CN118118231A

CN118118231A - Transmission method and device based on secure encryption key

Info

Publication number: CN118118231A
Application number: CN202410187421.3A
Authority: CN
Inventors: 李卫华; 王刚; 戴翚; 王天琦; 许辉
Original assignee: Hangzhou Renhe Information Technology Co ltd
Current assignee: Hangzhou Renhe Information Technology Co ltd
Priority date: 2024-02-20
Filing date: 2024-02-20
Publication date: 2024-05-31

Abstract

The invention discloses a transmission method and a device based on a secure encryption key, wherein the transmission method comprises the following steps: the KMS randomly generates a random number TK according to a current time stamp or other discrete factors, and generates a device secret key according to a device serial number, wherein the secret key comprises MK, AK and EK; encrypting the TK and the secret key, outputting ciphertext of the secret key and the TK as a transmission file, and synchronously calculating to generate a signature file; when the electric power user receives the transmission file and the signature file, the KMS uses the manufacturer public key to verify the signature method, and the electric power user decrypts the private key to obtain legal key information. The invention can ensure the safety of key transmission, tamper resistance and legal data content.

Description

Transmission method and device based on secure encryption key

Technical Field

The application relates to the technical field of secret key transmission, in particular to a transmission method and device based on a secure encryption secret key.

Background

The intelligent electric energy meter is an indispensable important component in the AMI solution, is the equipment at the bottommost layer of an AMI system, is also a data source for metering data of electricity users, and can be used for safety encryption communication in remote switching-on and switching-off, remote prepayment recharging and the like, the safety key update and release are uniformly managed through a KMS (key management system), and the transmission key from the early-stage equipment to the electricity user side is mainly divided into 21 modes:

1 plaintext transmission: the manufacturer arranges the key files through excel, then sends the key information to the electricity user through mail or even communication, the electricity user obtains the content in the files, then manually imports the file into a generating system, the generating system distributes the communication configuration (the key is distributed by dlms standard, the new key is packaged by MK for updating), and the equipment is installed on the site to use the new key;

2. Ciphertext transmission: the method comprises the steps that a manufacturer of each manufacturer is appointed by an electric company to produce an encrypted secret key, the encrypted secret key is packaged through a standard dlms encryption secret key algorithm (the manufacturer secret key appointed by the electric company is used for carrying out aes-128 encryption secret keys), equipment secret keys are arranged by equipment manufacturers, secret key information is sent to electric users through mails or instant messaging tools, the electric users acquire ciphertext secret key content in files, the equipment manufacturers are matched according to equipment provider information, decryption is carried out by the aid of the manufacturer secret keys, then a system is manually or automatically imported, the production system is found after communication configuration, and the equipment is installed on site to use a new secret key.

The transmission of the process is unsafe, the manual damage cannot be traced and recovered after modification, whether the file is an original file sent by a manufacturer cannot be guaranteed, the file is easy to leak, if the file is intercepted by an illegal molecule, the modification of a key configuration ammeter mode, other metering related parameters and the like can be carried out, the time-of-use electricity price and the operation mode (such as arrearage electricity protection and the like) of the electric energy meter are seriously influenced, the charging calculation problem is caused, public property loss is caused, and social property safety is seriously caused.

In the existing AMI ad hoc network intelligent gateway communication solution in the market, intelligent equipment is based on DLMS protocol standard, the equipment enables encryption communication, most of electric power users do not have regenerated release keys (warehouse sites and automatic production lines), and the keys such as MK, AK, EK and the like of the equipment are updated through remote updating keys after the intelligent equipment is installed on site.

The remote online updating key depends on the communication condition, if the communication is not good, an instruction cannot be issued, the communication is recovered, the parameters can be remotely configured, the configuration updating is required to be manually tracked in real time, if the key transmission is leaked before the key remote updating (the key transmission is leaked by a manufacturer or is leaked in a manual importing process), the key cannot be updated by the equipment installation site operation, and the illegal molecule uses the tampered key to modify the stepped electricity price and the charging rate period of the ammeter to perform illegal configuration or perform closing operation.

If leakage risk occurs, the device needs to be updated in time, and after the device is put into field operation, the primary task performs batch key updating, and a large amount of manpower and material resources are put into remote updating or local updating (the key parameter needs to be updated locally when the remote updating fails).

