[go: up one dir, main page]

TWI587680B - A connection verifying method for monitoring device - Google Patents

A connection verifying method for monitoring device Download PDF

Info

Publication number
TWI587680B
TWI587680B TW104137980A TW104137980A TWI587680B TW I587680 B TWI587680 B TW I587680B TW 104137980 A TW104137980 A TW 104137980A TW 104137980 A TW104137980 A TW 104137980A TW I587680 B TWI587680 B TW I587680B
Authority
TW
Taiwan
Prior art keywords
column
code
encrypted
monitoring device
permutation
Prior art date
Application number
TW104137980A
Other languages
Chinese (zh)
Other versions
TW201720094A (en
Inventor
Cherng-Ming Cheng
Original Assignee
Zinwell Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zinwell Corp filed Critical Zinwell Corp
Priority to TW104137980A priority Critical patent/TWI587680B/en
Publication of TW201720094A publication Critical patent/TW201720094A/en
Application granted granted Critical
Publication of TWI587680B publication Critical patent/TWI587680B/en

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Description

監控裝置之連線驗證方法Connection verification method for monitoring device

本發明係關於一種監控裝置,特別是關於一種監控裝置之連線驗證方法。 The present invention relates to a monitoring device, and more particularly to a method for verifying the connection of a monitoring device.

監控裝置的普及率在近幾年來持續攀升,除了老人與幼兒居家照護、企業室內監控等需求迅速增加之外,結合手機應用程式讓人可隨時隨地觀看影像的方便性也成為普及的原因。當大家還以為黑帽駭客的目標仍然是網站、個人電腦時,已經有許多攻擊者悄悄地將目標轉向了網路上的各種設備,例如NAS、Wireless AP、印表機等,而擁有眾多用戶的監控裝置理所當然地也是目標之一。 The popularity of surveillance devices has continued to rise in recent years. In addition to the rapid increase in demand for home care for the elderly and children, and indoor monitoring of enterprises, the convenience of viewing mobile images at any time and anywhere has become a popular reason. When everyone thinks that the goal of black hat hackers is still websites and personal computers, many attackers have quietly turned their targets to various devices on the network, such as NAS, Wireless AP, printers, etc., and have many users. The monitoring device is of course one of the goals.

習知的監控裝置所使用的驗證方法是使用帳號密碼做為連線驗證的主要方式。一般的監控裝置產品通常都會有預設的帳號密碼,但是在網路上直接傳送帳號以及密碼的實體資訊是非常危險的,雖然可以藉由各種加密的措施來增加安全性,但攻擊者只要知道加密的方法,破解這些帳號以及密碼的實體資訊是非常容易的,一旦帳號密碼被破解,攻擊者只要連到IP位址就可以直接看到攝影機畫面,甚至,可以利用帳號密碼從事其他的系統破壞活動,因此,業界持續不斷地要求更加改進更加創新的監控裝置連線驗證方法。最佳地,這些連線驗證方法必須極為安全且可簡便地實施。 The verification method used by the conventional monitoring device is to use the account password as the main method of connection verification. General monitoring device products usually have a preset account password, but it is very dangerous to directly transfer the account and password entity information on the network. Although various encryption measures can be used to increase security, the attacker only needs to know the encryption. The method of cracking the physical information of these accounts and passwords is very easy. Once the account password is cracked, the attacker can directly see the camera screen by connecting to the IP address, and even use the account password to engage in other system destruction activities. Therefore, the industry continues to demand more improved and more innovative monitoring device connection verification methods. Optimally, these wiring verification methods must be extremely safe and easy to implement.

因此,本發明之主要目的即是提供一種監控裝置之連線驗證方法,藉以解決監控裝置的連線安全性問題。 Therefore, the main object of the present invention is to provide a connection verification method for a monitoring device, thereby solving the problem of connection security of the monitoring device.

