WO2020042276A1 - Household appliance, and anti-counterfeiting generation device, anti-counterfeiting preparation method and access method therefor - Google Patents

Household appliance, and anti-counterfeiting generation device, anti-counterfeiting preparation method and access method therefor Download PDF

Info

Publication number
WO2020042276A1
WO2020042276A1 PCT/CN2018/108967 CN2018108967W WO2020042276A1 WO 2020042276 A1 WO2020042276 A1 WO 2020042276A1 CN 2018108967 W CN2018108967 W CN 2018108967W WO 2020042276 A1 WO2020042276 A1 WO 2020042276A1
Authority
WO
WIPO (PCT)
Prior art keywords
home appliance
communication module
counterfeit
information
verification
Prior art date
Application number
PCT/CN2018/108967
Other languages
French (fr)
Chinese (zh)
Inventor
骆恒
Original Assignee
广东美的制冷设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广东美的制冷设备有限公司 filed Critical 广东美的制冷设备有限公司
Publication of WO2020042276A1 publication Critical patent/WO2020042276A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Definitions

  • the present application relates to the technical field of household electrical appliances, and in particular, to an anti-counterfeit generating device for household electrical appliances, a household electrical appliance, an anti-counterfeiting preparation method, and an access method thereof.
  • the communication protocol between the communication module and the Internet of Things is not encrypted, so that the home appliances are illegally connected to the Internet of Things, causing hidden dangers to the information security of the Internet of Things.
  • the main purpose of the present application is to provide an anti-counterfeit generating device, a home appliance, an anti-counterfeiting preparation method and an access method thereof for home appliances, which are aimed at solving the problem of illegal connection of home appliances with the Internet of Things and causing hidden dangers of information security of the Internet of Things.
  • an anti-counterfeiting preparation method for home appliances includes the following steps:
  • the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  • the method further includes:
  • the step of signing the serial number of the communication module according to the private key to obtain signature information, and storing the signature information in a secure storage area of a device where the communication module is located includes:
  • the signature information is stored in a secure storage area of a device where the communication module is located.
  • the step of generating a public key and a private key corresponding to the anti-counterfeit file includes:
  • a key generation device is used to generate a public key and a private key corresponding to the anti-counterfeit file.
  • the step of signing the serial number of the communication module according to the private key to obtain signature information, and storing the signature information in a secure storage area of a device where the communication module is located include:
  • the method before the step of obtaining the MAC address of the communication module, the method further includes:
  • the present application further provides a method for accessing home appliances.
  • the method for accessing home appliances includes the following steps:
  • the verification information includes a serial number, a MAC address, and signature information of the serial number of the communication module, and the step of verifying the verification information includes:
  • obtaining the verification information of the communication module of the home appliance includes:
  • a request for obtaining authentication information of a communication module is sent to the home appliance to receive the verification information uploaded by the home appliance.
  • the present application also provides a home appliance device, the home appliance device includes a communication module for establishing communication with an external device; and the home appliance device is further provided with a secure storage area, where The signature information corresponding to the serial number of the communication module is described.
  • the home appliance is made by the anti-counterfeiting preparation method of the home appliance described above.
  • the present application also provides an anti-counterfeit generation device for a home appliance, which includes a processor, a memory, and an anti-counterfeit generation program stored on the memory and operable on the processor.
  • the anti-counterfeit generation program is The processor calls and performs the following steps:
  • the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  • the anti-counterfeit generation device of the home appliance further includes a key generation device for generating a public key and a private key corresponding to the anti-counterfeit file.
  • the present application further provides an access device for a home appliance, where the access device for a home appliance includes:
  • the obtaining module is configured to obtain verification information of the communication module of the home appliance after establishing a communication connection with the home appliance;
  • a verification module configured to verify the verification information
  • the connection module is configured to disconnect the communication connection with the home appliance after the verification fails.
  • the present application further provides an IoT server, which includes a processor, a memory, and an access program of a home appliance that is stored on the memory and can run on the processor.
  • IoT server which includes a processor, a memory, and an access program of a home appliance that is stored on the memory and can run on the processor.
  • the anti-counterfeit generating device of the home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit
  • the private key is used to sign the serial number of the communication module to obtain signature information, so that the home appliance is communicating with the Internet of Things
  • the legal access to the Internet of Things is verified through the verification of the signature information, which solves the problem of the hidden danger of the security of the Internet of Things information caused by the illegal access of the home appliance to the Internet of Things.
  • the signature information is stored in the Internet of Things.
  • the secure storage area of the home appliance equipment where the communication module is located because the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot obtain the signature information from the home appliance device for illegal acquisition.
  • the information in the Internet of Things further guarantees the security of the Internet of Things information.
  • FIG. 1 is a schematic diagram of a hardware structure of an anti-counterfeit generation device of a home appliance according to an embodiment of the present application.
  • FIG. 2 is a schematic flowchart of a preferred embodiment of an anti-counterfeiting preparation method for a home appliance device of this application;
  • FIG. 3 is a schematic flowchart of a preferred embodiment of an access method for a home appliance device of this application
  • FIG. 4 is a schematic diagram of a program module of an access device of a home appliance of this application.
  • the main solution of the embodiment of the present application is: obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address; generating a private key and a public key corresponding to the anti-counterfeit file; and according to the private key, the communication
  • the serial number of the module is signed to obtain signature information, and the signature information is stored in a secure storage area of the home appliance equipment where the communication module is located.
  • the anti-counterfeit generating device of the home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit
  • the private key is used to sign the serial number of the communication module to obtain signature information, so that the home appliance is communicating with the Internet of Things
  • the legal access to the Internet of Things is verified through the verification of the signature information, which solves the problem of the hidden danger of the security of the Internet of Things information caused by the illegal access of the home appliance to the Internet of Things.
  • the signature information is stored in the Internet of Things.
  • the secure storage area of the home appliance equipment where the communication module is located because the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot obtain the signature information from the home appliance device to illegally Obtaining information in the Internet of Things further ensures the security of the Internet of Things information.
  • an anti-counterfeit generation device of a home appliance can be shown in FIG. 1.
  • the solution of the embodiment of the present application relates to an anti-counterfeit generation device for home appliances.
  • the anti-counterfeit generation device for home appliances includes: a processor 101, such as a CPU, a memory 102, and a communication bus 103.
  • the communication bus 103 is used to implement connection and communication between these components.
  • the memory 102 may be a high-speed RAM memory, or may be a non-volatile memory (non-volatile memory), such as a magnetic disk memory. As shown in FIG. 1, the memory 102 as a computer storage medium may include an anti-counterfeit preparation program for home appliances; and the processor 101 may be used to call the anti-counterfeit preparation program for home appliances stored in the memory 102 and perform the following operations:
  • the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  • the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
  • the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
  • the signature information is stored in a secure storage area of a device where the communication module is located.
  • the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
  • a key generation device is used to generate a public key and a private key corresponding to the anti-counterfeit file.
  • the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
  • the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
  • the anti-counterfeit generating device of a home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit piece, and then use the private key to sign the serial number of the communication module to obtain signature information.
  • the home appliance is connected to the Internet of Things, it is legally connected to the Internet of Things through the verification of the signature information, which solves the problem that the home appliances are illegally connected to the Internet of Things, causing hidden dangers to the security of the Internet of Things information.
  • the signature information is stored in the secure storage area of the home appliance device where the communication module is located, the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot be obtained from the home appliance.
  • FIG. 2 is an embodiment of an anti-counterfeiting preparation method for a home appliance device of the present application.
  • the anti-counterfeiting preparation method for a home appliance device includes the following steps:
  • Step S10 Obtain a MAC address of the communication module to generate an anti-counterfeit file according to the MAC address.
  • the anti-counterfeit generation device of a home appliance can be used to generate anti-counterfeit information of the home appliance. Specifically, the anti-counterfeit generation device of the home appliance obtains the MAC address of the communication module, and then generates an anti-counterfeit file according to the MAC address.
  • the anti-counterfeit file is a license code file, that is, a license file.
  • Step S20 Generate a private key and a public key corresponding to the anti-counterfeit file
  • the anti-counterfeit generation device of a home appliance generates a public-private key pair through a key generation device, and the key generation device is a part of the anti-counterfeit generation device of the home appliance; connection.
  • the key generation device supports encryption and decryption algorithms.
  • the encryption and decryption algorithms can be RSA, AES, SHA and other algorithms.
  • the security device of the home appliance After the security device of the home appliance generates a license file, the home appliance generates a private key and a public key corresponding to the license file according to the encryption and decryption algorithm.
  • the anti-counterfeit generation device of home appliances needs to upload the public key and the MAC address of the communication module to the IoT server, so that the IoT server backs up the public key and MAC address of the communication module, so that the IoT server is verifying the home appliance.
  • the verification information uploaded by the home appliance is decrypted according to the MAC address and the public key to determine whether the home appliance is a legal access device.
  • step S30 the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  • the anti-counterfeit generating device of the home appliance After generating the private key of the license file, the anti-counterfeit generating device of the home appliance stores the private key of the license file and the MAC of the communication module, and then burns the license file and the MAC address to the communication module.
  • the communication module After the communication module is programmed, it can be installed on home appliances. At this time, the anti-counterfeit generation device of the home appliance will be connected to the home appliance where the communication module is located; then, the MAC address of the communication module of the home appliance is read to determine the corresponding private key based on the MAC address; The serial number is signed to obtain signature information. After generating the signature information, the home appliance will place the signature information in a secure storage area. The information stored in the secure storage area cannot be read by external devices, so that other devices cannot obtain signature information from home appliances to illegally obtain information in the Internet of Things, ensuring the security of the Internet of Things information.
  • the anti-counterfeit preparation process for the home appliance by the anti-counterfeit generation device of the home appliance involves the generation and programming of the MAC address and license of the communication module, the generation of the private and public keys of the license, and the generation of signature information of the home appliance.
  • the anti-counterfeiting generating device of the home appliance is also used for the production of the communication module. The specific process is as follows:
  • the production software of the anti-counterfeit generation device of home appliances corrects the radio frequency of the communication module
  • the MAC address can be divided into multiple MAC address segments according to the number of communication modules produced in the same batch, and for each communication module Allocate a MAC address segment, which is the MAC address of the communication module;
  • the anti-counterfeit generating device of the home appliance generates a license file of the communication module according to the MAC address