Disclosure of Invention

In order to solve the problems, the embodiment of the application provides a transmission method and a transmission device based on a secure encryption key, which ensure the security of key transmission, tamper resistance and legal data content.

Through similar processing models, the method can be flexibly expanded to other important parameters and transmission and interaction processes of other communication equipment, the safety of data transmission and the confidentiality of file content are obviously improved, and the application range, the application effect and the like of the whole scheme are improved.

In a first aspect, an embodiment of the present application provides a transmission method based on a secure encryption key, where the method includes:

The KMS randomly generates a random number TK according to a current time stamp or other discrete factors, and generates a device secret key according to a device serial number, wherein the secret key comprises MK, AK and EK;

Encrypting the TK and the secret key, outputting ciphertext of the secret key and the TK as a transmission file, and synchronously calculating to generate a signature file;

When the electric power user receives the transmission file and the signature file, the KMS uses the manufacturer public key to verify the signature method, and the electric power user decrypts the private key to obtain legal key information.

Preferably, before the device leaves the factory, the method further comprises:

and burning or configuring the key into the equipment in the factory mode, and storing the key information of all the equipment of the manufacturer in an encryption server.

Preferably, the "encrypt the TK and the key, and output ciphertext of the key and the TK as a transmission file" specifically includes:

Encrypting the secret key through the TK and generating ciphertext of the secret key and a verification value of the secret key; specifically, MK, AK and EK contained in the secret key can be respectively encrypted;

obtaining a public key of a power user to encrypt the TK and generating a ciphertext of the TK and a verification value of the TK;

outputting the secret key, the ciphertext of the TK and the check value as a transmission file, wherein the content format of the transmission file is json.

Preferably, the calculating to generate the signature file specifically includes:

calculating the file size of the transmission file, the verification value of the transmission file and the signature value of the transmission file by using a manufacturer private key to generate the signature file;

After the signature file is generated, the KMS releases memory information in the system process, and an object for releasing the memory information comprises the TK and the secret key.

Preferably, the "when the electric power user receives the transmission file and the signature file, the KMS system uses the manufacturer public key to verify the signature method" specifically includes:

When the electric power user receives the transmission file and the signature file, the KMS performs signature verification by using a manufacturer public key:

If the signature verification fails, the file is illegal and is an illegal file;

If the signature verification is successful, calculating a verification value and a file size of the transmission file, and comparing the verification value and the file size with the signature file:

if the signature file is not matched with the signature file, checking that the signature file is not matched with the signature file, and obtaining an illegal file;

if the signature file is matched with the signature file, the signature file is a legal file, and the signature verification is legal;

after verification and authentication, the legal key information is obtained through decryption of the private key of the power user.

Preferably, the "decrypting the private key of the power consumer and obtaining the legal key information" specifically includes:

The private key of the power user is loaded to decrypt the TK ciphertext in the transmission file, and the decrypted plaintext of the TK is obtained;

calculating a check value of the decrypted plaintext of the TK, and comparing whether the check value is consistent with the check value of the TK or not:

if not, the decrypted plaintext of the TK is illegal

If the TK is consistent, the decrypted plaintext of the TK is legal;

Decrypting ciphertext of the key through legal plaintext of the TK to obtain decrypted plaintext of the key;

Calculating a check value of the decrypted plaintext of the secret key, and comparing whether the check value is consistent with the check value of the secret key or not:

if the encryption key is inconsistent, the decrypted plaintext of the encryption key is illegal;

if the key information is consistent, the decryption text of the key is the legal key information, namely the decryption text of the key is Wen Gefa.

Preferably, after obtaining the legal key information, the method further includes:

The electric power user issues a new customer key or uses the factory key and imports the key information into the encryptor system of the AMI system.

In a second aspect, an embodiment of the present application provides an overrunning clutch allocation control device based on a hanging carrier spacing, where the device includes:

and (3) a random module: the KMS randomly generates a random number TK according to the current timestamp or other discrete factors, and generates a device key according to the device serial number, wherein the key comprises MK, AK and EK;

An encryption module: encrypting the TK and the secret key, outputting the secret key and the ciphertext of the TK as transmission files, and synchronously calculating to generate signature files;

And (3) a signature verification module: when the power user receives the transmission file and the signature file, the public key of the manufacturer is used for checking the signature through the KMS, and the private key of the power user is used for decrypting to obtain legal key information.

In a third aspect, an embodiment of the present application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method as provided in the first aspect or any one of the possible implementations of the first aspect when the computer program is executed.