本發明為解決習知技術之問題所採用之技術手段係提供一種監控裝置之連線驗證方法,係用於在一監控裝置與一用戶端裝置之連線建立過程中執行驗證,驗證該監控裝置及該用戶端裝置中所各別建置的一置換暨移位矩陣是否相同,其中該置換暨移位矩陣為一16行16列矩陣,該置換暨移位矩陣之每個奇數列係作為置換列,該置換列係由選自0至15的互不重覆的16個數字R0至R15所構成,且該置換暨移位矩陣之每個偶數列係作為移位列,該移位列係由選自0至31的互不重覆的16個數字S0至S15所構成,該連線驗證方法依序包含下列步驟:(a)由該監控裝置將一由八個字元所組成的一字串初始碼(K1)予以儲存並將該字串初始碼(K1)以該置換暨移位矩陣予以加密,而得到一加密初始碼(K2),並將該加密初始碼(K2)傳送到該用戶端裝置;(b)由該用戶端裝置以該置換暨移位矩陣將該加密初始碼(K2)予以解密,而得到一解密初始碼(K1’),並將經解密而得出的該解密初始碼(K1’)以一預定的標準加密方式予以加密,而得到一用戶端驗證碼(K3),並將該用戶端驗證碼(K3)傳送至該監控裝置;(c)由該監控裝置將經儲存於該監控裝置中的該字串初始碼(K1)以該預定的標準加密方式予以加密,而得到一監控端驗證碼(K4);(d)比較該監控端驗證碼(K4)及該用戶端驗證碼(K3),且在當該監控端驗證碼(K4)及該用戶端驗證碼(K3)為相同的情況時,則該字串初始碼(K1)與該解密初始碼(K1’)為相同,即為驗證通過,而准許該監控裝置與該用戶端裝置之連線建立, 其中步驟(a)中,由該監控裝置將該字串初始碼(K1)以該置換暨移位矩陣予以加密係依序包括下列步驟:(a1)將該字串初始碼(K1)的字元以十六進位的二個位元組的ASCII碼表示而轉換為一加密轉換碼(K11),並將該加密轉換碼(K11)中的每位十六進位數字T0至T15予以十進位加總並取8之餘數而得出一加密索引值(I);(a2)使用該加密索引值(I)而索引出該置換暨移位矩陣的該第(2I+1)列的置換列作為一加密索引置換列,以及索引出該第(2I+2)列的移位列作為一加密索引移位列,將該加密轉換碼(K11)的十六進位數字TX置換為該加密索引置換列的第(TX+1)的十進位計算行之數值,其中X為0至15,並在該加密轉換碼(K11)的所有十六進位數字置換完成後,而得到一包括有十進位數字U0至U15的加密置換碼(K12);以及(a3)將該加密置換碼(K12)的數字UY依照該加密索引移位列的數字SY移入一空的32行1列矩陣的第(SY+1)行,其中Y為0至15,接著以0至15的數值以隨機方式依序由該32行1列矩陣之低位至高位填入該32行1列矩陣中餘下為空的前15個空位,再將一調整位元填入該32行1列矩陣中的最終餘下空位,而得到該加密初始碼(K2),其中該調整位元係由該加密索引值(I)及該加密初始碼(K2)中31行的每位數字以十進位加總取8之餘數值之間的一差值而得到;其中步驟(b)中,由該用戶端裝置以該置換暨移位矩陣將該加密初始碼(K2)予以解密係依序包括下列步驟:(b1)將該加密初始碼(K2)中的每位數字V0至V31予以十進位加總並取8之餘數而得出一解密索引值(J);(b2)使用該解密索引值(J)而索引出該置換暨移位矩陣的該第(2J+1)列的置換列作為一解密索引置換列,以及索引出該第(2J+2)列的移位列作為一解密索引移位列,將該解密索引移位列的各行數字SZ予以作為一解密移位數 值取出索引值而取出該加密初始碼(K2)中的第(SZ+1)的十進位計算行之數值,並依該各行數字SZ於該解密索引移位列的所在位置予以排列而組成一包括有數字G0至G15的解密移位碼(K21),其中Z為0至15;(b3)將該解密移位碼(K21)的各行數字GM予以個別作為一解密置換數值搜尋索引值而自該解密索引置換列予以搜尋出該解密置換數值搜尋索引值個別於該解密索引置換列中的一位置值,並以該位置值依該各行數字GM於該解密移位碼(K21)的所在位置予以排列而組成一包括有十六進位數字H0至H15的一解密置換碼(K22),其中該位置值係為自0起算而至15,而M為0至15,然後將該解密置換碼(K22)作為十六進位ASCII碼而以兩個位元組為單位予以轉換為八個字元所組成的的該解密初始碼(K1’)。 The technical means adopted by the present invention to solve the problems of the prior art provides a method for verifying the connection of the monitoring device, which is used to perform verification during the connection establishment process of a monitoring device and a user device, and verify the monitoring device. And whether the permutation and shift matrix respectively configured in the user equipment is the same, wherein the permutation and shift matrix is a 16-row 16-column matrix, and each odd-numbered column of the permutation and shift matrix is used as a permutation a column, the permutation column is composed of 16 numbers R 0 to R 15 selected from 0 to 15 which are mutually non-repetitive, and each of the permutation columns of the permutation and shift matrix is used as a shift column, the shift The column is composed of 16 numbers S 0 to S 15 which are selected from 0 to 31 which do not overlap each other. The connection verification method sequentially comprises the following steps: (a) one eight character is used by the monitoring device. The formed initial string code (K1) is stored and the initial code (K1) of the string is encrypted by the permutation and shift matrix to obtain an encrypted initial code (K2), and the encrypted initial code is obtained ( K2) transmitted to the client device; (b) by the client device with the replacement and shift matrix The encrypted initial code (K2) is decrypted to obtain a decrypted initial code (K1'), and the decrypted initial code (K1') is decrypted in a predetermined standard encryption manner to obtain a a client verification code (K3), and transmitting the client verification code (K3) to the monitoring device; (c) the monitoring device transmits the string initial code (K1) stored in the monitoring device to the The predetermined standard encryption method is encrypted to obtain a monitoring terminal verification code (K4); (d) comparing the monitoring terminal verification code (K4) and the client authentication code (K3), and when the monitoring terminal verification code ( When K4) and the client verification code (K3) are the same, the string initial code (K1) is the same as the decryption initial code (K1'), that is, the verification is passed, and the monitoring device is permitted to The connection of the client device is established. In step (a), the monitoring device encrypts the string initial code (K1) with the replacement and shift matrix, and sequentially includes the following steps: (a1) the word The character of the string initial code (K1) is converted into an encrypted conversion code (K11) by the ASCII code representation of two hexadecimal bytes, and the addition is performed. Each hexadecimal digit T 0 to T 15 in the secret conversion code (K11) is added by a decimal and takes a remainder of 8 to obtain an encrypted index value (I); (a2) using the encrypted index value (I) And the permutation column of the (2I+1)th column of the permutation and shift matrix is indexed as an encrypted index permutation column, and the shifted column of the (2I+2)th column is indexed as an encrypted index shift a column, the hexadecimal number T X of the encrypted conversion code (K11) is replaced by the value of the (T X +1) decimal calculation line of the encrypted index replacement column, where X is 0 to 15, and After all the hexadecimal digits of the encryption conversion code (K11) are replaced, an encrypted replacement code (K12) including the decimal digits U 0 to U 15 is obtained; and (a3) the encryption replacement code (K12) is obtained. The number U Y is shifted into the (S Y +1)th row of an empty 32-row 1-column matrix according to the number S Y of the encrypted index shift column, where Y is 0 to 15, and then the value is 0 to 15 in a random manner. The lower 15th column of the 32 rows and 1 column matrix is filled with the first 15 vacancies remaining in the 32 rows and 1 column matrix, and then an adjustment bit is filled into the final remaining vacancy in the 32 row and 1 column matrix. And obtaining the encrypted initial code (K2), wherein the adjustment bit is obtained by adding the total value of 8 to each digit of 31 lines of the encrypted index value (I) and the encrypted initial code (K2) by a decimal value Obtaining a difference between the two; wherein in step (b), the user equipment sets the encryption initial code (K2) to be decrypted by the replacement and shift matrix, and the following steps are included: (b1) encrypting Each digit V 0 to V 31 in the initial code (K2) is summed by a decimal and takes a remainder of 8 to obtain a decryption index value (J); (b2) is indexed using the decryption index value (J) And replacing the permutation column of the (2J+1)th column of the permutation and shift matrix as a decryption index, and indexing the shifted column of the (2J+2)th column as a decryption index shift column, Deciphering the row number S Z of the index shift column, taking out the index value as a decryption shift value, and extracting the value of the (S Z +1) decimal calculation row in the encrypted initial code (K2), and according to the respective rows The number S Z is arranged at the position of the decrypted index shift column to form a decrypted shift code (K21) including the numbers G 0 to G 15 , where Z is 0 to 15; (b3 Each row of digits G M of the decrypted shift code (K21) is individually used as a decrypted permutation value search index value, and the decrypted index replacement index is searched for the decrypted permutation value search index value, which is individually in the decryption index permutation column. a position value, and the position value is arranged according to the position of the line of digits G M at the decryption shift code (K21) to form a decryption replacement code (K22) including the hexadecimal numbers H0 to H15. , wherein the position value is from 0 to 15 and M is 0 to 15, and then the decrypted replacement code (K22) is converted into eight octet ASCII codes in two byte units. The decryption initial code (K1') composed of characters.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中當該加密索引值(I)係為小於該加密初始碼(K2)中31行的每位數字以十進位加總取8之餘數值時,則將該差值加8而得出該調整位元。 In an embodiment of the present invention, a method for verifying connection of a monitoring device is provided, wherein when the encrypted index value (I) is less than the number of 31 digits in the encrypted initial code (K2), the digits are added in decimal increments. When the value of 8 is taken, the difference is added to 8 to obtain the adjustment bit.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中該預定的標準加密方式係符合高階加密標準(Advanced Encryption Standard,AES),並使用一使用者識別與密碼資訊做為金鑰。 In an embodiment of the present invention, a method for verifying connection of a monitoring device is provided, wherein the predetermined standard encryption method conforms to the Advanced Encryption Standard (AES), and uses a user identification and password information as Key.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中該監控裝置及該用戶端裝置中係儲存有一使用者識別與密碼資訊。 In an embodiment of the invention, a method for verifying the connection of the monitoring device is provided, wherein the monitoring device and the user device store a user identification and password information.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中步驟(a3)中填入該32行1列矩陣中餘下為空的空位的方式係為使用該加密索引置換列的前15個數值R0至R14依序由低位至高位填入。 In an embodiment of the present invention, a method for verifying connection of a monitoring device is provided, wherein the method of filling the remaining empty slots in the 32 rows and 1 column matrix in step (a3) is to replace the column with the encrypted index. The first 15 values R 0 to R 14 are sequentially filled in from low to high.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中該監控裝置係為一遠端監控攝影機,且/或該用戶端裝置係為一行動裝置。 In an embodiment of the invention, a method for verifying the connection of a monitoring device is provided, wherein the monitoring device is a remote monitoring camera, and/or the user device is a mobile device.