  • the key generation device of the anti-counterfeit generation device of the home appliance generates a public key and a private key corresponding to the license file.
  • the key generation device can be a component of the anti-counterfeit generation device of the home appliance, and can also communicate with the home appliance through a USB interface, etc.
  • the anti-counterfeit generation device is connected.
  • the anti-counterfeit generation device of the home appliance stores the private key and the MAC address in association, and uploads the public key and the MAC address to the IoT server;
  • the anti-counterfeit generation device of the home appliance programs the communication module to determine the patch firmware, that is, the pacth firmware, the application firmware and other information that needs to be programmed;
  • the anti-counterfeit generating device of household appliances configures the serial number of the communication module, and writes the serial number, pacth firmware, application firmware, MAC address, license file and other information to the communication module;
  • the anti-counterfeit generation device of the home appliance is connected to the home appliance, and the anti-counterfeit generation device of the home appliance reads the MAC address and serial number of the communication module;
  • the anti-counterfeit generating device of the home appliance finds a private key corresponding to the MAC address, signs the serial number with the private key, obtains signature information, and stores the signature information in a secure storage area.
  • the preparation process of the anti-counterfeiting information of the home appliance through the anti-counterfeiting generating device of the home appliance is simple and low cost.
  • the anti-counterfeiting information that is, the signature information is stored in the secure storage area of the home appliance
  • the external device cannot read the anti-counterfeiting. Information, and thus cannot forge the anti-counterfeit information, making it impossible for external devices to connect with the Internet of Things server, and avoiding the illegal acquisition of Internet of Things information.
  • the anti-counterfeit generating device of a home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit piece
  • the private module is used to sign the serial number of the communication module to obtain
  • the signature information enables home appliances to access the Internet of Things legally through the verification of the signature information after connecting to the Internet of Things, and solves the problem of hidden security risks of the Internet of Things information from the source when the appliance is illegally connected to the Internet of Things;
  • the signature information is stored in the secure storage local area of the home appliance device where the communication module is located.
  • the signature information cannot be obtained by the external device, that is, other devices Unable to obtain signature information from home appliances to illegally obtain information in the Internet of Things, further ensuring the security of the Internet of Things information.
  • FIG. 2 is a first embodiment of an access method for a home appliance of the present application.
  • the access method for a home appliance includes the following steps:
  • Step S40 After establishing a communication connection with the home appliance, obtain authentication information of the communication module of the home appliance;
  • the home appliance is generated by the anti-counterfeit generation device of the home appliance through the above-mentioned anti-counterfeit preparation method of the home appliance, thereby realizing the anti-counterfeit function of the home appliance.
  • the IoT server After the home appliance has established a communication connection with the IoT server, the IoT server will obtain the verification information of the communication module of the home appliance.
  • the verification information includes the signature information in the secure storage area of the home appliance, the MAC address of the communication module, and the serial number.
  • the IoT server After the home appliance is connected to the Internet of Things server, it will actively upload the authentication information of the communication module. Alternatively, the IoT server obtains verification information from the communication module of the home appliance. Specifically, the IoT server establishes a communication connection with the home appliance and starts timing. If the timing reaches a preset time (the preset time may be any suitable value, such as 1min), and the home appliance does not upload communication during this time The verification information of the module. The IoT server sends a request for obtaining the verification information of the communication module to the home appliance to determine whether the home appliance is an illegal connection.
  • the preset time may be any suitable value, such as 1min
  • the IoT server After the IoT server sends an acquisition request, if the verification information uploaded by the home appliance has not been received within a certain period of time (a certain period of time can be any composite value, for example, 1 minute), the IoT server disconnects from the home appliance. Communication connection.
  • a certain period of time can be any composite value, for example, 1 minute
  • Step S50 verify the verification information
  • Step S60 After the verification fails, disconnect the communication connection with the home appliance.
  • the IoT server supports encryption and decryption algorithms such as RSA, AES, and SHA. After the IoT server obtains the verification information, the IoT server finds the public key corresponding to the MAC address according to the MAC address of the communication module in the verification information, and then decrypts the signature information in the verification information according to the public key to obtain the verification sequence.
  • the Internet of Things server determines whether the verification serial number matches the serial number of the communication module, that is, whether the two are consistent. If they are not the same, the Internet of Things server determines that the access verification of the home appliance has failed. At this time, it disconnects from the home appliance. Device connection.
  • the IoT server obtains authentication information of the communication module of the home appliance after establishing a connection with the home appliance; and then verifies the access of the home appliance according to the verification information; if the verification fails, it disconnects Open the communication connection with the home appliance; because the IoT server performs access verification on the home appliance, the IoT server can identify the illegally connected home appliance to disconnect the communication with the illegal device, ensuring the information of the Internet of Things safety.
  • the present application further provides an access device for a home appliance, where the access device includes an acquisition module 10, a verification module 20, and a connection module 30, among which;
  • the obtaining module 10 is configured to obtain verification information of the communication module of the home appliance after establishing a communication connection with the home appliance;
  • the home appliance here generates anti-counterfeiting information by the anti-counterfeiting generating device of the home appliance through the anti-counterfeiting preparation method of the home appliance, thereby realizing the anti-counterfeiting function of the home appliance.
  • the access device of the home appliance may be an Internet of Things server; or, the intermediate device, that is, the home appliance is communicatively connected to the Internet of Things server through the access device of the home appliance.
  • the acquisition module 10 obtains verification information of the communication module of the home appliance.
  • the verification information includes signature information in the secure storage area of the home appliance, the MAC address of the communication module, and the serial number.
  • the verification module 20 is configured to verify the verification information
  • the connection module 30 is configured to disconnect the communication connection with the home appliance after the verification fails.
  • the verification module 20 After the access device of the household electrical appliance obtains the verification information, the verification module 20 searches for the public key corresponding to the MAC address according to the MAC address of the communication module in the verification information, thereby decrypting the signature information in the verification information according to the public key, and Get the verification serial number. Then the verification module 20 determines whether the verification serial number matches the serial number of the communication module, that is, determines whether the two are consistent. If the two do not match, the access device of the home appliance determines that the access verification of the home appliance has failed. At this time, the connection module 30 Disconnect the access device from the home appliance.
  • the access device of the home appliance acquires authentication information of the communication module of the home appliance after establishing a connection with the home appliance; and then verifies the access of the home appliance according to the verification information; if the verification fails , The communication connection with the home appliance is disconnected; since the access device of the home appliance performs access verification on the home appliance, the access device of the home appliance can identify an illegally connected home appliance to disconnect the illegal device.
  • the communication connection ensures the information security of the Internet of Things.
  • the access device of the home appliance further includes a receiving module 40. After the home appliance is connected to the access device of the home appliance, it will actively upload the verification information of the communication module. At this time, the receiving module 40 receives the verification information actively uploaded by the home appliance.
  • the access device of the home appliance further includes a sending module 50.
  • the access device of the household electrical appliance establishes a communication connection with the household electrical appliance and starts timing. If the timing duration reaches a preset duration (the preset duration can be any suitable value, such as 1min), and the household electrical equipment does not upload communication during this period of time The verification information of the module.
  • the sending module 50 sends a request for obtaining the verification information of the communication module to the home appliance to determine whether the home appliance is an illegal connection.
  • the IoT server After the IoT server sends the acquisition request, if the verification information uploaded by the home appliance has not been received within a certain period of time (a certain period of time can be any composite value, for example, 1 minute), the IoT server disconnects from the home appliance The communication connection of the device.
  • a certain period of time can be any composite value, for example, 1 minute
  • This application also provides a home appliance device, the home appliance device includes a communication module for establishing communication with an external device; and the home appliance device is also provided with a secure storage area that stores a sequence of the communication module The corresponding signature information.
  • the home appliance generates anti-counterfeit information by the anti-counterfeit preparation method of the home appliance described above, and realizes the anti-counterfeiting function of the home appliance.
  • the application also provides an anti-counterfeit generation device for a home appliance, comprising a processor, a memory, and an anti-counterfeit generation program stored on the memory and operable on the processor, the anti-counterfeit generation program being called by the processor And execute the steps of the anti-counterfeiting preparation method of the home appliance as described in the above embodiment to implement the anti-counterfeiting function of the home appliance.
  • the anti-counterfeit generation device of the home appliance further includes a key generation device for generating a public key and a private key corresponding to the anti-counterfeit file.
  • the key generation device supports encryption and decryption algorithms.
  • the encryption and decryption algorithms can be RSA, AES, SHA and other algorithms.
  • the key generation device is a component of an anti-counterfeit generation device of a home appliance.
  • the key generation device can also be an independent device, which can be connected to the anti-counterfeit generation device of the home appliance to generate a public key and a private key corresponding to the anti-counterfeit file; the key generation device can be a USB Key, USB Key is inserted into the anti-counterfeit generation device of the home appliance through the USB interface to realize the connection between the USB Key and the anti-counterfeit generation device of the home appliance.
  • the application also provides an Internet of Things server.
  • the Internet of Things server includes a processor, a memory, and an access program for a home appliance that is stored on the memory and can run on the processor. When the entry program is executed by the processor, each step of the method for accessing the home appliance as described in the foregoing embodiment is implemented.
  • the methods in the above embodiments can be implemented by means of software plus a necessary universal hardware platform, and of course, also by hardware, but in many cases the former is better.
  • Implementation Based on such an understanding, the technical solution of this application that is essentially or contributes to the existing technology can be embodied in the form of a software product.
  • the computer software product is stored in a storage medium (such as ROM / RAM) as described above. , Magnetic disk, optical disc), including a number of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to execute the methods described in the embodiments of the present application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)
  • Selective Calling Equipment (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Disclosed is an anti-counterfeiting preparation method for a household appliance, the anti-counterfeiting preparation method for the household appliance comprising the following steps: acquiring an MAC address of a communication module so as to generate an anti-counterfeiting file according to the MAC address; generating a private key and a public key corresponding to the anti-counterfeiting file; and signing a serial number of the communication module according to the private key so as to obtain signature information, and storing the signature information in a secure storage area of a household appliance where the communication module is located. Further provided are an access method for a household appliance, the household appliance, an access apparatus of the household appliance, and an Internet of Things server. According to the present application, the information security of the Internet of Things is ensured.

