CN112600865A - Reliable identity and version information authentication method for Internet of things equipment - Google Patents
Reliable identity and version information authentication method for Internet of things equipment Download PDFInfo
- Publication number
- CN112600865A CN112600865A CN202110248649.5A CN202110248649A CN112600865A CN 112600865 A CN112600865 A CN 112600865A CN 202110248649 A CN202110248649 A CN 202110248649A CN 112600865 A CN112600865 A CN 112600865A
- Authority
- CN
- China
- Prior art keywords
- information
- internet
- things equipment
- identity
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 230000004044 response Effects 0.000 claims abstract description 14
- 230000007246 mechanism Effects 0.000 abstract description 10
- 230000003993 interaction Effects 0.000 abstract description 5
- 230000008569 process Effects 0.000 abstract description 4
- 230000002452 interceptive effect Effects 0.000 abstract description 3
- 238000007711 solidification Methods 0.000 abstract description 2
- 230000008023 solidification Effects 0.000 abstract description 2
- 230000008859 change Effects 0.000 abstract 1
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000012466 permeate Substances 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y40/00—IoT characterised by the purpose of the information processing
- G16Y40/50—Safety; Security of things, users, data or systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention belongs to the technical field of Internet of things, and relates to a reliable identity and version information authentication method for Internet of things equipment, which comprises the following steps: step 1: acquiring dynamic identity information of a management host, recording a timestamp of the current identity information, and sending the dynamic identity information and the timestamp to the Internet of things equipment; step 2: carrying out combined encryption with the equipment information to obtain encrypted information; and step 3: the management host records the response information and the time stamp of the corresponding dynamic identity information; and 4, step 4: the management host can be verified to pass when inputting the corresponding response information, and the management and control message corresponding to the management host is issued. The invention can make the key identity interaction information dynamically change, and the generation is invalid and can not be copied; a plurality of authentication mechanisms are not needed, a simple interactive process is realized, and excessive cost is not needed; the flexible splicing mechanism of the solidification information and the dynamic information adapts to a large number of different encryption modes and is suitable for a large number of scenes of the Internet of things equipment.
Description
Technical Field
The invention relates to a reliable identity and version information authentication method for equipment of the Internet of things, and belongs to the technical field of the Internet of things.
Background
The internet of things is called a third wave of information industry after the internet and the mobile communication network, and can realize wide connection between objects and between people and objects. In recent years, the development of the internet of things is rapid, the scale of equipment is rapidly permeating into various fields such as production, consumption, social management and the like, the equipment scale shows an explosive growth trend, and the equipment gradually permeates into the aspects of production and life of people, so that convenience is brought to people to know the surrounding environment in time and assist daily work.
The unified management of the internet of things equipment is key work of subsequent large-scale development of the internet of things, but a relatively troublesome problem still exists in an identity confirmation mechanism of the internet of things equipment and cannot be solved, namely, the existing authentication method has relatively serious loopholes, when a master station confirms the version model of a type manufacturer of the equipment through equipment interaction information, some information is directly exchanged by plaintext, and some information is exchanged by using a ciphertext authentication mode, but the information cannot be intercepted by other imitation equipment and falsely exchanged by using the messages successfully, so that great disturbance is brought to the management of the internet of things equipment, the correctness of authentication is in doubt, meanwhile, the risk of node invasion cannot be really reduced through authentication, and great potential hazards exist in safety.
However, in some high-precision internet-of-things equipment fields, the equipment itself contains knowledge achievements such as high-value-added edge algorithms, and the equipment is placed in edge nodes, so that physical management is difficult. There is a need for a mechanism to help accurately identify counterfeit devices and protect the results of knowledge.
Disclosure of Invention
In order to solve the technical problems, the invention provides a reliable identity and version information authentication method for internet of things equipment, which has the following specific technical scheme:
a reliable identity and version information authentication method for Internet of things equipment is characterized by comprising the following steps: the method comprises the following steps:
step 1: acquiring dynamic identity information of a management host, recording a timestamp of the current identity information, and sending the dynamic identity information and the timestamp to the Internet of things equipment;
step 2: the Internet of things equipment receives the dynamic identity information and the timestamp obtained in the step 1, and performs combined encryption with the equipment information to obtain encrypted information;
and step 3: the Internet of things equipment provides response information corresponding to the encrypted information obtained in the step 2 to the management host, and the management host records the response information and the time stamp corresponding to the dynamic identity information;
and 4, step 4: the management host can be verified to pass when inputting the corresponding response information, and the management and control message corresponding to the management host is issued.
Further, the time stamp in step 1 includes year, month, day, hour, minute and second.
Further, in step 2, the device information is encrypted into a 32-bit dynamic ciphertext.
The invention has the beneficial effects that: the key identity interaction information is dynamically changed, and is invalid when being generated and cannot be copied; a plurality of authentication mechanisms are not needed, a simple interactive process is realized, and excessive cost is not needed; the flexible splicing mechanism of the solidification information and the dynamic information adapts to a large number of different encryption modes and is suitable for a large number of scenes of the Internet of things equipment.