在本發明的一實施例中係提供一種監控裝置之連線驗證方法,其中該監控裝置與該用戶端裝置之連線建立的准許係為准許該監控裝置將一監控影像資料傳輸至該用戶端裝置以顯示於該用戶端裝置上。 In an embodiment of the present invention, a method for verifying a connection of a monitoring device is provided, wherein the connection established between the monitoring device and the user device is to permit the monitoring device to transmit a monitoring image data to the client. The device is displayed on the client device.

經由本發明所採用之技術手段,將一個置換暨移位矩陣各別設置於監控裝置與用戶端裝置,配合置換暨移位矩陣的加密與解密程序,藉以驗證監控裝置及用戶端裝置中所各別建置的置換暨移位矩陣是否相同,而決定用戶端裝置是否可以連線而顯示監控裝置所傳輸的監控影像資料,由於本發明僅在網路上傳送一加密的字串初始碼,並未傳送帳號、密碼、抑或置換暨移位矩陣本身,所以即使被攻擊者攔截,攻擊者也無法使用該字串初始碼來駭入系統。如此,可避免在網路上直接傳送帳號以及密碼的實體資訊以提高監控裝置之連線安全性。 Through the technical means adopted by the present invention, a replacement and shift matrix is respectively set in the monitoring device and the user end device, and the encryption and decryption procedures of the replacement and shift matrix are combined to verify each of the monitoring device and the user terminal device. Whether the replacement and shifting matrix that are not built are the same, and determining whether the user equipment can be connected to display the monitoring image data transmitted by the monitoring device, since the present invention transmits only an encrypted string initial code on the network, Transfer the account number, password, or replacement and shift matrix itself, so even if intercepted by the attacker, the attacker can not use the string initial code to break into the system. In this way, the entity information of the account and the password can be directly transmitted on the network to improve the connection security of the monitoring device.

1‧‧‧監控裝置 1‧‧‧Monitoring device

2‧‧‧用戶端裝置 2‧‧‧Customer device

K2‧‧‧加密初始碼 K2‧‧‧Encryption initial code

K3‧‧‧用戶端驗證碼 K3‧‧‧Client Verification Code

RS1、RS2‧‧‧置換暨移位矩陣 RS1, RS2‧‧‧ Replacement and Shift Matrix

第1圖為顯示根據本發明的一實施例的一種監控裝置之連線驗證方法的示意圖。 FIG. 1 is a schematic diagram showing a connection verification method of a monitoring device according to an embodiment of the present invention.

第2圖為顯示根據本發明的一實施例的一種監控裝置之連線驗證方法的流程圖。 FIG. 2 is a flow chart showing a method for verifying the connection of a monitoring device according to an embodiment of the present invention.

第3圖為顯示根據本發明的一實施例的一種監控裝置之連線驗證方法的加密程序流程圖。 3 is a flow chart showing an encryption procedure of a connection verification method of a monitoring device according to an embodiment of the present invention.

第4圖為顯示根據本發明的一實施例的一種監控裝置之連線驗證方法的解密程序流程圖。 4 is a flow chart showing a decryption procedure of a connection verification method of a monitoring device according to an embodiment of the present invention.

第5圖為顯示根據本發明的一實施例的一種監控裝置之連線驗證方法中的一置換暨移位矩陣範例。 FIG. 5 is a diagram showing an example of a permutation and shifting matrix in a method for verifying a connection of a monitoring device according to an embodiment of the invention.

以下根據第1圖至第5圖說明本發明的實施方式。說明並非為限制本發明的實施方式,而為本發明之實施例的一種。 Embodiments of the present invention will be described below based on Figs. 1 to 5 . The description is not intended to limit the embodiments of the present invention, but is an embodiment of the present invention.

如第1圖及第2圖所示,本發明之監控裝置1連線驗證方法,係用於在一監控裝置1與一用戶端裝置2之連線建立過程中執行驗證,驗證該監控裝置1及該用戶端裝置2中所各別建置的一置換暨移位矩陣(RS1、RS2)是否相同,該連線驗證方法依序包含下列步驟:(a)由該監控裝置1將一由八個字元所組成的一字串初始碼(K1)予以儲存並將該字串初始碼(K1)以該置換暨移位矩陣RS1予以加密,而得到一加密初始碼(K2),並將該加密初始碼(K2)傳送到該用戶端裝置2;(b)由該用戶端裝置2以該置換暨移位矩陣RS2將該加密初始碼(K2)予以解密,而得到一解密初始碼(K1’),並將經解密而得出的該解密初始碼(K1’)以一預定的標準加密方式予以加密,而得到一用戶端驗證碼(K3),並將該用戶端驗證碼(K3)傳送至該監控裝置1;(c)由該監控裝置1將經儲存於該監控裝置1中的該字串初始碼(K1)以該預定的標準加密方式予以加密,而得到一監控端驗證碼(K4);(d)比較該監控端驗證碼(K4)及該用戶端驗證碼(K3),且在當該監控端驗證碼(K4)及該用戶端驗證碼(K3)為相同的情況時,則該字串初始碼(K1)與該解密初始碼(K1’)為相同,即為驗證通過,而准許該監控裝置1與該用戶端裝置2之連線建立。 As shown in FIG. 1 and FIG. 2, the connection verification method of the monitoring device 1 of the present invention is used for performing verification during the connection establishment process of the monitoring device 1 and a user terminal device 2, and verifying the monitoring device 1 And whether the replacement and shifting matrix (RS1, RS2) respectively configured in the user equipment 2 are the same, the connection verification method sequentially includes the following steps: (a) the monitoring device 1 A string initial code (K1) composed of characters is stored and the initial code (K1) of the string is encrypted by the permutation and shift matrix RS1 to obtain an encrypted initial code (K2), and the The encrypted initial code (K2) is transmitted to the client device 2; (b) the client device 2 decrypts the encrypted initial code (K2) with the replacement and shift matrix RS2 to obtain a decrypted initial code (K1) '), and decrypting the decrypted initial code (K1') in a predetermined standard encryption manner to obtain a client authentication code (K3), and the client authentication code (K3) Transmitted to the monitoring device 1; (c) the monitoring device 1 uses the string initial code (K1) stored in the monitoring device 1 to The standard encryption method is encrypted to obtain a monitoring terminal verification code (K4); (d) comparing the monitoring terminal verification code (K4) and the client authentication code (K3), and when the monitoring terminal verification code ( When K4) and the client side verification code (K3) are the same, the string initial code (K1) is the same as the decryption initial code (K1'), that is, the verification is passed, and the monitoring device 1 is permitted to The connection of the client device 2 is established.