In a fourth aspect, embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method as provided by the first aspect or any one of the possible implementations of the first aspect.

The beneficial effects of the invention are as follows:

The invention relates to a transmission method and a transmission device based on a secure encryption key, which effectively promote automatic import and secure transmission of a preset key of an equipment manufacturer to update an environment key generated by an electricity user, and limit leakage prevention risks, promote transmission security of the equipment encryption key in an AMI system, and avoid risks of incapability of configuration or illegal user modification caused by leakage of the key.

The whole production and import process of the transmission file is automatically processed through a system, personnel are prevented from touching and copying sensitive information, safety and reliability are ensured, and the transmission process is that a ciphertext transmission third party cannot crack, so that even if the file is leaked, the content inside cannot be decrypted or tampered, and the content safety is ensured.

Through similar processing models, the transmission and interaction processes of other important parameters and other communication equipment can be flexibly expanded, the safe transmission and the confidentiality of file content are obviously realized, and the application effect of the whole scheme is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flow chart of a transmission method based on a secure encryption key according to an embodiment of the present application;

Fig. 2 is a schematic structural diagram of a transmission device based on a secure encryption key according to an embodiment of the present application;

Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application;

FIG. 4 is a flow chart of an apparatus production configuration provided by the present application;

fig. 5 is a flowchart for importing and using power users according to the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application.

In the following description, the terms "first," "second," and "first," are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. The following description provides various embodiments of the application that may be substituted or combined between different embodiments, and thus the application is also to be considered as embracing all possible combinations of the same and/or different embodiments described. Thus, if one embodiment includes feature A, B, C and another embodiment includes feature B, D, then the application should also be seen as embracing one or more of all other possible combinations of one or more of A, B, C, D, although such an embodiment may not be explicitly recited in the following.

The following description provides examples and does not limit the scope, applicability, or examples set forth in the claims. Changes may be made in the function and arrangement of elements described without departing from the scope of the application. Various examples may omit, replace, or add various procedures or components as appropriate. For example, the described methods may be performed in a different order than described, and various steps may be added, omitted, or combined. Furthermore, features described with respect to some examples may be combined into other examples.

The application is mainly used in AMI system solution, after the equipment arrives at the electric power customer warehouse (metering center or electric power user enterprise), the equipment regenerates configuration, field security key issue, electric power user file input to AMI system through unified production automation system, the equipment arrives at the electric power user end and already is in delivery mode, communication parameter configuration and the like conform to dlms standard, therefore, the new security key issue step is to encapsulate new encryption AK (authentication key) EK (communication encryption key) MK (master key) through the delivery key MK (master key) of the equipment to update, the equipment generally contains various keys, all key updates must be issued through encrypted ciphertext, and the new key must be encrypted and encapsulated through MK in the equipment; along with the application of advanced AMI technology, the communication standard is perfect, and multi-manufacturer, multi-equipment and multi-type interconnection are the most important application requirements in the solution.

The intelligent equipment is widely applied to software encryption, and more requirements are put on key lead-in client systems which are produced by different factories and set by factory, the key file information is required to be safely transmitted and imported in a two-way authentication mode through identity authentication, and if the key is maliciously changed, communication cannot be carried out, and only the key can be returned to the factories of the equipment factories for reproduction for recovery use.

The intelligent device in the AMI solution is an intelligent electric energy meter based on a DLMS communication model (IEC 62056 protocol family, namely the DLMS protocol family, and the electric energy meter communication protocol), and supports the data security encryption requirement in the DLMS standard.

In the application, the AMI system solution comprises a front-end system, a key management system, various acquisition terminals and intelligent electric meters; generally, the communication equipment conforms to a unified communication standard and meets the interconnection and interworking requirements. After the equipment is installed and put into operation, the normal data collection and other service functions are realized. The power consumer provides purchasing equipment requirements for equipment manufacturers, the equipment is produced by the equipment manufacturers according to the requirements of the power consumer (for example, the customers require the one-machine-one-secret security key configuration of the equipment), and important parameter information is transmitted through a transmission file.