Drawings
FIG. 1 is a schematic of the process of the present invention;
fig. 2 is a flow chart of the method of the present invention.
Detailed Description
The present invention will now be described in further detail with reference to the accompanying drawings. These drawings are simplified schematic views illustrating only the basic structure of the present invention in a schematic manner, and thus show only the constitution related to the present invention.
Fig. 1 shows the correspondence of the method of the present invention, and fig. 2 is a flowchart of the reliable identity and version information authentication method for the internet of things device of the present invention. The method comprises the following steps:
step 1: acquiring dynamic identity information of a management host, recording a timestamp of the current identity information, and sending the dynamic identity information and the timestamp to the Internet of things equipment; the time stamps include year, month, day, hour, minute, and second. And dynamic encryption interaction is carried out on the identity information by the management main station issuing the time stamp for inquiring the identity information as a dynamic parameter variable. The date and time of the dynamic information part can include year, month, day, hour, minute and second, even reach millisecond level, and preparation is made for setting a dynamic ciphertext subsequently, so that the irreproducibility of the interactive message is greatly enhanced.
Step 2: the Internet of things equipment receives the dynamic identity information and the timestamp obtained in the step 1, and performs combined encryption with the equipment information to obtain encrypted information; the device information is encrypted into 32-bit dynamic ciphertext. Different ciphertexts are set through the time stamps corresponding to the dynamic identity information, the randomness is extremely strong, and the possibility of being decoded is greatly reduced.
And step 3: the Internet of things equipment provides response information corresponding to the encrypted information obtained in the step 2 to the management host, and the management host records the response information and the time stamp corresponding to the dynamic identity information; the method is not only beneficial to sending the cryptographs at different time, but also convenient for searching information in the following process.
And 4, step 4: the management host can be verified to pass when inputting the corresponding response information, and the management and control message corresponding to the management host is issued. The encryption algorithm is not limited, the time and date and equipment information splicing mechanism is not limited, and the time and date and the equipment information splicing mechanism can be flexibly set according to requirements. The current situation of a great variety of Internet of things equipment can be met. The method solves the problem that the prior method can not avoid the risk of stealing the authentication method by people.
Taking the following examples as examples, the effects described are demonstrated to be achieved:
step 1: acquiring the dynamic identity information of the management host,
the device information of the management host is as follows: D-Link-850L-V232.21.0091-No.12001341
The dynamic information is as follows: 2020-12-1218:15:10
Step 2: the Internet of things equipment receives the dynamic identity information and the timestamp obtained in the step 1, and performs combined encryption with the equipment information to obtain encrypted information; the device information is encrypted into 32-bit dynamic ciphertext. The information splicing mechanism is as follows: the information splicing is carried out in a staggered splicing mode by adopting the equipment information and the dynamic time as follows:
D-2020-Link-12-850L-12-V232-18-21-15-10-0091-No.12001341
the dynamic ciphertext produced by the 32-bit MD5 encryption is: 236C376AA7D579D45C1AF3F938B5F888
And step 3: the internet of things equipment provides response information corresponding to the encrypted information obtained in the step 2 as follows: the authentication message replaces the original fixed ciphertext form with the dynamic ciphertext:
68 32 28 12 a0 77 47 32 23 6C 37 6A A7 D5 79 D4 5C 1A F3 F9 38 B5 F8 88 43 16
the information is transmitted to a management host computer, and the management host computer records the response information and the time stamp of the corresponding dynamic identity information; for subsequent information lookup.
And 4, step 4: the management host can be verified to pass when inputting the corresponding response information, and the management and control message corresponding to the management host is issued. And the master station equipment analyzes and confirms the equipment information through the ciphertext.
Finally, the method obtains the ciphertext which cannot be copied and stolen, and obtains accurate information through the ciphertext, so that the method is strong in confidentiality and high in accuracy.
Therefore, the method can obtain different dynamic identity information at different time, so that the key identity interaction information is dynamically changed without various authentication mechanisms and increasing the cost; the method is suitable for a plurality of scenes of the Internet of things equipment.
In light of the foregoing description of the preferred embodiment of the present invention, many modifications and variations will be apparent to those skilled in the art without departing from the spirit and scope of the invention. The technical scope of the present invention is not limited to the content of the specification, and must be determined according to the scope of the claims.
Claims (3)
1. A reliable identity and version information authentication method for Internet of things equipment is characterized by comprising the following steps: the method comprises the following steps:
step 1: acquiring dynamic identity information of a management host, recording a timestamp of the current identity information, and sending the dynamic identity information and the timestamp to the Internet of things equipment;
step 2: the Internet of things equipment receives the dynamic identity information and the timestamp obtained in the step 1, and performs combined encryption with the equipment information to obtain encrypted information;
and step 3: the Internet of things equipment provides response information corresponding to the encrypted information obtained in the step 2 to the management host, and the management host records the response information and the time stamp corresponding to the dynamic identity information;
and 4, step 4: the management host can be verified to pass when inputting the corresponding response information, and the management and control message corresponding to the management host is issued.