詳細而言,如第1圖所示,在本實施例中,該監控裝置1及該用戶端裝置2中會各別建置一個置換暨移位矩陣(RS1、RS2),第5圖即為該置換暨移位矩陣的一個範例,該置換暨移位矩陣為一16行16列的矩陣,該置換暨移位矩陣之每個奇數列即為置換列,各個置換列是由16個數字(R0至R15)所構成,而且置換列中的數字是選自0至15中互不重覆的數字,因此每個數字應該會出現一 次,而且僅會出現一次,而該置換暨移位矩陣之每個偶數列即為移位列,各個移位列是由16個數字(S0至S15)所構成,而且移位列中的數字是選自0至31中互不重覆的數字。 In detail, as shown in FIG. 1 , in the present embodiment, a replacement and shift matrix (RS1, RS2) is separately built in the monitoring device 1 and the client device 2, and FIG. 5 is An example of the permutation and shift matrix is that the permutation and shift matrix is a matrix of 16 rows and 16 columns, and each odd column of the permutation and shift matrix is a permutation column, and each permutation column is composed of 16 numbers ( R 0 to R 15 ), and the number in the permutation column is a number selected from 0 to 15 that does not overlap each other, so each number should appear once and only once, and the permutation and shift Each even column of the matrix is a shift column, each shift column is composed of 16 numbers (S 0 to S 15 ), and the numbers in the shift column are selected from 0 to 31 and are not overlapped with each other. digital.

如第1圖至第3圖所示,當該鹽控裝置1收到該用戶端裝置2所傳來的連線要求時,該監控裝置1即產生一由八個字元所組成的字串初始碼(K1)並開始步驟(a),步驟(a)是由該監控裝置1將該字串初始碼(K1)以該置換暨移位矩陣RS1予以加密,例如,該字串初始碼(K1)為「ABCDWXYZ」,最佳地,該字串初始碼(K1)亦可包含日期時間資訊,並且為互不重覆的數字,而加密程序是依序包括下列步驟:(a1)將該字串初始碼(K1)的字元以十六進位的二個位元組的ASCII碼表示而轉換為一加密轉換碼(K11),在本實施例中,字元「A」的十六進位ASCII碼為「0041」,取二個位元組即為「41」,因此,該加密轉換碼(K11)即為「414243445758595A」,接著將該加密轉換碼(K11)中的每位十六進位數字(T0至T15)以十進位計算方式加總,即為:4+1+4+2+4+3+4+4+5+7+5+8+5+9+5+10=80然後將「80」除以「8」後之餘數為「0」,而「0」即是加密索引值(I)。 As shown in FIG. 1 to FIG. 3, when the salt control device 1 receives the connection request from the client device 2, the monitoring device 1 generates a string consisting of eight characters. The initial code (K1) starts the step (a), and the step (a) is that the string initial code (K1) is encrypted by the monitoring device 1 with the replacement and shift matrix RS1, for example, the string initial code ( K1) is "ABCDWXYZ". Preferably, the initial code (K1) of the string may also include date and time information, and is a number that is not repeated, and the encryption program sequentially includes the following steps: (a1) The character of the string initial code (K1) is converted into an encrypted conversion code (K11) by the ASCII code representation of two bytes of hexadecimal. In this embodiment, the hexadecimal of the character "A" is converted. The ASCII code is "0041", and the two bytes are "41". Therefore, the encrypted conversion code (K11) is "414243445758595A", and then each hexadecimal in the encrypted conversion code (K11) The numbers (T 0 to T 15 ) are summed in decimal calculations, namely: 4+1+4+2+4+3+4+4+5+7+5+8+5+9+5+10 =80 Then divide "80" by "8" and the remainder is "0". "0" that is encrypted index value (I).

接著進行步驟(a2),在本實施例中,加密索引值(I)為「0」,而(2I+1)=(2*0+1)=1,所以加密索引置換列為置換暨移位矩陣RS1的第(1)列的置換列,而(2I+2)=(2*0+2)=2,所以加密索引移位列為置換暨移位矩陣RS1的第(2)列的移位列,為求簡便,以第5圖的置換暨移位矩陣為例說明: Next, step (a2) is performed. In this embodiment, the encrypted index value (I) is "0", and (2I+1)=(2*0+1)=1, so the encrypted index replacement column is replaced and shifted. The permutation column of the (1)th column of the bit matrix RS1, and (2I+2)=(2*0+2)=2, so the encrypted index shift column is the (2)th column of the permutation and shift matrix RS1. Shift column, for the sake of simplicity, take the replacement and shift matrix of Figure 5 as an example:

接下來將加密轉換碼(K11)「414243445758595A」的十六進位數字TX置換為第(1)列加密索引置換列的第(TX+1)行之數值,例如,第一個數字T0為「4」,則置換為第(1)列加密索引置換列的第(4+1=5)行之數值,亦為「4」,第二個數字T1為「1」,則置換為第(1)列加密索引置換列的第(1+1=2)行之數值,則為「11」,接著一個一個數字置換,直到該加密轉換碼(K11)的所有十六進位數字置換完成後,而得到一包括有十進位數字U0至U15的加密置換碼(K12): Next, the hexadecimal number T X of the encryption conversion code (K11) "414243445758595A" is replaced with the value of the (T X +1)th row of the (1) column encrypted index replacement column, for example, the first number T 0 to "4" is replaced by the first (1) column encryption index permutation of the column (4 + 1 = 5) of the value line, is also a "4", the second number T 1 is "1", is replaced The value of the (1+1=2)th row of the (1)th column of the encrypted index replacement column is "11", followed by one digit replacement until all the hexadecimal digits of the encryption conversion code (K11) are replaced. After that, an encrypted replacement code (K12) including the decimal digits U 0 to U 15 is obtained:

步驟(a3)則是將該加密置換碼(K12)的數字UY依照該加密索引移位列的數字SY移入一空的32行1列矩陣的第(SY+1)行,例如,第一個數字U0為「4」依照第(2)列的加密索引移位列的數字S0(即為30)移入一空的32行1列矩陣的第(S0+1=30+1=31)行,接著一個一個數字移位,直到該加密置換碼(K12)的所有十六進位數字移位完成後,即成為如下的32行1列矩陣: Step (a3) is to shift the number U Y of the encrypted replacement code (K12) according to the number S Y of the encrypted index shift column into the (S Y +1)th row of an empty 32-row 1-column matrix, for example, A number U 0 is "4" according to the number S 0 of the encrypted index shift column of the (2) column (ie, 30) is shifted into the empty 32-row 1 column matrix (S 0 +1=30+1= 31) The line, followed by a digital shift, until all the hexadecimal digit shifts of the encrypted replacement code (K12) are completed, becomes the following 32-row 1-column matrix:

接著以0至15的數值用隨機方式依序由該32行1列矩陣之低位至高位填入該32行1列矩陣中餘下為空的前15個空位,在本實施例中,為求說明簡便,餘下為空的前15個空位皆以「0」填入,即成為如下的32行1列矩陣: Then, the first 15 vacancies in the 32-row and 1-column matrices are filled in the random order of the 32-row and 1-column matrices in a random manner by a value of 0 to 15, in this embodiment, for the sake of explanation. Simple, the first 15 vacancies that are empty are filled with "0", which becomes the following 32 rows and 1 column matrix:

最後再將一調整位元A填入該32行1列矩陣中的最終餘下空位,而該調整位元A則是由該加密索引值(I)及這個32行1列矩陣中有數字的31行的每位數字以十進位加總取8之餘數值之間的一差值而得到,即,先將這個32行1列矩陣中有數字的31行的每位數字以十進位計算方式加總,即為:0+11+0+8+4+0+4+0+9+15+0+15+0+0+15+0+7+4+0+3+0+6+0+0+5+4+0+0+0+4+15=129然後將「129」除以「8」後之餘數為「1」,則調整位元A為加密索引值(I)「0」與餘數「1」的差值,即為(0-1=-1),而如果此差值為負數,則必須將此負數加「8」,所以調整位周A為(-1+8=7),然後將其填入該32行1列矩陣中而得到一加密初始碼(K2)為: 最後將該加密初始碼(K2)傳送到該用戶端裝置2,至此,步驟(a)結束。 Finally, an adjustment bit A is filled in the final remaining space in the 32 rows and 1 column matrix, and the adjustment bit A is represented by the encrypted index value (I) and the 32 rows and 1 column matrix. Each digit of the row is obtained by taking a difference between the decimal value and the total value of the remainder of 8, that is, first adding the digit of each of the 31 rows of the 32 rows and 1 column matrix by the decimal calculation method. In total, it is: 0+11+0+8+4+0+4+0+9+15+0+15+0+0+15+0+7+4+0+3+0+6+0 +0+5+4+0+0+0+4+15=129 Then the remainder after dividing "129" by "8" is "1", then the adjustment bit A is the encrypted index value (I) "0 The difference from the remainder "1" is (0-1=-1), and if the difference is negative, the negative number must be added to "8", so the adjustment bit A is (-1+8). =7), then fill it into the 32 rows and 1 column matrix to get an encrypted initial code (K2) as: Finally, the encrypted initial code (K2) is transmitted to the client device 2, and at this point, step (a) ends.

如第1圖、第2圖及第4圖所示,步驟(b)是由該用戶端裝置2以該置換暨移位矩陣RS2將該加密初始碼(K2)予以解密,而得到一解密初始碼(K1’),並將經解密而得出的該解密初始碼(K1’)以一預定的標準加密方式 予以加密,而得到一用戶端驗證碼(K3),並將該用戶端驗證碼(K3)傳送至該監控裝置1,在本實施例中,該預定的標準加密方式係符合高階加密標準(Advanced Encryption Standard,AES),並使用一使用者識別與密碼資訊做為金鑰來加密與解密。當然,本發明不以此為限。在其他實施例中,該預定的標準加密與解密方式可為其他方式,例如,RSA加密或ECC加密等。 As shown in FIG. 1 , FIG. 2 and FIG. 4 , in step (b), the client device 2 decrypts the encrypted initial code (K2) by the replacement and shift matrix RS2 to obtain an initial decryption. Code (K1'), and decrypting the decrypted initial code (K1') in a predetermined standard encryption manner Encrypted to obtain a client authentication code (K3), and the client authentication code (K3) is transmitted to the monitoring device 1. In the embodiment, the predetermined standard encryption method conforms to the high-order encryption standard (Advanced) Encryption Standard (AES), using a user identification and password information as a key to encrypt and decrypt. Of course, the invention is not limited thereto. In other embodiments, the predetermined standard encryption and decryption method may be other methods, such as RSA encryption or ECC encryption.

詳細而言,如第1圖及第4圖所示,步驟(b)是由該用戶端裝置2以該置換暨移位矩陣RS2將該加密初始碼(K2)予以解密,而解密程序是依序包括下列步驟:(b1)將該加密初始碼(K2)中的每位數字V0至V31予以十進位加總並取8之餘數而得出一解密索引值(J),在本實施例中,該加密初始碼(K2)中的每位數字加總為:0+11+0+8+4+0+4+0+9+15+0+15+0+0+15+0+7+4+0+3+0+6+0+0+5+4+0+0+0+7+4+15=136然後將「136」除以「8」後之餘數為「0」,而「0」即是解密索引值(J)。 In detail, as shown in FIGS. 1 and 4, in step (b), the client device 2 decrypts the encrypted initial code (K2) by the replacement and shift matrix RS2, and the decryption program is The sequence includes the following steps: (b1) adding a decimal digit to each digit V 0 to V 31 in the encrypted initial code (K2) and taking a remainder of 8 to obtain a decryption index value (J), in this implementation In the example, the total number of digits in the encryption initial code (K2) is: 0+11+0+8+4+0+4+0+9+15+0+15+0+0+15+0 +7+4+0+3+0+6+0+0+5+4+0+0+0+7+4+15=136 Then divide “136” by “8” and the remainder is “0” "," and "0" is the decryption index value (J).

接著進行步驟(b2),在本例中,解密索引值(J)為「0」,而(2J+1)=(2*0+1)=1,所以解密索引置換列為置換暨移位矩陣RS2的第(1)列的置換列,而(2J+2)=(2*0+2)=2,所以解密索引移位列為置換暨移位矩陣RS2的第(2)列的移位列,為求簡便,以第5圖的置換暨移位矩陣為例說明: 接下來根據第(2)列的解密索引移位列各行數字SZ取出該加密初始碼(K2)中的第(SZ+1)行之數值,例如,第一個數字S0為「30」,則取出該加密初始碼(K2) 中的第(30+1=31)行之數值,即為「4」,第二個數字S1為「1」,則取出該加密初始碼(K2)中的第(1+1=2)行之數值,即為「11」,接著將一個一個數字取出,直到第(2)列的解密索引移位列所有十六個數字對應於該加密初始碼(K2)位置的數字全部取出後,而得到一包括有數字G0至G15的解密移位碼(K21): Then proceed to step (b2). In this example, the decryption index value (J) is "0" and (2J+1) = (2*0+1) = 1, so the decryption index replacement column is replaced and shifted. The permutation column of the (1)th column of the matrix RS2, and (2J+2)=(2*0+2)=2, so the decryption index shift column is the shift of the (2)th column of the permutation and shift matrix RS2. For the sake of simplicity, the displacement and shift matrix of Figure 5 is taken as an example: The next section (2) decrypts the index column shift column (S Z +1) the value of the encrypted initial code line (K2) in each row of numbers S Z taken, e.g., the first digit S 0 is "30 "Numerical row of the (30 + 1 = 31) the encrypted initial code (K2) is taken in, that is," 4 ", the second number S 1 is at" 1 ", then remove the encrypted initial code (K2 The value of the (1+1=2)th row in the ) is "11", and then one digit is taken out until the decryption index shift column of the (2)th column all the sixteen digits correspond to the initial encryption. After the numbers of the code (K2) position are all taken out, a decryption shift code (K21) including the numbers G 0 to G 15 is obtained:

接下來步驟(b3)則是將該解密移位碼(K21)的各行數字GM置換為第(1)列的解密索引置換列的數字RM中搜尋出相同於數字GM的一位置值P,但必須注意的是,這個位置值P是從「0」開始,而不是從「1」開始: 例如,解密移位碼(K21)第一個數字G0為「4」,則搜尋第(1)列解密索引置換列找到「4」是位於位置值P亦為「4」之行,然後將「4」轉為十六進位數字H0,則H0亦為「4」,解密移位碼(K21)第二個數字G1為「11」,則搜尋第(1)列解密索引置換列找到「11」是位於位置值P亦為「1」之行,然後將「1」轉為十六進位數字H1,則H1亦為「1」,接著一個一個數字搜尋,直到該解密移位碼(K21)的所有十六個數字搜尋完成後,而得到一包括有十六進位數字H0至H15的解密置換碼(K22): 最後將解密置換碼(K22)作為十六進位ASCII碼而以兩個位元組為單位予後轉換為八個字元所組成的一解密初始碼(K1’),即,解密置換碼(K22)的H0及H1為「41」,則第一個字元應為「A」,接著兩個兩個數字轉換,該解密初始碼(K1’)即為「ABCDWXYZ」,至此,解密程序結束。 Next, in the step (b3), the row number G M of the decrypted shift code (K21) is replaced with the digit R M of the decryption index permutation column of the (1)th column, and a position value identical to the number G M is searched for. P, but it must be noted that this position value P starts from "0" instead of "1": For example, if the first digit G 0 of the decryption shift code (K21) is "4", then the search for the (1) column decryption index replacement column finds "4" is a line where the position value P is also "4", and then When "4" is converted to the hexadecimal number H 0 , then H 0 is also "4". If the second digit G 1 of the decrypted shift code (K21) is "11", the search for the (1) column decryption index replacement column is searched. Find "11" is the line where the position value P is also "1", then convert "1" to the hexadecimal number H 1 , then H 1 is also "1", and then one by one digital search until the decryption shift After all the sixteen digits of the bit code (K21) have been searched, a decryption permutation code (K22) including the hexadecimal digits H 0 to H 15 is obtained: Finally, the decryption replacement code (K22) is decrypted as a hexadecimal ASCII code and converted into two characters in a unit of two bytes to be converted into a decryption initial code (K1'), that is, the decryption replacement code (K22) H 0 and H 1 are "41", then the first character should be "A", and then two two digits are converted. The decryption initial code (K1') is "ABCDWXYZ", and the decryption program ends. .

如第2圖所示,步驟(c)是由監控裝置1將經儲存於該監控裝置1中的該字串初始碼(K1)以高階加密標準加密方式予以加密,而得到一監控端驗證碼(K4)。而步驟(d)則是比較該監控端驗證碼(K4)及該用戶端驗證碼(K3),且在當該監控端驗證碼(K4)及該用戶端驗證碼(K3)為相同的情況時,則該字串初始碼(K1)與該解密初始碼(K1’)為相同,即為驗證通過,而准許該監控裝置1與該用戶端裝置2之連線建立。 As shown in FIG. 2, step (c) is performed by the monitoring device 1 to encrypt the string initial code (K1) stored in the monitoring device 1 in a high-order encryption standard encryption manner to obtain a monitoring terminal verification code. (K4). And step (d) compares the monitoring terminal verification code (K4) and the client verification code (K3), and when the monitoring terminal verification code (K4) and the client verification code (K3) are the same When the string initial code (K1) is the same as the decryption initial code (K1'), that is, the verification is passed, and the connection between the monitoring device 1 and the client device 2 is permitted.

在本實施例中,該監控裝置1及該用戶端裝置2中儲存有一使用者識別與密碼資訊,用以提供做為高階加密標準的金鑰來使用,當然,本發明不以此為限。在其它實施例中,亦可使用其他資訊做為高階加密標準的金鑰來使用,例如,該監控裝置1的產品資訊、QR Code、以及產品序號等。 In this embodiment, the user identification and password information is stored in the monitoring device 1 and the client device 2 for use as a key for the high-order encryption standard. Of course, the present invention is not limited thereto. In other embodiments, other information may also be used as the key of the high-order encryption standard, for example, the product information of the monitoring device 1, the QR Code, and the product serial number.

在本實施例中,步驟(a3)中填入該32行1列矩陣中餘下為空的空位的方式為以0至15的數值以隨機方式依序由該32行1列矩陣之低位至高位填入該32行1列矩陣中餘下為空的前15個空位,而本實施例即是皆以「0」填入,當然,本發明不以此為限。在其它實施例中,亦可使用其他方式,例如,使用該加密索引置換列的前15個數值R0至R14依序由低位至高位填入。 In this embodiment, the remaining vacant bits in the 32 rows and 1 column matrix in step (a3) are in a random manner from the low to the high of the 32 rows and 1 column matrix in a random manner with a value of 0 to 15. The first 15 vacancies in the 32-row and 1-column matrices are filled in, and the present embodiment is filled with "0". Of course, the present invention is not limited thereto. In other embodiments, other methods may be used, for example, the first 15 values R 0 to R 14 of the column using the encrypted index are sequentially filled in from low to high.

在本實施例中,該監控裝置1係為一遠端監控攝影機,且/或該用戶端裝置2係為一行動裝置。較佳地,該行動裝置為一智慧型手機或平板電腦。 In this embodiment, the monitoring device 1 is a remote monitoring camera, and/or the client device 2 is a mobile device. Preferably, the mobile device is a smart phone or a tablet.

在本實施例中,該監控裝置1與該用戶端裝置2之連線建立的准許係為准許該監控裝置1將一監控影像資料傳輸至該用戶端裝置2以顯示於該用戶端裝置2上。 In this embodiment, the connection established between the monitoring device 1 and the client device 2 is to permit the monitoring device 1 to transmit a monitoring image data to the client device 2 for display on the client device 2. .

以上之敘述以及說明僅為本發明之較佳實施例之說明,對於此項技術具有通常知識者當可依據以下所界定申請專利範圍以及上述之說明而作其他之修改,惟此些修改仍應是為本發明之發明精神而在本發明之權利範圍中。 The above description and description are only illustrative of the preferred embodiments of the present invention, and those of ordinary skill in the art can make other modifications in accordance with the scope of the invention as defined below and the description above, but such modifications should still be It is within the scope of the invention to the invention of the invention.

<TABLE border="1" borderColor="#000000" width="_0042"><TBODY><tr><td> 1 </td><td> 監控裝置 </td></tr><tr><td> 2 </td><td> 用戶端裝置 </td></tr><tr><td> K2 </td><td> 加密初始碼 </td></tr><tr><td> K3 </td><td> 用戶端驗證碼 </td></tr><tr><td> RS1、RS2 </td><td> 置換暨移位矩陣 </td></tr></TBODY></TABLE><TABLE border="1" borderColor="#000000" width="_0042"><TBODY><tr><td> 1 </td><td> Monitoring device</td></tr><tr>< Td> 2 </td><td> client device</td></tr><tr><td> K2 </td><td> encryption initial code</td></tr><tr>< Td> K3 </td><td> Client Authentication Code</td></tr><tr><td> RS1, RS2 </td><td> Replacement and Shift Matrix</td></tr ></TBODY></TABLE>

Claims (7)

