {broadcast time of the first device time, random value nonce}.
16、 根据权利要求 15所述的方法, 其特征在于, 所述第二设备将从服务器 获取的 code代入所述预设函数中进行运算得到第二网络代码 code2包括: 16. The method according to claim 15, characterized in that the second device substitutes the code obtained from the server into the preset function to perform an operation to obtain the second network code code2, which includes:
当所述第二设备监听到的所述的 codel为所述第一设备第一轮广播的消息 时,所述第二设备将所述 code和第二集合中至少一个参数代入预设函数中进行 运算得到 code2; When the codel monitored by the second device is the message broadcast by the first device in the first round, the second device substitutes the code and at least one parameter in the second set into the preset function. The operation results in code2;
当所述第二设备监听到的所述 codel非所述第一设备第一轮的广播消息 时, 所述第二设备将所述第一设备上一轮广播的 codel和第二集合中至少一个 参数代入预设函数中进行运算得到 code2。 When the codel monitored by the second device is not the broadcast message of the first round of the first device, the second device sends at least one of the codel broadcasted by the first device in the previous round and the second set. The parameters are substituted into the preset function for operation to obtain code2.
17、 根据权利要求 11至 16任一项所述的方法, 其特征在于, 所述服务器中 还存储有白名单, 其中, 所述白名单为具有与所述第一设备通信权限的设备的 集合, 并且所述白名单中记录有第二设备; 或者所述白名单为具有与所述第二 设备进行通信权限的设备的集合, 并且所述第一设备记录于所述白名单。 17. The method according to any one of claims 11 to 16, characterized in that the server also stores a white list, wherein the white list is a set of devices that have permission to communicate with the first device. , and the second device is recorded in the whitelist; or the whitelist is a set of devices that have permission to communicate with the second device, and the first device is recorded in the whitelist.
18、 一种识别网络中设备的装置, 其特征在于, 包括: 18. A device for identifying equipment in a network, characterized by including:
获取模块, 用于从服务器获取第一设备的原始网络代码 code; Obtain module, used to obtain the original network code code of the first device from the server;
监听模块, 用于监听所述第一设备广播的第一网络代码 codel , 其中, 所 述 codel为所述第一设备将其 code经过预设函数运算后得到的结果; 计算模块,用于将所述获取模块获取的 code代入所述预设函数中进行运算 得到第二网络代码 C0de2; A listening module, configured to listen to the first network code codel broadcast by the first device, where: The codel is the result obtained by the first device after the code is processed by a preset function; a calculation module is used to substitute the code obtained by the acquisition module into the preset function for calculation to obtain the second network code C0 de2 ;
判断模块, 用于将所述计算模块计算得到的 code2和所述监听模块监听到 的 codel进行比较, 当两者相同时, 则确定所述第一设备为目标设备。 The judgment module is used to compare the code2 calculated by the calculation module and the code1 monitored by the listening module. When the two are the same, it is determined that the first device is the target device.
19、 根据权利要求 18所述的装置, 其特征在于, 所述计算模块用于将所述 获取模块获取的 code和第一集合中至少一个参数代入所述预设函数中进行运 算得到所述 code2,所述第一集合等于 {第一设备的广播时间 time、随机值 nonce、 第一设备上轮广播的第一网络代码 codel } , 其中, 所述 nonce由所述第一设备 广播。 19. The device according to claim 18, characterized in that, the calculation module is used to substitute the code obtained by the acquisition module and at least one parameter in the first set into the preset function to perform an operation to obtain the code2 , the first set is equal to {the broadcast time of the first device, the random value nonce, the first network code codel broadcast by the first device in the last round}, wherein the nonce is broadcast by the first device.
20、根据权利要求 19所述的装置,其特征在于,所述第一设备广播的 codel 为所述 code和所述第一集合中至少一个参数经过所述预设函数运算后得到的 结果。 20. The device according to claim 19, wherein the codel broadcast by the first device is the result of the code and at least one parameter in the first set subjected to the preset function operation.
21、 根据权利要求 18所述的装置, 其特征在于, 所述计算模块, 用于当所 述监听模块监听到的 codel为所述第一设备第一轮广播的消息时, 将所述 code 和第二集合中至少一个参数代入预设函数中进行运算得到 code2; 当所述监听 模块监听到的 codel为所述第一设备非第一轮广播的消息时, 将所述第一设备 上一轮广播的 codel和所述第二集合中至少一个参数代入预设函数中进行运算 得到 code2; 21. The device according to claim 18, characterized in that, the calculation module is configured to, when the codel monitored by the listening module is a message broadcast in the first round by the first device, combine the code and At least one parameter in the second set is substituted into the preset function for operation to obtain code2; when the codel monitored by the listening module is a message broadcast by the first device other than the first round, the first device will be The broadcast codel and at least one parameter in the second set are substituted into the preset function for operation to obtain code2;
其中, 所述第二集合等于 {第一设备的广播时间 time、 随机值 nonce } , 所 述 nonce由所述第一设备广播。 Wherein, the second set is equal to {broadcast time time of the first device, random value nonce}, and the nonce is broadcast by the first device.
22、 根据权利要求 21所述的装置, 其特征在于, 所述第一设备第一轮广播 的 codel为所述 code和第二集合中至少一个参数经过所述预设函数运算后得到 的结果; 22. The device according to claim 21, wherein the codel broadcast by the first device in the first round is the result of the preset function operation of the code and at least one parameter in the second set;
所述第一设备非第一轮广播的 codel为所述第一设备上一轮广播的 codel 和第二集合中至少一个参数经过所述预设函数运算后得到的结果。 The codel broadcast by the first device other than the first round is the codel broadcast by the first device in the previous round and the result obtained by at least one parameter in the second set through the preset function operation.
23、 根据权利要求 20或 22所述的装置, 其特征在于, 所述监听模块用于监 听所述第一设备广播的 codel外, 还监听所述第一设备广播的广播时间 time。 23. The device according to claim 20 or 22, wherein the monitoring module is configured to monitor not only the codel broadcast by the first device, but also the broadcast time time broadcast by the first device.
24、 根据权利要求 18至 23任一项所述的装置, 其特征在于, 所述服务器中 存储有白名单, 其中, 所述白名单为具有与所述第一设备通信权限的设备的集 合, 并且所述第二设备记录于所述白名单; 或者, 所述白名单为具有与所述第 二设备通信权限的设备的集合, 并且所述第一设备记录于所述白名单。 24. The device according to any one of claims 18 to 23, characterized in that: in the server A whitelist is stored, wherein the whitelist is a set of devices that have permission to communicate with the first device, and the second device is recorded in the whitelist; or, the whitelist is a set of devices that have permission to communicate with the first device. The second device communicates with the set of devices authorized, and the first device is recorded in the whitelist.
PCT/CN2013/071247 2013-02-01 2013-02-01 Method and apparatus for identifying device in network WO2014117383A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201380001002.6A CN104186005A (en) 2013-02-01 2013-02-01 Method and apparatus for identifying device in network
PCT/CN2013/071247 WO2014117383A1 (en) 2013-02-01 2013-02-01 Method and apparatus for identifying device in network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2013/071247 WO2014117383A1 (en) 2013-02-01 2013-02-01 Method and apparatus for identifying device in network