The key management system obtains the serial number of the equipment from the production management system and generates the keys (MK, AK and EK) of the equipment, the keys are real keys of the equipment at the moment and are not encrypted, in order to ensure the key transmission safety in the process of deployment and installation of the user side after the equipment leaves a factory, the keys are encrypted, the authenticity of the keys can be verified, the legitimacy of the products can be obtained, and in the current AMI system solution, the encryption strategy of the keys is not safe enough, so the application provides a transmission method based on the safe encryption keys, the encryption transmission of the keys is ensured, the keys are not tampered, and the products are not impersonated.

In the application, the key is generated by means of the key management system, and the key can be encrypted by means of the key management system based on the random number TK, so that two necessary encrypted files (namely a transmission file and a signature file) required by the application are generated, and after the follow-up equipment leaves the factory, the secure transmission of the key is realized by the transmission of the two necessary encrypted files.

Meanwhile, when the equipment leaves the factory, the factory equipment can be burnt and configured (secondary production behavior, specifically software parameter configuration and debugging) through a unified production automation system, and a secret key is burnt into the equipment, so that the equipment after leaving the factory can realize bidirectional verification with two issued necessary encrypted files, and the authenticity and legality of the equipment are ensured.

Referring to fig. 1, fig. 1 is a flow chart of a transmission method based on a secure encryption key according to an embodiment of the present application. In an embodiment of the present application, the method includes:

S101, the KMS randomly generates a random number TK according to a current time stamp or other discrete factors, and generates a device key according to a device serial number, wherein the key comprises MK, AK and EK.

In the application, before the equipment leaves the factory, the secret key is burnt or configured in the equipment in the factory mode, and meanwhile, the secret key information of all the equipment of the factory is stored in the encryption server, and the secret key information can be encrypted in a safe encryption mode and then stored.

It can be understood that the secret key is generated by the KMS system and is burnt into the device in the factory mode, so that the device has the secret key preset by the manufacturer after leaving the factory; all key information of a manufacturer is stored in an encryption server, when a certain device and a certain batch of devices need to be traced, a key can be generated in a KMS (KMS) system through a device serial number, and related data can be traced in the encryption server.

In one embodiment, when the device manufacturer completes the device production, a Key Management System (KMS) may randomly generate a random number TK (256-bit 32byte random number) based on a current time stamp or other discrete factor of the production management system, and MK, AK, EK may be generated by the KMS system based on the device serial number so as to trace back to the corresponding device with the key.

Based on actual conditions, a secret key can be configured based on the serial number of each device, so that the safety secret key configuration requirement of one-machine-one-secret (MK, AK and EK) is realized, and the secret key can be traced back through the device serial number in a KMS; the MK, AK, EK and KMS systems in the configuration device through factory mode are consistent and this part is sensitive information that the device is not readable (meeting dlms standard requirements or device secure storage requirements) when stored in a secure medium (e.g., an encryption server).

The electric power user and the equipment manufacturer have asymmetric private keys and certificates which are respectively produced and managed, the certificates and the private keys are correspondingly generated and combined, the private keys are respectively stored safely and can not be leaked (in a KMS system, personnel can not be exported or contacted), the public keys of the two parties can be obtained by exchanging the certificates of the two parties, and the certificates comprise issuing information and the like (the certificates can also be issued by a third party or can be issued by the user).

S102, encrypting the TK and the secret key, outputting the secret key and the ciphertext of the TK as transmission files, and synchronously calculating to generate signature files.

In the embodiment of the application, the TK is encrypted by the public key of the power user, the transmission file is formed by matching with the ciphertext of the secret key, and the transmission file is signed by the private key of the manufacturer, so that the transmission file issued by the manufacturer has legality; when the power user installs the file, the transmission file and the signature file are issued to each device, and when the power user receives the two files, the validity of the two files can be judged.

In the embodiment of the application, the transmission file and the signature file can be mutually verified, and after decryption, ciphertext information contained in the transmission file can be corresponding to data recorded and configured in the equipment, so that the validity verification of the equipment is completed.

In the application, the transmission file and the signature file can be generated in a KMS (KMS) system of a manufacturer, and the transmission file and the signature file can be generated and stored in advance and sent when a request of a power user is acquired, or the transmission file and the signature file can be temporarily generated and sent when an installation request is acquired.