2. The reliable identity and version information authentication method for the internet of things equipment according to claim 1, characterized in that: the time stamp in the step 1 includes year, month, day, hour, minute and second.
3. The reliable identity and version information authentication method for the internet of things equipment according to claim 1, characterized in that: and in the step 2, the device information is encrypted into 32-bit dynamic ciphertext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110248649.5A CN112600865A (en) | 2021-03-08 | 2021-03-08 | Reliable identity and version information authentication method for Internet of things equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110248649.5A CN112600865A (en) | 2021-03-08 | 2021-03-08 | Reliable identity and version information authentication method for Internet of things equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112600865A true CN112600865A (en) | 2021-04-02 |
Family
ID=75210284
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110248649.5A Pending CN112600865A (en) | 2021-03-08 | 2021-03-08 | Reliable identity and version information authentication method for Internet of things equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112600865A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491090A (en) * | 2013-09-23 | 2014-01-01 | 金蝶软件(中国)有限公司 | Safety authentication method, device and system |
| CN105681247A (en) * | 2014-11-17 | 2016-06-15 | 中国移动通信集团广东有限公司 | Safety authentication method and device, authentication server and system |
| US9813409B2 (en) * | 2014-03-27 | 2017-11-07 | Yahya Zia | Method of dynamically adapting a graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium |
| CN107395341A (en) * | 2017-06-23 | 2017-11-24 | 陈景辉 | A kind of Internet of Things safety certification chip and the access control method based on the chip |
| CN108900306A (en) * | 2018-07-02 | 2018-11-27 | 四川斐讯信息技术有限公司 | A kind of production method and system of wireless router digital certificate |
| CN111049643A (en) * | 2018-10-12 | 2020-04-21 | 浙江宇视科技有限公司 | A method and system for quickly obtaining a temporary password |
-
2021
- 2021-03-08 CN CN202110248649.5A patent/CN112600865A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491090A (en) * | 2013-09-23 | 2014-01-01 | 金蝶软件(中国)有限公司 | Safety authentication method, device and system |
| US9813409B2 (en) * | 2014-03-27 | 2017-11-07 | Yahya Zia | Method of dynamically adapting a graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium |
| CN105681247A (en) * | 2014-11-17 | 2016-06-15 | 中国移动通信集团广东有限公司 | Safety authentication method and device, authentication server and system |
| CN107395341A (en) * | 2017-06-23 | 2017-11-24 | 陈景辉 | A kind of Internet of Things safety certification chip and the access control method based on the chip |
| CN108900306A (en) * | 2018-07-02 | 2018-11-27 | 四川斐讯信息技术有限公司 | A kind of production method and system of wireless router digital certificate |
| CN111049643A (en) * | 2018-10-12 | 2020-04-21 | 浙江宇视科技有限公司 | A method and system for quickly obtaining a temporary password |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112929172B (en) | System, method and device for dynamically encrypting data based on key bank | |
| CN109271798A (en) | Sensitive data processing method and system | |
| CN110601931B (en) | Batch configuration method and system of intelligent home system | |
| WO2010072086A1 (en) | Key certificate generation method and system used for home gateway | |
| CN111970109B (en) | Data transmission method and system | |
| CN1971578A (en) | Secure license key method and system | |
| CN113468584A (en) | Information management method and device, electronic equipment and storage medium | |
| CN114254373B (en) | An encrypted transmission method, device and system | |
| CN113254983B (en) | Data processing method and device | |
| CN112600865A (en) | Reliable identity and version information authentication method for Internet of things equipment | |
| Liao et al. | Realization of a secure visible light communication system via chaos synchronization | |
| US20200126541A1 (en) | Phonetic Representor, System, and Method | |
| CN115208630B (en) | Block chain-based data acquisition method and system and block chain system | |
| CN117395068A (en) | SSH account encryption or decryption method, automatic network equipment configuration method and equipment | |
| CN113326506B (en) | Applet monitoring method and device | |
| CN110708302B (en) | Dynamic two-dimensional code key manager based on positioning sensing data and method thereof | |
| CN115694865A (en) | Method and device for processing extranet access | |
| CN119628886B (en) | Data management method and system based on OPC UA information model | |
| CN112311609A (en) | Method for pulling abnormal log in network-free environment of child telephone watch | |
| CN111355748A (en) | Data submitting method | |
| CN116582534B (en) | Method and system for realizing data broadcasting | |
| CN109218293B (en) | Use method of distributed password service platform key management | |
| CN117749526B (en) | A cloud computing-based educational resource sharing method and system | |
| CN116980119B (en) | Data watermark tracing method in Internet of things access control based on 4W1L model | |
| CN118656877B (en) | Data voucher generation and business data restoration method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210402 |
|
| RJ01 | Rejection of invention patent application after publication |