Description

家电设备及其防伪生成设备、防伪制备方法及其接入方法 Home appliance equipment, anti-counterfeit generation equipment, anti-counterfeit preparation method and access method thereof Ranch
技术领域Technical field
本申请涉及家电设备技术领域,尤其涉及一种家电设备的防伪生成装置、家电设备、防伪制备方法及其接入方法。The present application relates to the technical field of household electrical appliances, and in particular, to an anti-counterfeit generating device for household electrical appliances, a household electrical appliance, an anti-counterfeiting preparation method, and an access method thereof.
背景技术Background technique
随着网络技术的发展,物联网技术逐渐成熟。人们可以通过采集与物联网连接的家电设备的信息,从而为用户提供更好的服务。而家电设备需要通过通讯模块连接物联网。With the development of network technology, the Internet of Things technology has gradually matured. People can provide better services to users by collecting information on home appliances connected to the Internet of Things. And home appliances need to be connected to the Internet of Things through a communication module.
现有技术中,通讯模块与物联网之间的通讯协议并没有加密,使得家电设备与物联网非法连接,造成了物联网的信息安全隐患。In the prior art, the communication protocol between the communication module and the Internet of Things is not encrypted, so that the home appliances are illegally connected to the Internet of Things, causing hidden dangers to the information security of the Internet of Things.
发明内容Summary of the Invention
本申请的主要目的在于提供一种家电设备的防伪生成装置、家电设备、防伪制备方法及其接入方法,旨在解决家电设备与物联网非法连接,造成了物联网的信息安全隐患的问题。The main purpose of the present application is to provide an anti-counterfeit generating device, a home appliance, an anti-counterfeiting preparation method and an access method thereof for home appliances, which are aimed at solving the problem of illegal connection of home appliances with the Internet of Things and causing hidden dangers of information security of the Internet of Things.
为实现上述目的,本申请提供的一种家电设备的防伪制备方法,所述家电设备的防伪制备方法包括以下步骤:In order to achieve the above object, an anti-counterfeiting preparation method for home appliances provided by the present application, the anti-counterfeiting preparation method for home appliances includes the following steps:
获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address;
生成所述防伪文件对应的私钥以及公钥;Generating a private key and a public key corresponding to the anti-counterfeit file;
根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
在一实施例中,所述生成所述防伪文件对应的私钥以及公钥的步骤之后还包括:In an embodiment, after the step of generating a private key and a public key corresponding to the anti-counterfeit file, the method further includes:
存储所述私钥以及所述MAC地址,并将所述公钥以及所述MAC地址发送至物联网服务器。Store the private key and the MAC address, and send the public key and the MAC address to an Internet of Things server.
在一实施例中,所述根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在设备的安全存储区域的步骤包括:In an embodiment, the step of signing the serial number of the communication module according to the private key to obtain signature information, and storing the signature information in a secure storage area of a device where the communication module is located includes:
在连接所述通讯模块所在的设备后,获取所述通讯模块的MAC地址以及序列号;Obtain the MAC address and serial number of the communication module after connecting the device where the communication module is located;
获取所述MAC地址对应的私钥,以根据所述私钥对所述序列号进行签名,得到签名信息;Obtaining a private key corresponding to the MAC address to sign the serial number according to the private key to obtain signature information;
将签名信息存储至所述通讯模块所在设备的安全存储区域。The signature information is stored in a secure storage area of a device where the communication module is located.
在一实施例中,所述生成所述防伪文件对应的公钥以及私钥的步骤包括:In an embodiment, the step of generating a public key and a private key corresponding to the anti-counterfeit file includes:
采用密钥生成装置生成所述防伪文件对应的公钥以及私钥。A key generation device is used to generate a public key and a private key corresponding to the anti-counterfeit file.
在一实施例中,所述根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在设备的安全存储区域的步骤之前,还包括:In an embodiment, before the step of signing the serial number of the communication module according to the private key to obtain signature information, and storing the signature information in a secure storage area of a device where the communication module is located, include:
确定所述通讯模块的补丁固件、应用固件以及序列号; Determining the patch firmware, application firmware, and serial number of the communication module;
将所述补丁固件、应用固件、防伪文件、序列号以及MAC地址写入至所述通讯模块。Write the patch firmware, application firmware, anti-counterfeit file, serial number, and MAC address to the communication module.
在一实施例中,所述获取通讯模块的MAC地址的步骤之前,还包括:In an embodiment, before the step of obtaining the MAC address of the communication module, the method further includes:
对所述通讯模块进行射频校准。Perform radio frequency calibration on the communication module.
为实现上述目的,本申请还提供一种家电设备的接入方法,所述家电设备的接入方法包括以下步骤:In order to achieve the above object, the present application further provides a method for accessing home appliances. The method for accessing home appliances includes the following steps:
在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;Acquiring communication information of a communication module of the home appliance after establishing a communication connection with the home appliance;
对所述验证信息进行验证;Verifying the verification information;
在验证失败后,断开与所述家电设备的通信连接。After the verification fails, the communication connection with the home appliance is disconnected.
在一实施例中,所述验证信息包括所述通讯模块的序列号、MAC地址以及对所述序列号的签名信息,所述对所述验证信息进行验证的步骤包括:In an embodiment, the verification information includes a serial number, a MAC address, and signature information of the serial number of the communication module, and the step of verifying the verification information includes:
获取所述MAC地址对应的公钥,以对所述签名信息进行解密,得到验证序列号;Obtaining a public key corresponding to the MAC address to decrypt the signature information to obtain a verification sequence number;
判断所述验证序列号是否匹配所述通讯模块的序列号,其中,在所述验证序列号不匹配所述通讯模块的序列号时,判定验证失败。It is determined whether the verification serial number matches the serial number of the communication module, and when the verification serial number does not match the serial number of the communication module, it is determined that the verification has failed.
在一实施例中,所述在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息的步骤包括:In an embodiment, after establishing the communication connection with the home appliance, obtaining the verification information of the communication module of the home appliance includes:
在建立与家电设备的通信连接后,接收所述家电设备上传的通讯模块的验证信息;或者,After establishing a communication connection with a home appliance, receiving verification information of a communication module uploaded by the home appliance; or
在建立与家电设备的通信连接后,向所述家电设备发送通讯模块的验证信息的获取请求,以接收所述家电设备上传的所述验证信息。After establishing a communication connection with a home appliance, a request for obtaining authentication information of a communication module is sent to the home appliance to receive the verification information uploaded by the home appliance.
为实现上述目的,本申请还提供一种家电设备,所述家电设备包括通讯模块,用于与外部设备建立通信;且所述家电设备还设有安全存储区域,所述安全存储区域存储有所述通讯模块的序列号对应的签名信息。In order to achieve the above object, the present application also provides a home appliance device, the home appliance device includes a communication module for establishing communication with an external device; and the home appliance device is further provided with a secure storage area, where The signature information corresponding to the serial number of the communication module is described.
在一实施例中,所述家电设备由上所述的家电设备的防伪制备方法制得。In one embodiment, the home appliance is made by the anti-counterfeiting preparation method of the home appliance described above.
为实现上述目的,本申请还提供一种家电设备的防伪生成设备,包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的防伪生成程序,所述防伪生成程序被所述处理器调用,并执行以下步骤:To achieve the above object, the present application also provides an anti-counterfeit generation device for a home appliance, which includes a processor, a memory, and an anti-counterfeit generation program stored on the memory and operable on the processor. The anti-counterfeit generation program is The processor calls and performs the following steps:
获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address;
生成所述防伪文件对应的私钥以及公钥;Generating a private key and a public key corresponding to the anti-counterfeit file;
根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
在一实施例中,所述家电设备的防伪生成设备还包括一密钥生成装置,用于生成所述防伪文件对应的公钥以及私钥。In an embodiment, the anti-counterfeit generation device of the home appliance further includes a key generation device for generating a public key and a private key corresponding to the anti-counterfeit file.
为实现上述目的,本申请还提供一种家电设备的接入装置,所述家电设备的接入装置包括:To achieve the foregoing object, the present application further provides an access device for a home appliance, where the access device for a home appliance includes:
获取模块,设置为在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;The obtaining module is configured to obtain verification information of the communication module of the home appliance after establishing a communication connection with the home appliance;
验证模块,设置为对所述验证信息进行验证;A verification module configured to verify the verification information;
连接模块,设置为在验证失败后,断开与所述家电设备的通信连接。The connection module is configured to disconnect the communication connection with the home appliance after the verification fails.
为实现上述目的,本申请还提供一种物联网服务器,所述物联网服务器包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的家电设备的接入程序,所述家电设备的接入程序被所述处理器执行时实现以下步骤:In order to achieve the above object, the present application further provides an IoT server, which includes a processor, a memory, and an access program of a home appliance that is stored on the memory and can run on the processor. When the access program of the home appliance is executed by the processor, the following steps are implemented:
在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;Acquiring communication information of a communication module of the home appliance after establishing a communication connection with the home appliance;
对所述验证信息进行验证;Verifying the verification information;
在验证失败后,断开与所述家电设备的通信连接。After the verification fails, the communication connection with the home appliance is disconnected.
本申请实施例中提供的一个或多个技术方案,至少具有如下技术效果或优点:One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages:
由于家电设备的防伪生成装置能够根据通讯模块的MAC地址生成防伪文件,以对防伪件生成私钥,从而采用私钥对通讯模块的序列号进行签名,得到签名信息,使得家电设备在与物联网连接后,通过签名信息的验证合法的接入物联网,从源头上解决了家电设备非法接入物联网,造成物联网信息的安全隐患的问题;在一实施例中,由于签名信息,存储于通讯模块所在的家电设备的安全存储区域,因安全存储区域中的信息无法被外部设备读取,使得签名信息不能被外部设备获取,也即使得其他设备无法从家电设备中获取签名信息以非法获取物联网中的信息,进一步保证了物联网信息的安全性。Since the anti-counterfeit generating device of the home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit, the private key is used to sign the serial number of the communication module to obtain signature information, so that the home appliance is communicating with the Internet of Things After the connection, the legal access to the Internet of Things is verified through the verification of the signature information, which solves the problem of the hidden danger of the security of the Internet of Things information caused by the illegal access of the home appliance to the Internet of Things. In one embodiment, the signature information is stored in the Internet of Things. The secure storage area of the home appliance equipment where the communication module is located, because the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot obtain the signature information from the home appliance device for illegal acquisition. The information in the Internet of Things further guarantees the security of the Internet of Things information.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1为本申请实施例涉及的家电设备的防伪生成设备的硬件结构示意图。FIG. 1 is a schematic diagram of a hardware structure of an anti-counterfeit generation device of a home appliance according to an embodiment of the present application.