一種監控裝置之連線驗證方法,係用於在一監控裝置與一用戶端裝置之連線建立過程中執行驗證,驗證該監控裝置及該用戶端裝置中所各別建置的一置換暨移位矩陣是否相同,其中該置換暨移位矩陣為一16行16列矩陣,該置換暨移位矩陣之每個奇數列係作為置換列,該置換列係由選自0至15的互不重覆的16個數字R0至R15所構成,且該置換暨移位矩陣之每個偶數列係作為移位列,該移位列係由選自0至31的互不重覆的16個數字S0至S15所構成,該連線驗證方法依序包含下列步驟:(a)由該監控裝置將一由八個字元所組成的一字串初始碼予以儲存並將該字串初始碼以該置換暨移位矩陣予以加密,而得到一加密初始碼(K2),並將該加密初始碼(K2)傳送到該用戶端裝置;(b)由該用戶端裝置以該置換暨移位矩陣將該加密初始碼(K2)予以解密,而得到一解密初始碼,並將經解密而得出的該解密初始碼以一預定的標準加密方式予以加密,而得到一用戶端驗證碼(K3),並將該用戶端驗證碼(K3)傳送至該監控裝置;(c)由該監控裝置將經儲存於該監控裝置中的該字串初始碼以該預定的標準加密方式予以加密,而得到一監控端驗證碼;(d)比較該監控端驗證碼及該用戶端驗證碼(K3),且在當該監控端驗證碼及該用戶端驗證碼(K3)為相同的情況時,則該字串初始碼與該解密初始碼為相同,即為驗證通過,而准許該監控裝置與該用戶端裝置之連線建立,其中步驟(a)中,由該監控裝置將該字串初始碼以該置換暨移位矩陣予以加密係依序包括下列步驟: (a1)將該字串初始碼的字元以十六進位的二個位元組的ASCII碼表示而轉換為一加密轉換碼,並將該加密轉換碼中的每位十六進位數字T0至T15予以十進位加總並取8之餘數而得出一加密索引值I;(a2)使用該加密索引值I而索引出該置換暨移位矩陣的該第2I+1列的置換列作為一加密索引置換列,以及索引出該第2I+2列的移位列作為一加密索引移位列,將該加密轉換碼的十六進位數字TX置換為該加密索引置換列的第TX+1的十進位計算行之數值,其中X為0至15,並在該加密轉換碼的所有十六進位數字置換完成後,而得到一包括有十進位數字U0至U15的加密置換碼;以及(a3)將該加密置換碼的數字UY依照該加密索引移位列的數字SY移入一空的32行1列矩陣的第SY+1行,其中Y為0至15,接著以0至15的數值以隨機方式依序由該32行1列矩陣之低位至高位填入該32行1列矩陣中餘下為空的前15個空位,再將一調整位元填入該32行1列矩陣中的最終餘下空位,而得到該加密初始碼(K2),其中該調整位元係由該加密索引值I及該加密初始碼(K2)中31行的每位數字以十進位加總取8之餘數值之間的一差值而得到;其中步驟(b)中,由該用戶端裝置以該置換暨移位矩陣將該加密初始碼(K2)予以解密係依序包括下列步驟:(b1)將該加密初始碼(K2)中的每位數字V0至V31予以十進位加總並取8之餘數而得出一解密索引值J;(b2)使用該解密索引值J而索引出該置換暨移位矩陣的該第2J+1列的置換列作為一解密索引置換列,以及索引出該第2J+2列的移位列作為一解密索引移位列,將該解密索引移位列的各行數字SZ予以作為一解密移位數值取出索引值而取出該加密初始碼K2中的第SZ+1的十進位計算行之數值,並依該各行數字SZ於該解密索引移位列的所在位置予以排列而組成一包括有數字G0至G15的解密移位碼,其中Z為0至15; (b3)將該解密移位碼的各行數字GM予以個別作為一解密置換數值搜尋索引值而自該解密索引置換列予以搜尋出該解密置換數值搜尋索引值個別於該解密索引置換列中的一位置值,並以該位置值依該各行數字GM於該解密移位碼的所在位置予以排列而組成一包括有十六進位數字H0至H15的一解密置換碼,其中該位置值係為自0起算而至15,而M為0至15,然後將該解密置換碼作為十六進位ASCII碼而以兩個位元組為單位予以轉換為八個字元所組成的的該解密初始碼。 A method for verifying connection of a monitoring device is used for performing verification during connection establishment between a monitoring device and a user device, and verifying a replacement and migration of the monitoring device and the user device Whether the bit matrix is the same, wherein the permutation and shift matrix is a 16-row 16-column matrix, and each odd-numbered column of the permutation and shift matrix is used as a permutation column, and the permutation column is not equal to each other selected from 0 to 15. The 16 numbers R 0 to R 15 are covered, and each even column of the permutation and shift matrix is used as a shift column, and the shift column is composed of 16 non-repeated from 0 to 31. The numbers S 0 to S 15 are configured. The connection verification method sequentially includes the following steps: (a) storing, by the monitoring device, a string initial code consisting of eight characters and initializing the string The code is encrypted by the permutation and shift matrix to obtain an encrypted initial code (K2), and the encrypted initial code (K2) is transmitted to the user equipment; (b) the user equipment is replaced by the replacement device The bit matrix decrypts the encrypted initial code (K2) to obtain a decrypted initial code, and the solution is solved. The secret decryption initial code is encrypted in a predetermined standard encryption manner to obtain a client authentication code (K3), and the client authentication code (K3) is transmitted to the monitoring device; (c) The monitoring device encrypts the initial code of the string stored in the monitoring device in the predetermined standard encryption manner to obtain a monitoring terminal verification code; (d) comparing the monitoring terminal verification code with the user terminal verification code (K3), and when the monitoring terminal verification code and the client verification code (K3) are the same, the string initial code is the same as the decryption initial code, that is, the verification is passed, and the monitoring is permitted. Establishing a connection between the device and the client device, wherein in step (a), the monitoring device encrypts the string initial code by the replacement and shift matrix, and the following steps are included: (a1) the word The character of the string initial code is converted into an encrypted conversion code by the ASCII code representation of two hexadecimal bytes, and the hexadecimal digits T 0 to T 15 in the encrypted conversion code are decimally digitized. Add up and take the remainder of 8 to get an encrypted index value I; (a2) The encrypted index value I indexes the permutation column of the 2I+1 column of the permutation and shift matrix as an encrypted index permutation column, and indexes the shifted column of the 2I+2 column as an encrypted index shift Column, replacing the hexadecimal number T X of the encrypted conversion code with the value of the decimal calculation row of the T X +1 of the encrypted index permutation column, where X is 0 to 15, and all of the encryption conversion code After the hexadecimal digital replacement is completed, an encrypted permutation code including the decimal digits U 0 to U 15 is obtained; and (a3) the digital U Y of the encrypted permutation code is shifted by the number S Y of the column according to the encryption index. Shifting into the S Y +1 row of an empty 32-row 1-column matrix, where Y is 0 to 15, and then filling the 32 from the low-to-high order of the 32-row 1-column matrix in a random manner with values from 0 to 15. The first 15 vacancies in the row 1 column matrix are left empty, and then an adjustment bit is filled into the final remaining vacancy in the 32 rows and 1 column matrix to obtain the encrypted initial code (K2), wherein the adjustment bit system is From the encrypted index value I and each digit of the 31 lines in the encrypted initial code (K2), the decimal value is added by a total of 8 Obtaining a difference between the two; wherein in step (b), the user equipment sets the encryption initial code (K2) to be decrypted by the replacement and shift matrix, and the following steps are included: (b1) encrypting Each digit V 0 to V 31 in the initial code (K2) is added by a decimal and takes a remainder of 8 to obtain a decryption index value J; (b2) indexing the replacement and shift using the decryption index value J The permutation column of the 2J+1th column of the bit matrix is used as a decryption index permutation column, and the shifted column of the 2nd J+2 column is indexed as a decryption index shift column, and the decryption index is shifted by the row number of the column. S Z extracts the value of the decimal calculation row of the S Z +1 in the encrypted initial code K2 as a decryption shift value extraction index value, and shifts the column according to the row number S Z in the decryption index The positions are arranged to form a decrypted shift code including numbers G 0 to G 15 , where Z is 0 to 15; (b3) each row of numbers G M of the decrypted shift code is individually used as a decrypted permutation value search index Value from the decryption index permutation column to search for the decryption permutation value search index value individually The decrypted index replacing a position value in the column, and in that the position value by the respective line numbers G M to be arranged at the location of the decrypted shift code of the composition a comprising sixteen digits a decryption H0 to H15 permutation code , wherein the position value is from 0 to 15 and M is 0 to 15, and then the decrypted permutation code is converted into eight characters in units of two bytes as a hexadecimal ASCII code. The decrypted initial code composed. 如申請專利範圍第1項的監控裝置之連線驗證方法,其中當該加密索引值(I)係為小於該加密初始碼(K2)中31行的每位數字以十進位加總取8之餘數值時,則將該差值加8而得出該調整位元。 The method for verifying the connection of the monitoring device of claim 1, wherein the encrypted index value (I) is less than the number of each of the 31 lines in the encrypted initial code (K2), and the total number is 8 For the remainder value, the difference is added to 8 to obtain the adjustment bit. 如申請專利範圍第1項的監控裝置之連線驗證方法,其中該預定的標準加密方式係符合高階加密標準(Advanced Encryption Standard,AES),並使用一使用者識別與密碼資訊做為金鑰。 For example, the method for verifying the connection of the monitoring device of claim 1 is that the predetermined standard encryption method conforms to the Advanced Encryption Standard (AES) and uses a user identification and password information as a key. 如申請專利範圍第3項的監控裝置之連線驗證方法,其中該監控裝置及該用戶端裝置中係儲存有一使用者識別與密碼資訊。 For example, the method for verifying the connection of the monitoring device of claim 3, wherein the monitoring device and the client device store user identification and password information. 如申請專利範圍第1項的監控裝置之連線驗證方法,其中步驟(a3)中填入該32行1列矩陣中餘下為空的空位的方式係為使用該加密索引置換列的前15個數值R0至R14依序由低位至高位填入。 For example, in the method for verifying the connection of the monitoring device of claim 1, the method of filling in the remaining empty spaces in the 32 rows and 1 column matrix in step (a3) is to replace the first 15 columns of the column by using the encrypted index. The values R 0 to R 14 are sequentially filled in from the low to the high. 如申請專利範圍第1項的監控裝置之連線驗證方法,其中該監控裝置係為一遠端監控攝影機,且/或該用戶端裝置係為一行動裝置。 The method for verifying the connection of the monitoring device of claim 1, wherein the monitoring device is a remote monitoring camera, and/or the user device is a mobile device. 如申請專利範圍第1項的監控裝置之連線驗證方法,其中該監控裝置與該用戶端裝置之連線建立的准許係為准許該監控裝置將一監控影像資料傳輸至該用戶端裝置以顯示於該用戶端裝置上。 The method for verifying the connection of the monitoring device of claim 1, wherein the connection between the monitoring device and the user device is established to permit the monitoring device to transmit a monitoring image data to the user device for display. On the client device.
TW104137980A 2015-11-18 2015-11-18 A connection verifying method for monitoring device TWI587680B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW104137980A TWI587680B (en) 2015-11-18 2015-11-18 A connection verifying method for monitoring device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW104137980A TWI587680B (en) 2015-11-18 2015-11-18 A connection verifying method for monitoring device