In one embodiment, step S102 specifically includes:

Encrypting the secret key through the TK and generating ciphertext of the secret key and a verification value of the secret key;

Specifically, the real MK, AK and EK of the device are encrypted respectively through the temporarily generated TK, en_mk, en_ak and en_ek (corresponding to encrypted MK/AK/EK encryption information) are generated, sha256_mksha256_ak sha256_ek (corresponding to sha256 verification of MK/AK/EK) is generated at the same time, a public key is obtained through a certificate of the power user, the TK is encrypted through the public key, en_tk of a ciphertext is generated (ciphertext of the TK encrypted through the public key), sha256_tk (sha256 verification of the TK) is also generated at the same time, and then encrypted generated TK ciphertext information, verification data, secret key ciphertext information and verification data are output as a transmission file, and the content format is json format.

In a specific embodiment, the computing to generate the signature file specifically includes:

Specifically, the file size of the transmission file, the sha256 check value of the transmission file and the signature value of the transmission file by using the private key of the manufacturer are calculated, the signature file is generated, and the key management system releases the memory information, such as TK, MK, AK, EK, in the process of releasing the file after generating the sensitive information.

After obtaining the two files, the two files are transmitted to the power user for key verification.

Before two files are transmitted to the power client, the power client and the manufacturer interactively sign certificates, public keys and certificate issuing information can be obtained through the two certificates, and the transmission equipment secret key is transmitted through the transmission files.

The transmission file is a json format model, which contains a temporary encryption key: TK and TK are temporarily generated random numbers and are used for encrypting AK, EK and MK, wherein TK in a transmission file is ciphertext encrypted by a public key of an electric client, AK, EK and MK in the transmission file are keys symmetrically encrypted by AES-256 and also comprise the calculated value of secure hash sha 256; the signature file is a signature file of the transmission file, also in json format, and contains the sha256 calculated value of the file, the file size and the signature value of the factory private key.

And S103, when the power user receives the transmission file and the signature file, the public key of the manufacturer is used for verifying the signature method through the KMS, and the private key of the power user is used for decrypting to obtain legal key information.

In the embodiment of the application, after the power client acquires the transmission file (SHIPMENTFILE) and the signature file (shipment. Sig), the public key acquired by the manufacturer certificate is used for checking the signature, the TK ciphertext is decrypted through the private key after the signature is checked to be qualified, the AK plaintext is decrypted through the AES-256 symmetric encryption algorithm after the TK plaintext is acquired, the AK, EK and MK are decrypted to acquire the secret key plaintext, and then whether the sha256 of the verification plaintext is consistent or not is checked, and legal secret key information is acquired if the verification is consistent.

In one embodiment, step S103 specifically includes:

It can be understood that when the file is judged as an illegal file, alarm information can be sent out, and a worker can review whether to upload an erroneous equipment file or judge the genuine attribute of the product.

In the embodiment of the application, a power user acquires SHIPMENTFILE and a shipmentfile sig, a public key in a manufacturer certificate is used for signature verification through a KMS (key management system), a signature verification method shows that the file is a completely authorized file provided by a manufacturer, then whether the file sha256 and the file size are matched is calculated, after the file sha256 and the file size are legal, a ciphertext TK in a SHIPMENTFILE file is decrypted through a private key (the private key of the power user), and after the decryption is successful, whether the sha256 value of the TK is consistent is compared.

After TK is obtained, decrypting through AES-256, obtaining a relevant parameter EN_MKEN_AKEN_EK of a decrypted secret text, and obtaining MKAK EK of a plaintext, calculating whether sha256 values are matched again, and storing the matched values into a secret key management system, so that device secret key information is imported through KMS safety and legal; and related key information can be used by the production environment, updated by the production environment as needed, or used directly.

The whole SHIPMENTFILE production and importing processes are automatically processed through a system, personnel are prevented from touching and copying sensitive information, safety and reliability are ensured, and the transmission process is that a ciphertext transmission third party cannot crack, so that even if a file is leaked, the content inside cannot be decrypted or tampered, and the content safety is ensured.

In a specific embodiment, SHIPMENTFILE format is described below, the file contents of which are described below

{

“manufacturer”=”hexing”,

“TIME”=”2023_11_13:11:23:00”

“EN_TK” = “XXXXX”,

“sha256_TK”=”XXXXXX”,

“dev_info”=” electric_energy_meter”

“key_info”=[

{

“dev_SN” = “12345678”,

“EN_MK” = “XXXXXXXX”,

“sha256_MK”=”XXXXXX”,

“EN_AK” = “XXXXXXXX”,

“sha256_AK”=”XXXXXX”,

“EN_EK” = “XXXXXXXX”,

“sha256_EK”=”XXXXXX”