图2为本申请家电设备的防伪制备方法的较佳实施例的流程示意图;2 is a schematic flowchart of a preferred embodiment of an anti-counterfeiting preparation method for a home appliance device of this application;
图3为本申请家电设备的接入方法的较佳实施例的流程示意图;FIG. 3 is a schematic flowchart of a preferred embodiment of an access method for a home appliance device of this application;
图4为本申请家电设备的接入装置的程序模块示意图。FIG. 4 is a schematic diagram of a program module of an access device of a home appliance of this application.
本申请目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The implementation, functional features and advantages of the purpose of this application will be further described with reference to the embodiments and the drawings.
具体实施方式detailed description
应当理解,此处所描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。It should be understood that the specific embodiments described herein are only used to explain the application, and are not used to limit the application.
本申请实施例的主要解决方案是:获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;生成所述防伪文件对应的私钥以及公钥;根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The main solution of the embodiment of the present application is: obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address; generating a private key and a public key corresponding to the anti-counterfeit file; and according to the private key, the communication The serial number of the module is signed to obtain signature information, and the signature information is stored in a secure storage area of the home appliance equipment where the communication module is located.
由于家电设备的防伪生成装置能够根据通讯模块的MAC地址生成防伪文件,以对防伪件生成私钥,从而采用私钥对通讯模块的序列号进行签名,得到签名信息,使得家电设备在与物联网连接后,通过签名信息的验证合法的接入物联网,从源头上解决了家电设备非法接入物联网,造成物联网信息的安全隐患的问题;在一实施例中,由于签名信息,存储于通讯模块所在的家电设备的安全存储局域,因安全存储区域中的信息无法被外部设备读取,使得签名信息不能被外部设备获取,也即使得其他设备无法从家电设备中获取签名信息以非法获取物联网中的信息,进一步保证了物联网信息的安全性。Since the anti-counterfeit generating device of the home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit, the private key is used to sign the serial number of the communication module to obtain signature information, so that the home appliance is communicating with the Internet of Things After the connection, the legal access to the Internet of Things is verified through the verification of the signature information, which solves the problem of the hidden danger of the security of the Internet of Things information caused by the illegal access of the home appliance to the Internet of Things. In one embodiment, the signature information is stored in the Internet of Things. The secure storage area of the home appliance equipment where the communication module is located, because the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot obtain the signature information from the home appliance device to illegally Obtaining information in the Internet of Things further ensures the security of the Internet of Things information.
作为一种实现方案,家电设备的防伪生成装置可以如图1所示。As an implementation solution, an anti-counterfeit generation device of a home appliance can be shown in FIG. 1.
本申请实施例方案涉及的是家电设备的防伪生成装置,家电设备的防伪生成装置包括:处理器101,例如CPU,存储器102,通信总线103。其中,通信总线103用于实现这些组件之间的连接通信。The solution of the embodiment of the present application relates to an anti-counterfeit generation device for home appliances. The anti-counterfeit generation device for home appliances includes: a processor 101, such as a CPU, a memory 102, and a communication bus 103. The communication bus 103 is used to implement connection and communication between these components.
存储器102可以是高速RAM存储器,也可以是稳定的存储器(non-volatilememory),例如磁盘存储器。如图1所示,作为一种计算机存储介质的存储器102中可以包括家电设备的防伪制备程序;而处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:The memory 102 may be a high-speed RAM memory, or may be a non-volatile memory (non-volatile memory), such as a magnetic disk memory. As shown in FIG. 1, the memory 102 as a computer storage medium may include an anti-counterfeit preparation program for home appliances; and the processor 101 may be used to call the anti-counterfeit preparation program for home appliances stored in the memory 102 and perform the following operations:
获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address;
生成所述防伪文件对应的私钥以及公钥;Generating a private key and a public key corresponding to the anti-counterfeit file;
根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
在一实施例中,处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:In an embodiment, the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
存储所述私钥以及所述MAC地址,并将所述公钥以及所述MAC地址发送至物联网服务器。Store the private key and the MAC address, and send the public key and the MAC address to an Internet of Things server.
在一实施例中,处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:In an embodiment, the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
在连接所述通讯模块所在的设备后,获取所述通讯模块的MAC地址以及序列号;Obtain the MAC address and serial number of the communication module after connecting the device where the communication module is located;
获取所述MAC地址对应的私钥,以根据所述私钥对所述序列号进行签名,得到签名信息;Obtaining a private key corresponding to the MAC address to sign the serial number according to the private key to obtain signature information;
将签名信息存储至所述通讯模块所在设备的安全存储区域。The signature information is stored in a secure storage area of a device where the communication module is located.
在一实施例中,处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:In an embodiment, the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
采用密钥生成装置生成所述防伪文件对应的公钥以及私钥。A key generation device is used to generate a public key and a private key corresponding to the anti-counterfeit file.
在一实施例中,处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:In an embodiment, the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
确定所述通讯模块的补丁固件、应用固件以及序列号; Determining the patch firmware, application firmware, and serial number of the communication module;
将所述补丁固件、应用固件、防伪文件、序列号以及MAC地址写入至所述通讯模块。Write the patch firmware, application firmware, anti-counterfeit file, serial number, and MAC address to the communication module.
在一实施例中,处理器101可以用于调用存储器102中存储的家电设备的防伪制备程序,并执行以下操作:In an embodiment, the processor 101 may be configured to call an anti-counterfeiting preparation program of a home appliance device stored in the memory 102 and perform the following operations:
对所述通讯模块进行射频校准。Perform radio frequency calibration on the communication module.
本实施例根据上述方案,由于家电设备的防伪生成装置能够根据通讯模块的MAC地址生成防伪文件,以对防伪件生成私钥,从而采用私钥对通讯模块的序列号进行签名,得到签名信息,使得家电设备在与物联网连接后,通过签名信息的验证合法的接入物联网,从源头上解决了家电设备非法接入物联网,造成物联网信息的安全隐患的问题;在一实施例中,由于签名信息,存储于通讯模块所在的家电设备的安全存储局域,因安全存储区域中的信息无法被外部设备读取,使得签名信息不能被外部设备获取,也即使得其他设备无法从家电设备中获取签名信息以非法获取物联网中的信息,进一步保证了物联网信息的安全性。According to the foregoing solution in this embodiment, since the anti-counterfeit generating device of a home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit piece, and then use the private key to sign the serial number of the communication module to obtain signature information. After the home appliance is connected to the Internet of Things, it is legally connected to the Internet of Things through the verification of the signature information, which solves the problem that the home appliances are illegally connected to the Internet of Things, causing hidden dangers to the security of the Internet of Things information. In one embodiment Because the signature information is stored in the secure storage area of the home appliance device where the communication module is located, the information in the secure storage area cannot be read by the external device, so that the signature information cannot be obtained by the external device, that is, other devices cannot be obtained from the home appliance. Obtaining signature information in the device to illegally obtain information in the Internet of Things, further ensuring the security of the Internet of Things information.
基于上述家电设备的防伪生成设备,提出本申请家电设备的防伪制备方法。Based on the anti-counterfeit generation device of the above-mentioned home appliance, an anti-counterfeit preparation method for the home appliance of the present application is proposed.
参照图2,图2为本申请家电设备的防伪制备方法的实施例,所述家电设备的防伪制备方法包括以下步骤:Referring to FIG. 2, FIG. 2 is an embodiment of an anti-counterfeiting preparation method for a home appliance device of the present application. The anti-counterfeiting preparation method for a home appliance device includes the following steps:
步骤S10,获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Step S10: Obtain a MAC address of the communication module to generate an anti-counterfeit file according to the MAC address.
在本申请中,家电设备的防伪生成装置可用于生成家电设备的防伪信息。具体的,家电设备的防伪生成装置获取通讯模块的MAC地址,然后根据MAC地址生成防伪文件,防伪文件为许可码文件,也即license文件。In the present application, the anti-counterfeit generation device of a home appliance can be used to generate anti-counterfeit information of the home appliance. Specifically, the anti-counterfeit generation device of the home appliance obtains the MAC address of the communication module, and then generates an anti-counterfeit file according to the MAC address. The anti-counterfeit file is a license code file, that is, a license file.
步骤S20,生成所述防伪文件对应的私钥以及公钥;Step S20: Generate a private key and a public key corresponding to the anti-counterfeit file;
家电设备的防伪生成装置通过密钥生成装置生成公私钥对,密钥生成装置为家电设备的防伪生成装置部件;或者,密钥生成装置为独立设备,且通过USB接口与家电设备的防伪生成装置连接。该密钥生成装置支持加解密算法,加解密算法可为RSA、AES、SHA等算法。家电设备的防伪生成装置在生成license文件后,家电设备根据加解密算法生成license文件对应的私钥和公钥。需要说明的是,家电设备的防伪生成装置需将公钥以及通讯模块的MAC地址上传至物联网服务器,使得物联网服务器备份通讯模块的公钥以及MAC地址,从而使得物联网服务器在验证该家电设备是否合法接入物联网时,根据MAC地址以及公钥对家电设备上传的验证信息进行解密,以判断家电设备是否为合法接入设备。The anti-counterfeit generation device of a home appliance generates a public-private key pair through a key generation device, and the key generation device is a part of the anti-counterfeit generation device of the home appliance; connection. The key generation device supports encryption and decryption algorithms. The encryption and decryption algorithms can be RSA, AES, SHA and other algorithms. After the security device of the home appliance generates a license file, the home appliance generates a private key and a public key corresponding to the license file according to the encryption and decryption algorithm. It should be noted that the anti-counterfeit generation device of home appliances needs to upload the public key and the MAC address of the communication module to the IoT server, so that the IoT server backs up the public key and MAC address of the communication module, so that the IoT server is verifying the home appliance. When the device is legally connected to the Internet of Things, the verification information uploaded by the home appliance is decrypted according to the MAC address and the public key to determine whether the home appliance is a legal access device.
步骤S30,根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。In step S30, the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
家电设备的防伪生成装置在生成license文件的私钥后,会将license文件的私钥以及通讯模块的MAC关联存储,再将license文件以及MAC地址烧写至通讯模块。After generating the private key of the license file, the anti-counterfeit generating device of the home appliance stores the private key of the license file and the MAC of the communication module, and then burns the license file and the MAC address to the communication module.