Publications (1)

Publication Number Publication Date
WO2014117383A1 true WO2014117383A1 (en) 2014-08-07

Family

ID=51261435

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/071247 WO2014117383A1 (en) 2013-02-01 2013-02-01 Method and apparatus for identifying device in network

Country Status (2)

Country Link
CN (1) CN104186005A (en)
WO (1) WO2014117383A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376770A (en) * 2014-08-29 2016-03-02 电信科学技术研究院 Signal sending method, detection method, and related equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1729460A (en) * 2002-12-20 2006-02-01 日本电信电话株式会社 Communication method, communication system, relay system, communication program, program for communication system, mail distribution system, mail distribution method, and mail distribution program
CN101379863A (en) * 2006-02-10 2009-03-04 高通股份有限公司 Obscuring temporary user equipment identities
CN101729507A (en) * 2008-10-14 2010-06-09 中兴通讯股份有限公司 Method and device for discovering and recognizing network devices

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8606873B2 (en) * 2008-06-27 2013-12-10 Qualcomm Incorporated Methods and apparatus for securely advertising identification and/or discovery information
WO2011162649A1 (en) * 2010-06-22 2011-12-29 Telefonaktiebolaget L M Ericsson (Publ) Methods and arrangements for direct mode communication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1729460A (en) * 2002-12-20 2006-02-01 日本电信电话株式会社 Communication method, communication system, relay system, communication program, program for communication system, mail distribution system, mail distribution method, and mail distribution program
CN101379863A (en) * 2006-02-10 2009-03-04 高通股份有限公司 Obscuring temporary user equipment identities
CN101729507A (en) * 2008-10-14 2010-06-09 中兴通讯股份有限公司 Method and device for discovering and recognizing network devices

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376770A (en) * 2014-08-29 2016-03-02 电信科学技术研究院 Signal sending method, detection method, and related equipment
CN105376770B (en) * 2014-08-29 2018-12-21 电信科学技术研究院 A kind of signaling method, detection method and relevant device

Also Published As

Publication number Publication date
CN104186005A (en) 2014-12-03

Similar Documents

Publication Publication Date Title
Nandy et al. Review on security of internet of things authentication mechanism
KR101879916B1 (en) Proximity discovery, authentication and link establishment between communication mobile devices in 3gpp lte
CN106664561B (en) System and method for securing pre-association service discovery
Zhang et al. Distributed privacy-preserving access control in sensor networks
CN106134232B (en) Certification in device-to-device discovery
WO2019237813A1 (en) Method and device for scheduling service resource
WO2016206227A1 (en) Access control method and device
CN111565389B (en) Node management method, device, equipment and storage medium
US20150082429A1 (en) Protecting wireless network from rogue access points
Panos et al. A specification-based intrusion detection engine for infrastructure-less networks
WO2013185709A1 (en) Call authentication method, device, and system
CN112333159A (en) Mobile Internet of things terminal access control method, device and system based on block chain
CN115022850A (en) Authentication method, device, system, electronic equipment and medium for D2D communication
US10154369B2 (en) Deterrence of user equipment device location tracking
US20230208625A1 (en) Communication method and related apparatus
JP2023535474A (en) ASSOCIATION CONTROL METHOD AND RELATED DEVICE
Saini et al. Detection of malicious cluster head causing hello flood attack in LEACH protocol in wireless sensor networks
CN106537962B (en) Wireless network configuration, access and access method, device and equipment
WO2014117383A1 (en) Method and apparatus for identifying device in network
Amgoune et al. 5g: Interconnection of services and security approaches
CN114697945B (en) Method and device for generating discovery response message and method for processing discovery message
IL254758B2 (en) Method, equipment and computer program product for code encryption
Farah et al. The MCD Protocol for Securing Wireless Sensor Networks against Nodes Replication Attacks
Kuriakose et al. Effective defending against flood attack using stream-check method in tolerant network
JP5294348B2 (en) Home gateway device, home gateway device control method and control program therefor

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13873347

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13873347

Country of ref document: EP

Kind code of ref document: A1