},

{

“dev_SN” = “12345644”,

“EN_MK” = “XXXXXXXX”,

“sha256_MK”=”XXXXXX”,

“EN_AK” = “XXXXXXXX”,

“sha256_AK”=”XXXXXX”,

“EN_EK” = “XXXXXXXX”,

“sha256_EK”=”XXXXXX”

}

]

}

Description of:

manufacter, description information for Manufacturer

TIME, generating TIME for file

En_tk, ciphertext encrypted with public key (public key in the power consumer certificate)

Sha256_TK sha256 check of TK

Dev_info device information description

Key_info key information structure

Dev_SN device Address description

EN_MK MK after encryption by TK

Sha256_MK MK sha256 value of MK

EN_AK AK after encryption by TK

Sha256_AK. Sha256 value of AK

EN_EK: EK encrypted by TK

Sha256_ek-sha256 value of EK.

The format of the shipmentfile sig is described below, and the contents of the file are described below

{

“manufacturer”=”hexing”,

“TIME”=”2023_11_13:11:23:00”,

“file_name”=” Shipmentfile_hexing_20231v01”,

“file_size” = “XXXXX”,

“sha256_file”=”XXXXXX”,

“file_sig”=” “XXXXXX”

}

Description of:

manufacturer information

TIME, generating TIME for file

File_name SHIPMENTFILE file name

File size

Sha256_file: file sha256 check value

File_sig: file signature value (signed by factory private key).

In the embodiment of the application, after legal key information is acquired, an electric power user issues a new client key through an automatic generation software system or uses a factory key (some electric power users have small scale and no automatic reproduction environment, and can use a safety secret key which is factory-shipped by an equipment factory, and later equipment is online and periodically updates the key), and the key information is imported into an encryption machine system of an AMI (advanced encryption infrastructure); the device is finally installed on site to meet the release requirements.

Through the processing, the automatic import and the safe transmission of the preset secret key of the equipment manufacturer to the update of the electric user generation environment secret key can be effectively improved, the leakage risk is prevented to a limited extent, the transmission safety of the equipment encryption secret key in the AMI system is improved, and the risks that the secret key cannot be configured or an illegal user is grasping and modifying because the secret key is leaked are avoided.

Based on the above steps, please refer to fig. 4 and fig. 5, wherein fig. 4 is a configuration flow chart of the device provided by the present application in a production process, and fig. 5 is a key verification flow chart of the power consumer provided by the present application when using the product device.

The following describes in detail the overrunning clutch allocation control device based on the hanging carrier spacing according to the embodiment of the present application with reference to fig. 2. It should be noted that, the overrun clutch allocation control device based on the distance between hanging carriers shown in fig. 2 is used to execute the method of the embodiment of fig. 1 of the present application, for convenience of explanation, only the portion relevant to the embodiment of the present application is shown, and specific technical details are not disclosed, please refer to the embodiment of fig. 1 of the present application.

Referring to fig. 2, fig. 2 is a schematic structural diagram of an overrunning clutch allocation control device based on a hanging carrier spacing according to an embodiment of the present application. As shown in fig. 2, the apparatus includes:

a random module 201: the KMS randomly generates a random number TK according to the current timestamp or other discrete factors, and generates a device key according to the device serial number, wherein the key comprises MK, AK and EK;

Encryption module 202: encrypting the TK and the secret key, outputting the secret key and the ciphertext of the TK as transmission files, and synchronously calculating to generate signature files;

Signature verification module 203: when the power user receives the transmission file and the signature file, the public key of the manufacturer is used for checking the signature through the KMS, and the private key of the power user is used for decrypting to obtain legal key information.

It will be clear to those skilled in the art that the technical solutions of the embodiments of the present application may be implemented by means of software and/or hardware. "unit" and "module" in this specification refer to software and/or hardware capable of performing a particular function, either alone or in combination with other components, such as Field-Programmable gate arrays (Field-Programmable GATE ARRAY, FPGA), integrated circuits (INTEGRATED CIRCUIT, ICs), and the like.

The processing units and/or modules of the embodiments of the present application may be implemented by an analog circuit that implements the functions described in the embodiments of the present application, or may be implemented by software that executes the functions described in the embodiments of the present application.

Referring to fig. 3, a schematic structural diagram of an electronic device according to an embodiment of the present application is shown, where the electronic device may be used to implement the method in the embodiment shown in fig. 1. As shown in fig. 3, the electronic device 300 may include: at least one central processor 301, at least one network interface 304, a user interface 303, a memory 305, at least one communication bus 302.

Wherein the communication bus 302 is used to enable connected communication between these components.

The user interface 303 may include a Display screen (Display), a Camera (Camera), and the optional user interface 303 may further include a standard wired interface, and a wireless interface.

The network interface 304 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.

Wherein the central processor 301 may comprise one or more processing cores. The central processor 301 connects the various parts within the overall electronic device 300 using various interfaces and lines, performs various functions of the terminal 300 and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 305, and invoking data stored in the memory 305. Alternatively, the central processor 301 may be implemented in at least one hardware form of digital signal Processing (DIGITAL SIGNAL Processing, DSP), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA), programmable logic array (Programmable Logic Array, PLA). The central processor 301 may integrate one or a combination of several of a central processor (Central Processing Unit, CPU), an image central processor (Graphics Processing Unit, GPU), a modem, etc. The CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It will be appreciated that the modem may not be integrated into the cpu 301 and may be implemented by a single chip.

The memory 305 may include a random access memory (Random Access Memory, RAM) or a Read-only memory (Read-only memory). Optionally, the memory 305 includes a non-transitory computer readable medium (non-transitory computer-readable storage medium). Memory 305 may be used to store instructions, programs, code, sets of codes, or sets of instructions. The memory 305 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the above-described respective method embodiments, etc.; the storage data area may store data or the like referred to in the above respective method embodiments. The memory 305 may also optionally be at least one storage device located remotely from the aforementioned central processor 301. As shown in fig. 3, an operating system, a network communication module, a user interface module, and program instructions may be included in the memory 305, which is a type of computer storage medium.

In the electronic device 300 shown in fig. 3, the user interface 303 is mainly used for providing an input interface for a user, and acquiring data input by the user; and the central processor 301 may be configured to invoke the secure encryption key based transmission method application stored in the memory 305, and specifically perform the following operations:

The present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above method. The computer-readable storage medium may include, among other things, any type of disk including floppy disks, optical disks, DVDs, CD-ROMs, micro-drives, and magneto-optical disks, ROM, RAM, EPROM, EEPROM, DRAM, VRAM, flash memory devices, magnetic or optical cards, nanosystems (including molecular memory ICs), or any type of media or device suitable for storing instructions and/or data.

It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.

In the several embodiments provided by the present application, it should be understood that the disclosed apparatus may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, such as the division of the units, merely a logical function division, and there may be additional manners of dividing the actual implementation, such as multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some service interface, device or unit indirect coupling or communication connection, electrical or otherwise.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.

The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable memory. Based on this understanding, the technical solution of the present application may be embodied essentially or partly in the form of a software product, or all or part of the technical solution, which is stored in a memory, and includes several instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned memory includes: a U-disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.

Those of ordinary skill in the art will appreciate that all or a portion of the steps in the various methods of the above embodiments may be performed by hardware associated with a program that is stored in a computer readable memory, which may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic disk or optical disk, etc.

The foregoing is merely exemplary embodiments of the present disclosure and is not intended to limit the scope of the present disclosure. That is, equivalent changes and modifications are contemplated by the teachings of this disclosure, which fall within the scope of the present disclosure. Embodiments of the present disclosure will be readily apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a scope and spirit of the disclosure being indicated by the claims.

Claims

1. A transmission method based on a secure encryption key, the transmission method comprising:

2. The transmission method according to claim 1, characterized by further comprising, before shipment of the device:

3. The transmission method according to claim 1, wherein "encrypt the TK and the key and output the ciphertext of the TK and the key as a transmission file" specifically includes:

4. The transmission method according to claim 1, wherein calculating the signature file comprises:

5. The transmission method according to claim 3, wherein the "when the power consumer receives the transmission file and the signature file, the KMS system uses the manufacturer public key to verify the signature method" specifically includes:

6. The transmission method according to claim 5, wherein "decrypting and obtaining legal key information by the private key of the power consumer" specifically includes:

if not, the decrypted plaintext of the TK is illegal

If the TK is consistent, the decrypted plaintext of the TK is legal;

7. The transmission method according to claim 2, further comprising, after the legal key information is acquired:

8. A secure encryption key-based transmission apparatus, comprising:

9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1-7 when the computer program is executed.

10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any of claims 1-7.