通讯模块在完成烧写后,可安装在家电设备上。此时,家电设备的防伪生成装置将连接通讯模块所在的家电设备;然后,读取家电设备的通讯模块的MAC地址,从而根据MAC地址,确定对应的私钥;再根据私钥对通讯模块的序列号进行签名,从而得到签名信息。在生成签名信息后,家电设备会将签名信息放置于安全存储区域。该安全存储区域存储的信息无法被外部设备读取,如此能使得其他设备无法从家电设备中获取签名信息,以非法获取物联网中的信息,保证了物联网信息的安全性。After the communication module is programmed, it can be installed on home appliances. At this time, the anti-counterfeit generation device of the home appliance will be connected to the home appliance where the communication module is located; then, the MAC address of the communication module of the home appliance is read to determine the corresponding private key based on the MAC address; The serial number is signed to obtain signature information. After generating the signature information, the home appliance will place the signature information in a secure storage area. The information stored in the secure storage area cannot be read by external devices, so that other devices cannot obtain signature information from home appliances to illegally obtain information in the Internet of Things, ensuring the security of the Internet of Things information.
上述家电设备的防伪生成装置对家电设备的防伪制备流程,涉及对通讯模块的MAC地址与license的生成和烧写,license的私钥和公钥的生成,以及家电设备的签名信息的生成。在一些实施例中,家电设备的防伪生成装置除了进行家电设备的防伪制备,还用于通讯模块的生产,具体流程如下:The anti-counterfeit preparation process for the home appliance by the anti-counterfeit generation device of the home appliance involves the generation and programming of the MAC address and license of the communication module, the generation of the private and public keys of the license, and the generation of signature information of the home appliance. In some embodiments, in addition to the anti-counterfeiting preparation of the home appliance, the anti-counterfeiting generating device of the home appliance is also used for the production of the communication module. The specific process is as follows:
1、将通讯模块放入家电设备的防伪生成装置的生产夹具中,此时的通讯模块并未烧写程序、固件等信息;1. Put the communication module into the production fixture of the anti-counterfeit generation device of home appliances. At this time, the communication module does not program and firmware information.
2、家电设备的防伪生成装置的生产软件对通讯模块的射频进行校正;2. The production software of the anti-counterfeit generation device of home appliances corrects the radio frequency of the communication module;
3、为家电设备的通讯模块获取一MAC地址,并将申请的MAC地址配置于通讯模块,MAC地址可以根据同一批次通讯模块的生产数量分为多个MAC地址段,并为每一个通讯模块分配一个MAC地址段,该MAC地址段即为通讯模块的MAC地址;3. Obtain a MAC address for the communication module of the home appliance and configure the applied MAC address in the communication module. The MAC address can be divided into multiple MAC address segments according to the number of communication modules produced in the same batch, and for each communication module Allocate a MAC address segment, which is the MAC address of the communication module;
4、家电设备的防伪生成装置根据MAC地址生成通讯模块的license文件;4. The anti-counterfeit generating device of the home appliance generates a license file of the communication module according to the MAC address;
5、家电设备的防伪生成装置的密钥生成装置生成license文件对应的公钥以及私钥,密钥生成装置可以是家电设备的防伪生成装置的部件,也可通过USB接口等方式与家电设备的防伪生成装置连接,家电设备的防伪生成装置将私钥以及MAC地址关联保存,并将公钥以及MAC地址上传至物联网服务器;5. The key generation device of the anti-counterfeit generation device of the home appliance generates a public key and a private key corresponding to the license file. The key generation device can be a component of the anti-counterfeit generation device of the home appliance, and can also communicate with the home appliance through a USB interface, etc. The anti-counterfeit generation device is connected. The anti-counterfeit generation device of the home appliance stores the private key and the MAC address in association, and uploads the public key and the MAC address to the IoT server;
6、家电设备的防伪生成装置对通讯模块进行编程,以确定补丁固件,也即pacth固件,应用固件等需要烧写的信息;6. The anti-counterfeit generation device of the home appliance programs the communication module to determine the patch firmware, that is, the pacth firmware, the application firmware and other information that needs to be programmed;
7、家电设备的防伪生成装置对通讯模块配置序列号,并将序列号、pacth固件、应用固件、MAC地址、license文件等信息烧写至通讯模块;7. The anti-counterfeit generating device of household appliances configures the serial number of the communication module, and writes the serial number, pacth firmware, application firmware, MAC address, license file and other information to the communication module;
8、在通讯模块与家电设备完成安装后,家电设备的防伪生成装置与家电设备连接,家电设备的防伪生成装置读取通讯模块的MAC地址以及序列号;8. After the communication module and the home appliance are installed, the anti-counterfeit generation device of the home appliance is connected to the home appliance, and the anti-counterfeit generation device of the home appliance reads the MAC address and serial number of the communication module;
9、家电设备的防伪生成装置查找与MAC地址对应的私钥,通过私钥对序列号进行签名,得到签名信息,并将签名信息存储至安全存储区域。9. The anti-counterfeit generating device of the home appliance finds a private key corresponding to the MAC address, signs the serial number with the private key, obtains signature information, and stores the signature information in a secure storage area.
本申请通过对家电设备的防伪生成装置对家电设备的防伪信息的制备流程简单,成本低;另外,由于防伪信息,也即签名信息存储在家电设备的安全存储区域,使得外部设备无法读取防伪信息,进而无法伪造该防伪信息,使得外部设备无法与物联网服务器连接,避免了物联网信息的非法获取的情况。In this application, the preparation process of the anti-counterfeiting information of the home appliance through the anti-counterfeiting generating device of the home appliance is simple and low cost. In addition, because the anti-counterfeiting information, that is, the signature information is stored in the secure storage area of the home appliance, the external device cannot read the anti-counterfeiting. Information, and thus cannot forge the anti-counterfeit information, making it impossible for external devices to connect with the Internet of Things server, and avoiding the illegal acquisition of Internet of Things information.
在本实施例提供的技术方案中,由于家电设备的防伪生成装置能够根据通讯模块的MAC地址生成防伪文件,以对防伪件生成私钥,从而采用私钥对通讯模块的序列号进行签名,得到签名信息,使得家电设备在与物联网连接后,通过签名信息的验证合法的接入物联网,从源头上解决了家电设备非法接入物联网,造成物联网信息的安全隐患的问题;在一实施例中,由于签名信息,存储于通讯模块所在的家电设备的安全存储局域,因安全存储区域中的信息无法被外部设备读取,使得签名信息不能被外部设备获取,也即使得其他设备无法从家电设备中获取签名信息以非法获取物联网中的信息,进一步保证了物联网信息的安全性。In the technical solution provided in this embodiment, since the anti-counterfeit generating device of a home appliance can generate an anti-counterfeit file according to the MAC address of the communication module to generate a private key for the anti-counterfeit piece, the private module is used to sign the serial number of the communication module to obtain The signature information enables home appliances to access the Internet of Things legally through the verification of the signature information after connecting to the Internet of Things, and solves the problem of hidden security risks of the Internet of Things information from the source when the appliance is illegally connected to the Internet of Things; In the embodiment, the signature information is stored in the secure storage local area of the home appliance device where the communication module is located. Because the information in the secure storage area cannot be read by the external device, the signature information cannot be obtained by the external device, that is, other devices Unable to obtain signature information from home appliances to illegally obtain information in the Internet of Things, further ensuring the security of the Internet of Things information.
基于上述家电设备的防伪制备方法,提出本申请家电设备的接入方法。Based on the anti-counterfeiting preparation method of the home appliance, the method for accessing the home appliance of the present application is proposed.
参照图2,图2为本申请家电设备的接入方法的第一实施例,所述家电设备的接入方法包括以下步骤:Referring to FIG. 2, FIG. 2 is a first embodiment of an access method for a home appliance of the present application. The access method for a home appliance includes the following steps:
步骤S40,在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;Step S40: After establishing a communication connection with the home appliance, obtain authentication information of the communication module of the home appliance;
在本实施例中,这里的家电设备由家电设备的防伪生成装置通过上述家电设备的防伪制备方法生成防伪信息,从而实现家电设备的防伪功能。家电设备在与物联网服务器建立通信连接后,物联网服务器会获取家电设备的通讯模块的验证信息,验证信息包括家电设备安全存储区域中的签名信息,通讯模块的MAC地址以及序列号。In this embodiment, the home appliance is generated by the anti-counterfeit generation device of the home appliance through the above-mentioned anti-counterfeit preparation method of the home appliance, thereby realizing the anti-counterfeit function of the home appliance. After the home appliance has established a communication connection with the IoT server, the IoT server will obtain the verification information of the communication module of the home appliance. The verification information includes the signature information in the secure storage area of the home appliance, the MAC address of the communication module, and the serial number.
家电设备在与物联网服务器建立连接后,会主动上传通讯模块的验证信息。或者,物联网服务器向家电设备的通讯模块获取验证信息。具体地,物联网服务器在与家电设备建立通信连接,开始计时,若计时时长达到预设时长(预设时长可为任意合适的数值,比如1min),且该段时间内家电设备并未上传通讯模块的验证信息,物联网服务器会向家电设备发送通信模块的验证信息的获取请求,以判断家电设备是否为非法连接。在物联网服务器发送获取请求后,若在一定时长内(一定时长可为任意合数的数值,例如,1min)还未接收到家电设备上传的验证信息时,物联网服务器断开与家电设备的通信连接。After the home appliance is connected to the Internet of Things server, it will actively upload the authentication information of the communication module. Alternatively, the IoT server obtains verification information from the communication module of the home appliance. Specifically, the IoT server establishes a communication connection with the home appliance and starts timing. If the timing reaches a preset time (the preset time may be any suitable value, such as 1min), and the home appliance does not upload communication during this time The verification information of the module. The IoT server sends a request for obtaining the verification information of the communication module to the home appliance to determine whether the home appliance is an illegal connection. After the IoT server sends an acquisition request, if the verification information uploaded by the home appliance has not been received within a certain period of time (a certain period of time can be any composite value, for example, 1 minute), the IoT server disconnects from the home appliance. Communication connection.
步骤S50,对所述验证信息进行验证;Step S50: verify the verification information;
步骤S60,在验证失败后,断开与所述家电设备的通信连接。Step S60: After the verification fails, disconnect the communication connection with the home appliance.
物联网服务器支持RSA、AES、SHA等加解密算法。在物联网服务器获得验证信息后,物联网服务器根据验证信息中的通讯模块的MAC地址,查找与MAC地址对应的公钥,从而根据公钥对验证信息中的签名信息进行解密,以得到验证序列号;物联网服务器判断验证序列号是否与通讯模块的序列号匹配,也即判断二者是否一致,若二者不一致,物联网服务器判定家电设备的接入验证失败,此时,断开与家电设备的连接。The IoT server supports encryption and decryption algorithms such as RSA, AES, and SHA. After the IoT server obtains the verification information, the IoT server finds the public key corresponding to the MAC address according to the MAC address of the communication module in the verification information, and then decrypts the signature information in the verification information according to the public key to obtain the verification sequence. The Internet of Things server determines whether the verification serial number matches the serial number of the communication module, that is, whether the two are consistent. If they are not the same, the Internet of Things server determines that the access verification of the home appliance has failed. At this time, it disconnects from the home appliance. Device connection.
在本实施例提供的技术方案,物联网服务器在建立与家电设备的连接后,获取家电设备的通讯模块的验证信息;再根据验证信息对家电设备的接入进行验证;若验证失败,则断开与家电设备的通信连接;由于物联网服务器通过对家电设备进行接入验证,使得物联网服务器能够鉴别非法连接的家电设备,以断开与该非法设备的通信连接,保证了物联网的信息安全性。In the technical solution provided in this embodiment, the IoT server obtains authentication information of the communication module of the home appliance after establishing a connection with the home appliance; and then verifies the access of the home appliance according to the verification information; if the verification fails, it disconnects Open the communication connection with the home appliance; because the IoT server performs access verification on the home appliance, the IoT server can identify the illegally connected home appliance to disconnect the communication with the illegal device, ensuring the information of the Internet of Things safety.
参照图3,本申请还提供一种家电设备的接入装置,所述家电设备的接入装置包括获取模块10、验证模块20以及连接模块30,其中;Referring to FIG. 3, the present application further provides an access device for a home appliance, where the access device includes an acquisition module 10, a verification module 20, and a connection module 30, among which;
所述获取模块10,设置为在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;The obtaining module 10 is configured to obtain verification information of the communication module of the home appliance after establishing a communication connection with the home appliance;
这里的家电设备由家电设备的防伪生成装置通过上述家电设备的防伪制备方法生成防伪信息,从而实现家电设备的防伪功能。家电设备的接入装置可以为物联网服务器;或者,中间设备,即家电设备通过家电设备的接入装置与物联网服务器通信连接。The home appliance here generates anti-counterfeiting information by the anti-counterfeiting generating device of the home appliance through the anti-counterfeiting preparation method of the home appliance, thereby realizing the anti-counterfeiting function of the home appliance. The access device of the home appliance may be an Internet of Things server; or, the intermediate device, that is, the home appliance is communicatively connected to the Internet of Things server through the access device of the home appliance.
家电设备在与家电设备的接入装置建立通信连接后,获取模块10获取家电设备的通讯模块的验证信息,验证信息包括家电设备安全存储区域中的签名信息,通讯模块的MAC地址以及序列号。After the home appliance has established a communication connection with the access device of the home appliance, the acquisition module 10 obtains verification information of the communication module of the home appliance. The verification information includes signature information in the secure storage area of the home appliance, the MAC address of the communication module, and the serial number.
所述验证模块20,设置为对所述验证信息进行验证;The verification module 20 is configured to verify the verification information;
所述连接模块30,设置为在验证失败后,断开与所述家电设备的通信连接。The connection module 30 is configured to disconnect the communication connection with the home appliance after the verification fails.
在家电设备的接入装置获得验证信息后,验证模块20根据验证信息中的通讯模块的MAC地址,查找与MAC地址对应的公钥,从而根据公钥对验证信息中的签名信息进行解密,以得到验证序列号。然后验证模块20判断验证序列号是否与通讯模块的序列号匹配,也即判断二者是否一致,若二者不一致,家电设备的接入装置判定家电设备的接入验证失败,此时,连接模块30断开接入装置与家电设备的连接。After the access device of the household electrical appliance obtains the verification information, the verification module 20 searches for the public key corresponding to the MAC address according to the MAC address of the communication module in the verification information, thereby decrypting the signature information in the verification information according to the public key, and Get the verification serial number. Then the verification module 20 determines whether the verification serial number matches the serial number of the communication module, that is, determines whether the two are consistent. If the two do not match, the access device of the home appliance determines that the access verification of the home appliance has failed. At this time, the connection module 30 Disconnect the access device from the home appliance.
在本实施例提供的技术方案,家电设备的接入装置在建立与家电设备的连接后,获取家电设备的通讯模块的验证信息;再根据验证信息对家电设备的接入进行验证;若验证失败,则断开与家电设备的通信连接;由于家电设备的接入装置通过对家电设备进行接入验证,使得家电设备的接入装置能够鉴别非法连接的家电设备,以断开与该非法设备的通信连接,保证了物联网的信息安全性。In the technical solution provided in this embodiment, the access device of the home appliance acquires authentication information of the communication module of the home appliance after establishing a connection with the home appliance; and then verifies the access of the home appliance according to the verification information; if the verification fails , The communication connection with the home appliance is disconnected; since the access device of the home appliance performs access verification on the home appliance, the access device of the home appliance can identify an illegally connected home appliance to disconnect the illegal device. The communication connection ensures the information security of the Internet of Things.
家电设备的接入装置还包括接收模块40。家电设备在与家电设备的接入装置建立连接后,会主动上传通讯模块的验证信息,此时,接收模块40接收家电设备主动上传的验证信息。The access device of the home appliance further includes a receiving module 40. After the home appliance is connected to the access device of the home appliance, it will actively upload the verification information of the communication module. At this time, the receiving module 40 receives the verification information actively uploaded by the home appliance.
家电设备的接入装置还包括发送模块50。家电设备的接入装置在与家电设备建立通信连接,开始计时,若计时时长达到预设时长(预设时长可为任意合适的数值,比如1min),且该段时间内家电设备并未上传通讯模块的验证信息,发送模块50会向家电设备发送通信模块的验证信息的获取请求,以判断家电设备是否为非法连接。另外,在物联网服务器发送获取请求后,若在一定时长内(一定时长可为任意合数的数值,例如,1min)还未接收到家电设备上传的验证信息时,物联网服务器断开与家电设备的通信连接。The access device of the home appliance further includes a sending module 50. The access device of the household electrical appliance establishes a communication connection with the household electrical appliance and starts timing. If the timing duration reaches a preset duration (the preset duration can be any suitable value, such as 1min), and the household electrical equipment does not upload communication during this period of time The verification information of the module. The sending module 50 sends a request for obtaining the verification information of the communication module to the home appliance to determine whether the home appliance is an illegal connection. In addition, after the IoT server sends the acquisition request, if the verification information uploaded by the home appliance has not been received within a certain period of time (a certain period of time can be any composite value, for example, 1 minute), the IoT server disconnects from the home appliance The communication connection of the device.
本申请还提供一种家电设备,所述家电设备包括通讯模块,用于与外部设备建立通信;且所述家电设备还设有安全存储区域,所述安全存储区域存储有所述通讯模块的序列号对应的签名信息。This application also provides a home appliance device, the home appliance device includes a communication module for establishing communication with an external device; and the home appliance device is also provided with a secure storage area that stores a sequence of the communication module The corresponding signature information.
在一实施例中,所述家电设备由上所述的家电设备的防伪制备方法生成防伪信息,实现家电设备的防伪功能。In an embodiment, the home appliance generates anti-counterfeit information by the anti-counterfeit preparation method of the home appliance described above, and realizes the anti-counterfeiting function of the home appliance.
本申请还提供一种家电设备的防伪生成设备,包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的防伪生成程序,所述防伪生成程序被所述处理器调用,并执行如上实施例所述的家电设备的防伪制备方法的各个步骤,以实现家电设备的防伪功能。The application also provides an anti-counterfeit generation device for a home appliance, comprising a processor, a memory, and an anti-counterfeit generation program stored on the memory and operable on the processor, the anti-counterfeit generation program being called by the processor And execute the steps of the anti-counterfeiting preparation method of the home appliance as described in the above embodiment to implement the anti-counterfeiting function of the home appliance.
在一实施例中,所述家电设备的防伪生成设备还包括一密钥生成装置,用于生成所述防伪文件对应的公钥以及私钥。密钥生成装置支持加解密算法,加解密算法可为RSA、AES、SHA等算法。In an embodiment, the anti-counterfeit generation device of the home appliance further includes a key generation device for generating a public key and a private key corresponding to the anti-counterfeit file. The key generation device supports encryption and decryption algorithms. The encryption and decryption algorithms can be RSA, AES, SHA and other algorithms.
密钥生成装置为家电设备的防伪生成设备的部件。密钥生成装置也可为独立设备,能够与家电设备的防伪生成设备连接,以生成防伪文件对应的公钥以及私钥;密钥生成装置可以为USB Key,USB Key通过USB接口插入家电的防伪生成设备,以实现USB Key与家电的防伪生成设备的连接。The key generation device is a component of an anti-counterfeit generation device of a home appliance. The key generation device can also be an independent device, which can be connected to the anti-counterfeit generation device of the home appliance to generate a public key and a private key corresponding to the anti-counterfeit file; the key generation device can be a USB Key, USB Key is inserted into the anti-counterfeit generation device of the home appliance through the USB interface to realize the connection between the USB Key and the anti-counterfeit generation device of the home appliance.
本申请还提供一种物联网服务器,所述物联网服务器包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的家电设备的接入程序,所述家电设备的接入程序被所述处理器执行时实现如上实施例所述的家电设备的接入方法的各个步骤。The application also provides an Internet of Things server. The Internet of Things server includes a processor, a memory, and an access program for a home appliance that is stored on the memory and can run on the processor. When the entry program is executed by the processor, each step of the method for accessing the home appliance as described in the foregoing embodiment is implemented.
上述本申请实施例序号仅仅为了描述,不代表实施例的优劣。The above-mentioned serial numbers of the embodiments of the present application are merely for description, and do not represent the superiority or inferiority of the embodiments.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, in this article, the terms "including", "including" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device including a series of elements includes not only those elements, It also includes other elements not explicitly listed, or elements inherent to such a process, method, article, or device. Without more restrictions, an element limited by the sentence "including a ..." does not exclude that there are other identical elements in the process, method, article, or device that includes the element.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在如上所述的一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the methods in the above embodiments can be implemented by means of software plus a necessary universal hardware platform, and of course, also by hardware, but in many cases the former is better. Implementation. Based on such an understanding, the technical solution of this application that is essentially or contributes to the existing technology can be embodied in the form of a software product. The computer software product is stored in a storage medium (such as ROM / RAM) as described above. , Magnetic disk, optical disc), including a number of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to execute the methods described in the embodiments of the present application.
以上仅为本申请的优选实施例,并非因此限制本申请的专利范围,凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。The above are only preferred embodiments of the present application, and thus do not limit the patent scope of the present application. Any equivalent structure or equivalent process transformation made by using the contents of the specification and drawings of the present application, or directly or indirectly used in other related technical fields Are included in the scope of patent protection of this application.

Claims (15)

  1. 一种家电设备的防伪制备方法,其中,所述家电设备的防伪制备方法包括以下步骤:An anti-counterfeiting preparation method for a home appliance, wherein the anti-counterfeiting preparation method for a home appliance includes the following steps:
    获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address;
    生成所述防伪文件对应的私钥以及公钥;Generating a private key and a public key corresponding to the anti-counterfeit file;
    根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  2. 如权利要求1所述的家电设备的防伪制备方法,其中,所述生成所述防伪文件对应的私钥以及公钥的步骤之后还包括:The method for preparing anti-counterfeiting of a home appliance according to claim 1, wherein after the step of generating a private key and a public key corresponding to the anti-counterfeiting file, further comprising:
    存储所述私钥以及所述MAC地址,并将所述公钥以及所述MAC地址发送至物联网服务器。Store the private key and the MAC address, and send the public key and the MAC address to an Internet of Things server.
  3. 如权利要求2所述的家电设备的防伪制备方法,其中,所述根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在设备的安全存储区域的步骤包括:The anti-counterfeiting preparation method for a home appliance device according to claim 2, wherein the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a place where the communication module is located The steps for the device's secure storage area include:
    在连接所述通讯模块所在的设备后,获取所述通讯模块的MAC地址以及序列号;Obtain the MAC address and serial number of the communication module after connecting the device where the communication module is located;
    获取所述MAC地址对应的私钥,以根据所述私钥对所述序列号进行签名,得到签名信息;Obtaining a private key corresponding to the MAC address to sign the serial number according to the private key to obtain signature information;
    将签名信息存储至所述通讯模块所在设备的安全存储区域。The signature information is stored in a secure storage area of a device where the communication module is located.
  4. 如权利要求2所述的家电设备的防伪制备方法,其中,所述生成所述防伪文件对应的公钥以及私钥的步骤包括:The method for preparing anti-counterfeiting of a home appliance according to claim 2, wherein the step of generating a public key and a private key corresponding to the anti-counterfeiting file comprises:
    采用密钥生成装置生成所述防伪文件对应的公钥以及私钥。A key generation device is used to generate a public key and a private key corresponding to the anti-counterfeit file.
  5. 如权利要求1所述的家电设备的防伪制备方法,其中,所述根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在设备的安全存储区域的步骤之前,还包括:The anti-counterfeiting preparation method for a home appliance device according to claim 1, wherein the serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a place where the communication module is located Before the steps of the device's secure storage area, it also includes:
    确定所述通讯模块的补丁固件、应用固件以及序列号; Determining the patch firmware, application firmware, and serial number of the communication module;
    将所述补丁固件、应用固件、防伪文件、序列号以及MAC地址写入至所述通讯模块。Write the patch firmware, application firmware, anti-counterfeit file, serial number, and MAC address to the communication module.
  6. 如权利要求1所述的家电设备的防伪制备方法,其中,所述获取通讯模块的MAC地址的步骤之前,还包括:The anti-counterfeiting preparation method for a home appliance according to claim 1, wherein before the step of obtaining a MAC address of the communication module, further comprising:
    对所述通讯模块进行射频校准。Perform radio frequency calibration on the communication module.
  7. 一种家电设备的接入方法,其中,所述家电设备的接入方法包括以下步骤:A method for accessing home appliances, wherein the method for accessing home appliances includes the following steps:
    在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;Acquiring communication information of a communication module of the home appliance after establishing a communication connection with the home appliance;
    对所述验证信息进行验证;Verifying the verification information;
    在验证失败后,断开与所述家电设备的通信连接。 After the verification fails, the communication connection with the home appliance is disconnected.
  8. 如权利要求7所述的家电设备的接入方法,其中,所述验证信息包括所述通讯模块的序列号、MAC地址以及对所述序列号的签名信息,所述对所述验证信息进行验证的步骤包括:The method for accessing a home appliance according to claim 7, wherein the verification information includes a serial number, a MAC address, and signature information of the serial number of the communication module, and the verification is performed on the verification information The steps include:
    获取所述MAC地址对应的公钥,以对所述签名信息进行解密,得到验证序列号;Obtaining a public key corresponding to the MAC address to decrypt the signature information to obtain a verification sequence number;
    判断所述验证序列号是否匹配所述通讯模块的序列号,其中,在所述验证序列号不匹配所述通讯模块的序列号时,判定验证失败。It is determined whether the verification serial number matches the serial number of the communication module, and when the verification serial number does not match the serial number of the communication module, it is determined that the verification has failed.
  9. 如权利要求7所述的家电设备的接入方法,其中,所述在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息的步骤包括:The method for accessing a home appliance according to claim 7, wherein after the establishing a communication connection with the home appliance, obtaining the authentication information of the communication module of the home appliance comprises:
    在建立与家电设备的通信连接后,接收所述家电设备上传的通讯模块的验证信息;或者,After establishing a communication connection with a home appliance, receiving verification information of a communication module uploaded by the home appliance; or
    在建立与家电设备的通信连接后,向所述家电设备发送通讯模块的验证信息的获取请求,以接收所述家电设备上传的所述验证信息。After establishing a communication connection with a home appliance, a request for obtaining authentication information of a communication module is sent to the home appliance to receive the verification information uploaded by the home appliance.
  10. 一种家电设备,其中,所述家电设备包括通讯模块,设置为与外部设备建立通信;且所述家电设备还设有安全存储区域,所述安全存储区域存储有所述通讯模块的序列号对应的签名信息。A home appliance, wherein the home appliance includes a communication module configured to establish communication with an external device; and the home appliance further includes a secure storage area, where the serial number of the communication module is stored in the secure storage area. Signature information.
  11. 如权利要求10所述的家电设备,其中,所述家电设备由权利要求1所述的家电设备的防伪制备方法制得。The home appliance according to claim 10, wherein the home appliance is manufactured by the anti-counterfeiting preparation method for a home appliance according to claim 1.
  12. 一种家电设备的防伪生成设备,其中,包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的防伪生成程序,所述防伪生成程序被所述处理器调用,并执行以下步骤:An anti-counterfeit generation device for a home appliance includes a processor, a memory, and an anti-counterfeit generation program stored on the memory and operable on the processor. The anti-counterfeit generation program is called by the processor, and Perform the following steps:
    获取通讯模块的MAC地址,以根据所述MAC地址生成防伪文件;Obtaining the MAC address of the communication module to generate an anti-counterfeit file according to the MAC address;
    生成所述防伪文件对应的私钥以及公钥;Generating a private key and a public key corresponding to the anti-counterfeit file;
    根据所述私钥,对所述通讯模块的序列号进行签名,得到签名信息,并将签名信息存储至所述通讯模块所在家电设备的安全存储区域。The serial number of the communication module is signed according to the private key to obtain signature information, and the signature information is stored in a secure storage area of the home appliance device where the communication module is located.
  13. 如权利要求12所述的家电设备的防伪生成设备,其中,所述家电设备的防伪生成设备还包括一密钥生成装置,用于生成所述防伪文件对应的公钥以及私钥。The anti-counterfeit generation device of the home appliance according to claim 12, wherein the anti-counterfeit generation device of the home appliance further comprises a key generation device for generating a public key and a private key corresponding to the anti-counterfeit file.
  14. 一种家电设备的接入装置,其中,所述家电设备的接入装置包括:An access device for a home appliance, wherein the access device for a home appliance includes:
    获取模块,设置为在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;The obtaining module is configured to obtain verification information of the communication module of the home appliance after establishing a communication connection with the home appliance;
    验证模块,设置为对所述验证信息进行验证;A verification module configured to verify the verification information;
    连接模块,设置为在验证失败后,断开与所述家电设备的通信连接。The connection module is configured to disconnect the communication connection with the home appliance after the verification fails.
  15. 一种物联网服务器,其中,所述物联网服务器包括处理器、存储器和存储在所述存储器上并可在所述处理器上运行的家电设备的接入程序,所述家电设备的接入程序被所述处理器执行时实现以下步骤:An Internet of Things server, wherein the Internet of Things server includes a processor, a memory, and an access program of a home appliance that is stored on the memory and can run on the processor, and an access program of the home appliance When executed by the processor, the following steps are implemented:
    在建立与家电设备的通信连接后,获取所述家电设备的通讯模块的验证信息;Acquiring communication information of a communication module of the home appliance after establishing a communication connection with the home appliance;
    对所述验证信息进行验证;Verifying the verification information;
    在验证失败后,断开与所述家电设备的通信连接。After the verification fails, the communication connection with the home appliance is disconnected.
PCT/CN2018/108967 2018-08-29 2018-09-30 Household appliance, and anti-counterfeiting generation device, anti-counterfeiting preparation method and access method therefor WO2020042276A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811000760.7 2018-08-29
CN201811000760.7A CN109245898A (en) 2018-08-29 2018-08-29 Household appliance and its anti-fake generating device, anti-fake preparation method and its cut-in method

Publications (1)

Publication Number Publication Date
WO2020042276A1 true WO2020042276A1 (en) 2020-03-05

Family

ID=65068993

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/108967 WO2020042276A1 (en) 2018-08-29 2018-09-30 Household appliance, and anti-counterfeiting generation device, anti-counterfeiting preparation method and access method therefor

Country Status (2)

Country Link
CN (1) CN109245898A (en)
WO (1) WO2020042276A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325427A1 (en) * 2009-06-22 2010-12-23 Nokia Corporation Method and apparatus for authenticating a mobile device
CN202713371U (en) * 2012-08-03 2013-01-30 北京中创智信科技有限公司 Electronic signature device and electronic signature system
CN103078742A (en) * 2013-01-10 2013-05-01 天地融科技股份有限公司 Generation method and system of digital certificate
CN103701613A (en) * 2014-01-06 2014-04-02 立德高科(北京)数码科技有限责任公司 Bidirectional authentication method between authentication terminal and host and device
CN108366063A (en) * 2018-02-11 2018-08-03 广东美的厨房电器制造有限公司 Data communications method, device and its equipment of smart machine

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325427A1 (en) * 2009-06-22 2010-12-23 Nokia Corporation Method and apparatus for authenticating a mobile device
CN202713371U (en) * 2012-08-03 2013-01-30 北京中创智信科技有限公司 Electronic signature device and electronic signature system
CN103078742A (en) * 2013-01-10 2013-05-01 天地融科技股份有限公司 Generation method and system of digital certificate
CN103701613A (en) * 2014-01-06 2014-04-02 立德高科(北京)数码科技有限责任公司 Bidirectional authentication method between authentication terminal and host and device
CN108366063A (en) * 2018-02-11 2018-08-03 广东美的厨房电器制造有限公司 Data communications method, device and its equipment of smart machine

Also Published As

Publication number Publication date
CN109245898A (en) 2019-01-18

Similar Documents

Publication Publication Date Title
WO2020147383A1 (en) Process examination and approval method, device and system employing blockchain system, and non-volatile storage medium
WO2019132272A1 (en) Id as blockchain based service
WO2021003975A1 (en) Gateway interface test method, terminal device, storage medium and apparatus
WO2018151390A1 (en) Internet of things device
WO2014175538A1 (en) Apparatus for providing puf-based hardware otp and method for authenticating 2-factor using same
WO2014044065A1 (en) Method and system for securely accessing portable hotspot of smart phones
WO2014092511A1 (en) Method and apparatus for protecting an application program
WO2013170653A1 (en) Unlocking system and method for screen lock
WO2018000674A1 (en) Network connection method, network connection device, and terminal
WO2016064041A1 (en) User terminal using hash value to detect whether application program has been tampered and method for tamper detection using the user terminal
WO2020253120A1 (en) Webpage registration method, system and device, and computer storage medium
WO2013149548A1 (en) Cell phone data encryption method and decryption method
WO2020186775A1 (en) Service data providing method, apparatus and device, and computer-readable storage medium
WO2019098790A1 (en) Electronic device and method for transmitting and receiving data on the basis of security operating system in electronic device
WO2019182377A1 (en) Method, electronic device, and computer-readable recording medium for generating address information used for transaction of blockchain-based cryptocurrency
WO2017111483A1 (en) Biometric data-based authentication device, control server and application server linked to same, and method for operating same
WO2018053904A1 (en) Information processing method and terminal
WO2017016272A1 (en) Method, apparatus and system for processing virtual resource data
WO2018000640A1 (en) Voice encryption testing method and testing device
WO2020032351A1 (en) Method for establishing anonymous digital identity
WO2012109985A1 (en) Java-based mobile terminal authentication system and method, server and terminal
WO2020122368A1 (en) System and method for securing and managing data in storage device by using secure terminal
WO2017067285A1 (en) Method and device for signing phone-flashing system image and terminal
WO2018032583A1 (en) Method and apparatus for acquiring location information of terminal
WO2016064040A1 (en) User terminal using signature information to detect whether application program has been tampered and method for tamper detection using the user terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18932186

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 06/08/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18932186

Country of ref document: EP

Kind code of ref document: A1