Publications (2)

Publication Number Publication Date
TW201720094A TW201720094A (en) 2017-06-01
TWI587680B true TWI587680B (en) 2017-06-11

Family

ID=59687336

Family Applications (1)

Application Number Title Priority Date Filing Date
TW104137980A TWI587680B (en) 2015-11-18 2015-11-18 A connection verifying method for monitoring device

Country Status (1)

Country Link
TW (1) TWI587680B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023127160A1 (en) * 2021-12-29 2023-07-06 楽天グループ株式会社 Authentication system, authentication method, and program

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200740165A (en) * 2006-04-10 2007-10-16 Mitac Int Corp Fingerprint authentication method for accessing wireless network systems
CN101897165A (en) * 2007-10-30 2010-11-24 意大利电信股份公司 Method for authenticating user in data processing system
TW201337632A (en) * 2011-12-22 2013-09-16 Intel Corp Instructions processors, methods, and systems to process BLAKE secure hashing algorithm
TW201421390A (en) * 2012-10-19 2014-06-01 Mpayme Ltd Method and system for secure mobile payment
US8752147B2 (en) * 2010-10-05 2014-06-10 Cse Co., Ltd System and method for two-factor user authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200740165A (en) * 2006-04-10 2007-10-16 Mitac Int Corp Fingerprint authentication method for accessing wireless network systems
CN101897165A (en) * 2007-10-30 2010-11-24 意大利电信股份公司 Method for authenticating user in data processing system
US8752147B2 (en) * 2010-10-05 2014-06-10 Cse Co., Ltd System and method for two-factor user authentication
TW201337632A (en) * 2011-12-22 2013-09-16 Intel Corp Instructions processors, methods, and systems to process BLAKE secure hashing algorithm
TW201421390A (en) * 2012-10-19 2014-06-01 Mpayme Ltd Method and system for secure mobile payment

Also Published As

Publication number Publication date
TW201720094A (en) 2017-06-01

Similar Documents

Publication Publication Date Title
US10021085B1 (en) Encryption and decryption techniques using shuffle function
CN108023724B (en) Data transmission method and device
CN103778590B (en) Using digital picture storage and the method and apparatus of transmission information
CN105871550B (en) A kind of system for realizing digital signal encryption transmission
CN105871549B (en) A kind of digital signal encryption processing method
US9430657B2 (en) Data encryption system and method
CN101895390B (en) Method, device and system for encryption and decryption
US20150365424A1 (en) Cryptographic method for securely exchanging messages and device and system for implementing this method
CN110933053B (en) Authorization method based on CAN communication encryption
CN104318510B (en) A kind of image encryption and decomposition method based on Matlab
JP2014017556A5 (en)
CN106712946A (en) Data secure transmission method
CN102170350A (en) Multiple uncertainty encryption system with misleading function
CN107111967A (en) Using the visual cryptography of augmented reality with obscuring
CN110135176B (en) Encryption method for printing data transmission
CN102594549B (en) Multistage data encryption and decryption methods
CN105391554A (en) Method and system for realizing fingerprint matching by using ciphertext
CN101826961A (en) Method, device and system for data transmission encryption and decryption
WO2019223170A1 (en) Encryption method and apparatus, and computer device and storage medium
TWI587680B (en) A connection verifying method for monitoring device
CN103237302A (en) Sensing information safety protection method for RFID (radio frequency identification) tags in Internet of Things
CN105959106B (en) A kind of low-complexity digital encryption method
Hamad et al. A modified playfair cipher for encrypting digital images
CN104394161A (en) Algorithm reconstruction mechanism based secret key transmission method and system
KR101754017B1 (en) Method and server for improving security of password authentication by double mapping

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees