[go: up one dir, main page]

WO2019015041A1 - Procédé et dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets - Google Patents

Procédé et dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets Download PDF

Info

Publication number
WO2019015041A1
WO2019015041A1 PCT/CN2017/100789 CN2017100789W WO2019015041A1 WO 2019015041 A1 WO2019015041 A1 WO 2019015041A1 CN 2017100789 W CN2017100789 W CN 2017100789W WO 2019015041 A1 WO2019015041 A1 WO 2019015041A1
Authority
WO
WIPO (PCT)
Prior art keywords
data packet
internet
things
encryption
encryption unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2017/100789
Other languages
English (en)
Chinese (zh)
Inventor
杜光东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Shenglu IoT Communication Technology Co Ltd
Original Assignee
Shenzhen Shenglu IoT Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Shenglu IoT Communication Technology Co Ltd filed Critical Shenzhen Shenglu IoT Communication Technology Co Ltd
Publication of WO2019015041A1 publication Critical patent/WO2019015041A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding

Definitions

  • the present invention claims the prior application priority of the application No. 201710588676.0, entitled “A Method and Apparatus for Period-Time Encryption of Internet of Things Repeater Data", filed on July 19, 2017, the content of which is incorporated herein by reference. The way is incorporated into this text.
  • the present application relates to the field of communications, and in particular, to a method and apparatus for time-phase encryption of Internet of Things relay data.
  • the Internet of Things is an important part of the new generation of information technology, and an important stage of development in the era of "informatization.” Its English name is: “Internet of things (IoT)". As the name suggests, the Internet of Things is the Internet that connects things. This has two meanings: First, the core and foundation of the Internet of Things is still the Internet, which is an extended and extended network based on the Internet; Second, its client extends and extends to any item and item for information. Exchange and communication, that is, things and things. The Internet of Things is widely used in the convergence of networks through communication-aware technologies such as intelligent sensing, identification technology and pervasive computing. It is also called the third wave of the development of the world information industry after computers and the Internet.
  • the Internet of Things is the application expansion of the Internet. It is not so much that the Internet of Things is a network, but the Internet of Things is a business and application. Therefore, application innovation is the core of the development of the Internet of Things. Innovation 2.0 with user experience as the core is the soul of the development of the Internet of Things.
  • the Internet of Things solves the interconnection between objects and the exchange of data between objects.
  • the existing Internet of Things is connected to the Internet based on IoT access points (APs).
  • IoT access points There are multiple repeaters under the Internet of Things (AP). After receiving the corresponding data, the repeater does not encrypt the data. This is easy to leak the IoT device, resulting in leakage of user privacy data and low user experience. .
  • the application provides a time-phased encryption method for Internet of Things relay data. It can improve the security of IoT data and improve the user experience.
  • a method for time-phase encryption of Internet of Things relay data comprising the following steps:
  • the Internet of Things relay receives a data packet sent by the Internet of Things terminal
  • the IoT repeater extracts a sending time of the data packet, determines a working period of the IOT terminal in the working period according to the sending time, and maps with an encryption unit according to the working period of the working period in a pre-configured working period Querying, in the table, the first encryption unit corresponding to the working period;
  • the Internet of Things repeater invokes the first encryption unit to perform encryption processing on the data packet
  • the Internet of Things repeater transmits the encrypted data packet and the transmission time to the IoT access point within the payload of the frame.
  • the method may further include: before the IoT access point sends the encrypted data packet to the gateway:
  • the alternate encryption unit of the first encryption unit is invoked to encrypt the data packet.
  • the requesting, by the IoT access point, the first encryption unit to perform encryption processing on the data packet includes:
  • the IoT repeater acquires a signal modulation manner of the data packet sent by the Internet of Things terminal, determines a secret key according to the signal modulation manner, and invokes the first encryption unit to encrypt the data packet by using the secret key. Handle working hours.
  • the determining the secret key according to the modulation manner specifically includes:
  • the determining the secret key according to the modulation manner specifically includes: if the data packet of the data packet is parsed by using the quadrature phase shift keying QPSK, the energy of the QPSK is obtained.
  • a phase number which is a value obtained by sequentially sorting the phase numbers as the secret key.
  • an IoT repeater device comprising:
  • a receiving unit configured to receive a data packet sent by the Internet of Things terminal
  • a processing unit configured to extract a sending time of the data packet, and determine the sending time according to the sending time a working period of the IoT terminal, the first encryption unit corresponding to the working period is queried in the pre-configured working period and the encryption unit mapping table according to the working period; and the first encryption unit is called to the data
  • the packet is encrypted
  • a sending unit configured to send the encrypted data packet and the sending time to the IoT access point within the payload of the frame.
  • the processing unit is configured to: when the first encryption unit fails to encrypt the data packet, invoke the alternate encryption unit of the first encryption unit to encrypt the data packet.
  • the processing unit is configured to acquire a signal modulation manner of the data packet sent by the Internet of Things terminal, determine a secret key according to the signal modulation manner, and invoke the first encryption unit to use the secret key pair
  • the data packet is subjected to an encryption processing working period.
  • the working period processing unit is configured to parse the data packet to obtain a signal modulation manner of the data packet, and query, according to the mapping manner between the modulation mode and the key, the signal modulation mode. Secret key.
  • the processing unit is further configured to: if the signal modulation mode of the data packet is obtained by parsing the data packet is quadrature phase shift keying QPSK, acquiring a phase number with energy in the QPSK, The phase number is sorted in order to obtain the value as the secret key.
  • a computer storage medium is provided, wherein the computer storage medium is storable with a program, the program comprising a portion of the time-division encryption method for receiving data by any one of the Internet of Things repeaters described in the first aspect. Or all steps.
  • a repeater device comprising: one or more processors, a memory, a bus system, a transceiver, and one or more programs, the processor, the memory, and The transceiver is coupled by the bus system; wherein the one or more programs are stored in the memory, the one or more programs including instructions that, when executed by the access point, cause the repeater to perform the In one aspect and in the first aspect, it is entirely possible to design any of the methods provided.
  • the repeater After the Internet of Things terminal of the technical solution provided by the present invention sends the data packet to the repeater, the repeater queries the encryption unit corresponding to the working period according to the time of the Internet of Things terminal, and encrypts the data through the encryption unit.
  • the IoT terminal does not need to configure encryption. All encryption settings are in the repeater. This method can encrypt the data, protect the user's privacy and improve the user experience.
  • FIG. 1 is a schematic diagram of a network architecture
  • FIG. 2 is a flow chart of transmission of an IoT terminal transmitting a data packet to a repeater
  • 3 is a flow chart of a time-phased encryption method for IoT repeater data
  • FIG. 4 is a schematic diagram of a technical scenario provided by an embodiment of the present application.
  • FIG. 5 is a schematic diagram of a mapping relationship provided by an embodiment of the present application.
  • FIG. 6 is a schematic flowchart of a time-phased encryption method for data network relay data provided by another embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of an Internet of Things repeater device provided by the present application.
  • FIG. 8 is a schematic structural diagram of hardware of an Internet of Things repeater provided by the present application.
  • computer device also referred to as “computer” in the context, is meant an intelligent electronic device that can perform predetermined processing, such as numerical calculations and/or logical calculations, by running a predetermined program or instruction, which can include a processor and a memory that is executed by the processor to execute a surviving instruction pre-stored in the memory
  • predetermined processing is performed by a hardware such as an ASIC, an FPGA, a DSP, or the like, or a combination of the two.
  • Computer devices include, but are not limited to, servers, personal computers, notebook computers, tablets, smart phones, and the like.
  • a data transmitting method of an Internet of Things repeater is provided.
  • the method is applied to the object network shown in FIG. 1.
  • the object network includes: an Internet of Things terminal 10, an Internet of Things access point AP20, a gateway, and a repeater 40.
  • the networked terminal may have different manifestations according to different situations.
  • the Internet of Things terminal may specifically be: a mobile phone, a tablet computer, a computer, etc., of course, it may also include other devices with networking functions, such as a smart TV, a smart air conditioner.
  • the smart water bottle or some Internet of Things terminal device, the Internet of Things terminal 10 is connected to the repeater 40 in a wireless manner, and the repeater 40 is connected to the AP.
  • connection manner may be wireless or limited.
  • the wireless mode includes but is not limited to: Bluetooth, WIFI, etc.
  • the foregoing gateway may specifically be a mobile base station, a mobile relay station, a switch, and the like.
  • the wired mode is taken as an example, and for convenience of representation, only one solid line is shown here.
  • the above-mentioned gateway 30 may be a personal computer (PC) according to the size of the Internet of Things. In practice, it may be a plurality of PCs, servers, or server groups. The specific embodiment of the present invention is not limited. The specific manifestation of the above gateway 30.
  • PC personal computer
  • the repeater 40 may be a plurality of devices according to different scenarios, such as a mobile phone, a smart watch, and the like.
  • FIG. 2 is a transmission flow chart of data transmission of an Internet of Things repeater. As shown in FIG. 2, the process includes:
  • Step S201 the Internet of Things terminal 10 transmits the data packet to be transmitted to the relay station 40 by wireless;
  • Step S202 The relay station forwards the data packet to the Internet of Things access point
  • Step S203 The Internet of Things access point transmits the data packet to the gateway.
  • FIG. 3 is a method for time-phase encryption of data of an Internet of Things repeater according to the present invention.
  • the method is implemented in a network architecture as shown in FIG. 4, as shown in FIG.
  • a plurality of IoT terminals can be connected, and the repeater can be a mobile phone that opens a hot spot, a personal computer that provides a wireless connection, a forwarding device, and the like.
  • the method is as shown in FIG. 3, and includes the following steps:
  • Step S301 The Internet of Things terminal sends a data packet to the Internet of Things access point 40.
  • the object-to-network terminal in the above step S301 may specifically be: a mobile phone, a tablet computer, a computer, etc., of course, it may also include other devices with networking functions, such as a smart TV, a smart air conditioner, a smart water bottle, a smart light, a smart switch, or Some IoT smart devices.
  • the manner in which the Internet of Things terminal sends a data packet to the Internet of Things terminal may be to send a data packet by using a wireless connection, including but not limited to: Bluetooth, Wireless Fidelity (WIFI) or Zigbee And other wireless methods, wherein the above WIFI needs to comply with the IEEE802.11b standard.
  • a wireless connection including but not limited to: Bluetooth, Wireless Fidelity (WIFI) or Zigbee And other wireless methods, wherein the above WIFI needs to comply with the IEEE802.11b standard.
  • the Internet of Things and IoT terminals here are only for wireless IoT terminals, because for the Internet of Things, the number of devices accessed by them is large.
  • IoT terminals if they are connected by wire, the first thing The number of accesses of the networked terminal is limited, and the wired connection is used for the home, which is unimaginable for the wiring of the home user, and the cost of the cable is also very high, so in the technical solution of the present invention
  • the connection between the IoT terminal and the IoT terminal is limited to wireless connection.
  • Step S302 The IoT repeater extracts the sending time of the data packet, determines the working time period of the Internet of Things terminal in the working period according to the sending time, and queries the working time period in the pre-configured working time period and the encryption unit mapping table. The first encryption unit corresponding to the working period.
  • the type of the Internet of Things terminal in the above step S302 can be set according to the situation of the device.
  • the IoT terminal can specifically include: a smart electric light, a smart television, a smart cleaning device, a smart sleep device, an intelligent monitoring device, etc.
  • the form of performance can be various, for example, for a smart electric lamp, including but not limited to: a smart table lamp, a smart ceiling lamp, a smart wall lamp, etc., for example, for a smart TV, it can be a Samsung smart TV, of course It can also be a Sharp smart TV.
  • a smart cleaning device it can be a smart sweeping robot.
  • a smart vacuum cleaner for example, for a smart sleep device
  • a smart garbage processor for example, for a smart sleep device
  • the smart mattress for the smart mattress, the smart sofa, and the like
  • the smart monitoring device it may be an intelligent sphygmomanometer, a smart thermometer, etc., and the specific form, number, or type of the above-mentioned Internet of Things terminal is not limited.
  • the working period and the encryption unit mapping table in the above steps are as shown in FIG. 5, and the foregoing mapping may be a one-to-one mapping, or may be a one-to-many mapping or the like.
  • the encryption unit in the above step S302 may specifically be a hardware encryption unit provided in the Internet of Things (Relay), which includes an encryption algorithm preset by the manufacturer.
  • the encryption unit may also be a software configured in the AP.
  • the encryption unit, the present invention does not limit the specific expression of the above encryption unit.
  • the foregoing encryption algorithm includes, but is not limited to, an encryption algorithm such as 3DES, MD5 or RSA, and the present invention is not limited to a specific encryption algorithm.
  • Step S303 The Internet of Things repeater invokes the first encryption unit to perform encryption processing on the data packet.
  • the implementation method of the foregoing step S303 may specifically be:
  • the first encryption unit is a 3DES encryption unit, and the Internet of Things relay invokes the 3DES encryption unit to perform 3DES encryption processing on the data packet.
  • the first encryption unit is a RAS encryption unit, and the Internet of Things relay invokes the RAS encryption unit to perform RAS encryption processing on the data packet.
  • the Internet of Things relay invokes the MD5 encryption unit to perform MD5 encryption processing on the data packet.
  • the above encryption algorithms include but are not limited to: triple data encryption algorithm block cipher (English: riple Data Encryption Algorithm (3DES), Message Digest Algorithm (MD5) or RSA (Rivest, Shamir, Adleman) encryption algorithms, the present invention is not limited to a specific encryption algorithm.
  • 3DES is a generic term for triple-data encryption algorithm block ciphers. It is equivalent to applying three DES encryption algorithms to each data block. Due to the increased computing power of the computer, the key length of the original DES password becomes vulnerable to brute force; 3DES is designed to provide a relatively simple method to avoid similar attacks by increasing the key length of DES.
  • the implementation method of the foregoing step S303 may specifically be:
  • the IoT repeater invokes the first encryption unit to perform encryption processing on the data packet. If the encryption is successful, the subsequent step S304 is performed. If the encryption is unsuccessful, the standby encryption unit of the first encryption unit is called to encrypt the data packet. The alternate encryption unit identifier is added to the header extension field of the encrypted packet.
  • Step S304 The Internet of Things repeater sends the encrypted data packet and the transmission time to the IoT access point in the payload of the frame.
  • the implementation method of the above step S304 can be:
  • the IoT repeater carries the encrypted data packet in the payload of the frame, and then carries the transmission time in the payload.
  • the purpose of carrying the transmission time is to facilitate subsequent devices to learn the selected encryption unit, because For the device, the sending time is changed at any time. If the sending time is not carried in the frame, the subsequent devices cannot know the encryption unit used by the device, and the decryption cannot be performed.
  • the IoT repeater queries the encryption unit corresponding to the working period according to the working period of the IoT terminal during the working period, and the encryption unit The unit encrypts the data.
  • the IoT terminal does not need to configure encryption. All encryption settings are in the IoT repeater.
  • This method can effectively reduce the cost of the IoT terminal and the entire Internet of Things. In this case, because an IoT repeater can connect to a large number of IoT terminals, only the IoT repeater configuration can reduce the overall cost of the Internet of Things.
  • the calculation is The ability is generally stronger than the IoT terminal, so it can reduce the delay of data transmission when running the encryption unit, reduce the delay of the network, and improve the user experience.
  • FIG. 6 is a time-phase encryption method for data of an Internet of Things repeater according to the present invention.
  • the method is implemented in the network architecture as shown in FIG. 4, as shown in FIG. 4, an IoT repeater can be connected to multiple IoT terminals, and the IoT repeater can specifically provide a mobile phone with hotspots.
  • a device such as a wirelessly connected personal computer, as shown in FIG. 6, includes the following steps:
  • Step S601 The Internet of Things terminal sends a data packet to the Internet of Things relay.
  • the IoT terminal in the above step S601 may specifically be: a mobile phone, a tablet computer, a computer, etc., of course, it may also include other devices with networking functions, such as a smart TV, a smart air conditioner, a smart water bottle, a smart light, a smart switch, or Some IoT smart devices.
  • the manner in which the Internet of Things terminal sends a data packet to the Internet of Things relay may be a method of sending a data packet by using a wireless connection, including but not limited to: Bluetooth, Wireless Fidelity (WIFI) Or a wireless method such as Zigbee, wherein the above WIFI needs to comply with the IEEE802.11b standard.
  • a wireless connection including but not limited to: Bluetooth, Wireless Fidelity (WIFI) Or a wireless method such as Zigbee, wherein the above WIFI needs to comply with the IEEE802.11b standard.
  • the Internet of Things and IoT repeaters here are only for wireless IoT repeaters, because for the Internet of Things, the number of devices it accesses is large, for IoT repeaters, if With wired connections, the number of IoT repeaters will be limited first, and for the home, wired connections are unimaginable for home users' wiring, and the cost of this cable is also very high. Therefore, the connection between the Internet of Things terminal and the Internet of Things relay in the technical solution of the present invention is limited to a wireless connection.
  • Step S602 The IoT repeater extracts a sending time of the data packet, determines a working time period of the Internet of Things terminal in the working period according to the sending time, and queries the working time period in the pre-configured working time period and the encryption unit mapping table according to the working time period.
  • the first encryption unit corresponding to the working period.
  • the type of the Internet of Things terminal in the above step S602 can be set according to the situation of the device.
  • the IoT terminal can include: a smart light, a smart TV, a smart cleaning device, a smart sleep device, an intelligent monitoring device, etc.
  • the form of performance can be various, for example, for a smart electric lamp, including but not limited to: a smart table lamp, a smart ceiling lamp, a smart wall lamp, etc., for example, for a smart TV, it can be a Samsung smart TV, of course It can also be a Sharp smart TV.
  • a smart cleaning device it can be a smart sweeping robot.
  • a smart vacuum cleaner for example, for a smart sleep device
  • a smart mattress for example, smart mattresses, smart sofas, etc.
  • a smart monitoring devices It may be an intelligent sphygmomanometer, a smart thermometer or the like, and the present invention does not limit the specific form, number or kind of the above-mentioned Internet of Things terminal.
  • the working period and the encryption unit mapping table in the above steps are as shown in FIG. 5, and the foregoing mapping may be a one-to-one mapping, or may be a one-to-many mapping or the like.
  • the cryptographic unit in the above step S602 may specifically be a hardware cryptographic unit disposed in the Internet of Things repeater, and includes an encryption algorithm preset by the manufacturer.
  • the cryptographic unit may also be configured in the Internet of Things relay.
  • the software encryption unit in the device does not limit the specific expression of the above encryption unit.
  • the foregoing encryption algorithm includes, but is not limited to, an encryption algorithm such as 3DES, MD5 or RSA, and the present invention is not limited to a specific encryption algorithm.
  • Step S603 The IoT repeater acquires a signal modulation manner of the data packet sent by the Internet of Things terminal, determines a secret key according to the signal modulation manner, and invokes the first encryption unit to use the secret key to perform the data packet. Encryption processing.
  • step S603 may be specifically:
  • the IoT repeater obtains a signal modulation mode of the IOT terminal transmitting the data packet, and queries a key corresponding to the signal modulation mode from the modulation mode and the key mapping table, and invokes the first encryption unit to use the secret key. Encrypting the data packet.
  • the acquired modulation mode is Binary Phase Shift Keying (BPSK)
  • the first key is used, for example, the acquired modulation mode is Quadrature Phase Shift Keying (Quadrature Phase Shift Keying). , QPSK)
  • the second key is used.
  • the purpose of the modulation mode of the signal here is that, for the repeater, the modulation mode of the signal is constant, so that the subsequent device can acquire the modulation mode of the signal transmission of the Internet of Things terminal, so it can be modulated. Different ways to choose different keys to further improve security.
  • the implementation method of the foregoing step S603 may specifically be:
  • the phase number with energy in the QPSK is obtained, and the value obtained by sequentially sorting the phase number is used as the secret. key.
  • the phase number with energy refers to the energy of the QPSK subcarrier, that is, the subcarrier transmits the number 1, and the corresponding phase number may specifically be the phase number of the phase, for example, the first phase row number is 1, the second The phase number is 2, and the 15th phase has a row number of 15.
  • the way to get the secret key increases the difficulty of the key being deciphered, further improving security.
  • the implementation method of the foregoing step S603 may specifically be:
  • the first encryption unit is a 3DES encryption unit, and the Internet of Things relay invokes the 3DES encryption unit to perform 3DES encryption processing on the data packet.
  • the first encryption unit is a RAS encryption unit, and the Internet of Things relay invokes the RAS encryption unit to perform RAS encryption processing on the data packet.
  • the Internet of Things relay invokes the MD5 encryption unit to perform MD5 encryption processing on the data packet.
  • the implementation method of the foregoing step S603 may specifically be:
  • the IoT repeater invokes the first encryption unit to perform encryption processing on the data packet. If the encryption is successful, the subsequent step S304 is performed. If the encryption is unsuccessful, the standby encryption unit of the first encryption unit is called to encrypt the data packet. The alternate encryption unit identifier is added to the header extension field of the encrypted packet.
  • Step S604 The Internet of Things repeater transmits the encrypted data packet and the transmission time to the IoT access point in the payload of the frame.
  • the implementation method of the above step S604 can be:
  • the encrypted data packet is sent to the gateway in another way.
  • the IoT terminal is connected to the Internet of Things relay through WIFI, and the IoT repeater can send the data packet to the gateway through the wire, of course, in practice.
  • the Internet of Things repeater can also send the encrypted data packet to the gateway through Long Term Evolution (LTE).
  • LTE Long Term Evolution
  • the above LTE or limited mode and the manner in which the Internet of Things terminal is connected to the Internet of Things through WIFI are merely for illustrative purposes, and the present invention is not limited to the specific manner of the above connection.
  • the technical solution adopted by the invention has the advantage of high safety.
  • the foregoing method may further include:
  • the IoT access point invokes the first encryption unit to perform unsuccessful encryption, and the IoT access point invokes a backup encryption unit of the first encryption unit to encrypt the data packet, and the standby encryption unit identifier is added.
  • FIG. 7 is an Internet of Things repeater device 700, the device comprising:
  • the receiving unit 701 is configured to receive a data packet sent by the Internet of Things terminal;
  • the processing unit 702 is configured to extract a sending time of the data packet, determine a working period of the Internet of Things terminal in the working period according to the sending time, and query the pre-configured working period and the encryption unit mapping table according to the working period. And a first encryption unit corresponding to the working period; the access point invokes the first encryption unit to perform encryption processing on the data packet;
  • the sending unit 703 is configured to send the encrypted data packet and the sending time to the IoT access point in the payload of the frame.
  • the processing unit 702 is specifically configured to: when the first encryption unit fails to encrypt the data packet, invoke the alternate encryption unit of the first encryption unit to encrypt the data packet.
  • the processing unit 702 is configured to obtain a signal modulation manner of the data packet sent by the Internet of Things terminal, determine a secret key according to the signal modulation manner, and invoke the first encryption unit to use the secret key pair.
  • the packet is encrypted.
  • the processing unit 702 is configured to parse the data packet to obtain a signal modulation manner of the data packet, and query, from the mapping manner of the modulation mode and the key, a secret key corresponding to the signal modulation mode.
  • the processing unit 702 is further configured to: when parsing the data packet to obtain a signal modulation manner of the data packet, which is a quadrature phase shift keying QPSK, obtain a phase number with energy in the QPSK, and obtain the phase
  • the value obtained by sequentially sorting the numbers is used as the key.
  • the computer storage medium may be stored in the computer storage medium, and the program includes any one of the above-mentioned first aspects.
  • FIG. 8 is an IoT repeater 800 provided by the present invention.
  • the Internet of Things relay can be a node deployed in an Internet system.
  • the Internet system can also include: an Internet of Things terminal and an Internet of Things connection.
  • Incoming point, IoT repeater and gateway, the Internet of Things repeater 800 includes but is not limited to: a computer, a server, etc., as shown in FIG. 8, the Internet of Things repeater 800 includes: a processor 801, a memory 802 Transceiver 803 and bus 804.
  • the transceiver 803 is configured to transmit and receive data with an external device (eg, other devices in the interconnection system, including but not limited to: a repeater, a core network device, etc.).
  • an external device eg, other devices in the interconnection system, including but not limited to: a repeater, a core network device, etc.
  • the number of processors 801 in the Internet of Things repeater 800 can be one or more.
  • the processor 801, the memory 802, and the transceiver 803 may be connected by a bus system or other means. Pick up.
  • FIG. 3 or FIG. 6 For the meanings and examples of the terms involved in this embodiment, reference may be made to the corresponding embodiment of FIG. 3 or FIG. 6 , and details are not described herein again.
  • the program code can be stored in the memory 802.
  • the processor 801 is configured to call program code stored in the memory 802 for performing the following operations:
  • the transceiver 803 is configured to receive a data packet sent by the Internet of Things terminal;
  • the processor 801 is configured to query the first encryption unit corresponding to the working period in the encryption unit mapping table according to the working period, and invoke the first encryption unit to encrypt the data packet. deal with.
  • the transceiver 803 is further configured to send the encrypted data packet and the sending time to the IoT access point within the payload of the frame.
  • processor 801 and the transceiver 803 are further configured to perform the refinement and the steps of the steps and steps in the embodiment shown in FIG. 3 or FIG. 6.
  • the processor 801 herein may be a processing component or a general term of multiple processing components.
  • the processing component may be a central processing unit (CPU), an application specific integrated circuit (ASIC), or one or more integrated circuits configured to implement the embodiments of the present application.
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • DSPs digital singal processors
  • FPGAs Field Programmable Gate Arrays
  • the memory 803 may be a storage device or a collective name of a plurality of storage elements, and is used to store executable program code or parameters, data, and the like required for the application running device to operate.
  • the memory 903 may include random access memory (RAM), and may also include non-volatile memory such as a magnetic disk memory, a flash memory, or the like.
  • the bus 804 may be an Industry Standard Architecture (ISA) bus, a Peripheral Component (PCI) bus, or an Extended Industry Standard Architecture (EISA) bus.
  • ISA Industry Standard Architecture
  • PCI Peripheral Component
  • EISA Extended Industry Standard Architecture
  • the bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 8, but it does not mean that there is only one bus or one type of bus.
  • the user equipment may also include input and output devices coupled to bus 804 for connection to other portions, such as processor 801, via a bus.
  • the input and output device can provide an input interface for the operator. Therefore, the operator can select the control item through the input interface, and can also be other interfaces through which other devices can be externally connected.
  • the program may be stored in a computer readable storage medium, and the storage medium may include: Flash disk, read-only memory (English: Read-Only Memory, referred to as: ROM), random accessor (English: Random Access Memory, referred to as: RAM), disk or optical disk.
  • ROM Read-Only Memory
  • RAM Random Access Memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

L'invention concerne un procédé et un dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets. Le procédé comprend les étapes suivantes : le répéteur de l'internet des objets reçoit un paquet de données envoyé par un terminal de l'internet des objets ; le répéteur de l'internet des objets extrait un temps d'envoi du paquet de données, détermine une période de temps de fonctionnement du terminal de l'internet des objets en fonction du temps d'envoi, interroge, en fonction de la période de temps de fonctionnement, une première unité de chiffrement correspondant à la période de temps de fonctionnement à partir d'une table de mappage préconfigurée mappant des périodes de temps de fonctionnement à des unités de chiffrement ; le répéteur de l'internet des objets appelle la première unité de chiffrement à chiffrer le paquet de données ; et le répéteur de l'internet des objets envoie le paquet de données chiffrées et le temps d'envoi transporté dans la charge d'une trame à un point d'accès de l'internet des objets. La solution technique selon la présente invention offre les avantages d'une sécurité élevée et d'une bonne expérience utilisateur.
PCT/CN2017/100789 2017-07-19 2017-09-06 Procédé et dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets Ceased WO2019015041A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710588676.0 2017-07-19
CN201710588676.0A CN107370735A (zh) 2017-07-19 2017-07-19 一种物联网中继器数据的分时段加密方法及装置

Publications (1)

Publication Number Publication Date
WO2019015041A1 true WO2019015041A1 (fr) 2019-01-24

Family

ID=60306885

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/100789 Ceased WO2019015041A1 (fr) 2017-07-19 2017-09-06 Procédé et dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets

Country Status (2)

Country Link
CN (1) CN107370735A (fr)
WO (1) WO2019015041A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666173B (zh) * 2022-05-26 2022-10-18 广州万协通信息技术有限公司 基于中间设备的物联网信息传输方法及装置
CN116318689B (zh) * 2023-05-25 2023-07-28 天津市城市规划设计研究总院有限公司 利用量子密钥提升物联网设备信息传输安全的方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202296A (zh) * 2010-03-25 2011-09-28 巴比禄股份有限公司 无线局域网中继装置、无线通信系统、无线局域网中继装置的控制方法
CN102694753A (zh) * 2011-03-25 2012-09-26 国基电子(上海)有限公司 对数据进行加密传输的网关设备、系统及方法
CN104935433A (zh) * 2015-03-13 2015-09-23 天地融科技股份有限公司 一种通讯过程中密钥跳变的方法、通讯装置和通讯系统
CN105307167A (zh) * 2014-06-18 2016-02-03 松下知识产权经营株式会社 无线中继装置和无线中继方法
CN105337981A (zh) * 2015-11-18 2016-02-17 上海新储集成电路有限公司 一种中继装置、更新方法及设备间进行数据交互的方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330379B (zh) * 2007-06-22 2011-02-09 华为技术有限公司 一种密钥下发方法和设备
CN101616003B (zh) * 2008-06-25 2012-05-30 鸿富锦精密工业(深圳)有限公司 密码保护系统及方法
CN101799854A (zh) * 2010-01-27 2010-08-11 江苏华安高技术安防产业有限公司 基于笔迹加密的管控装置及其实现方法
US9832173B2 (en) * 2014-12-18 2017-11-28 Afero, Inc. System and method for securely connecting network devices
CN106102049B (zh) * 2016-06-06 2019-02-05 东南大学 一种利用信道特性的安全传输消息方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202296A (zh) * 2010-03-25 2011-09-28 巴比禄股份有限公司 无线局域网中继装置、无线通信系统、无线局域网中继装置的控制方法
CN102694753A (zh) * 2011-03-25 2012-09-26 国基电子(上海)有限公司 对数据进行加密传输的网关设备、系统及方法
CN105307167A (zh) * 2014-06-18 2016-02-03 松下知识产权经营株式会社 无线中继装置和无线中继方法
CN104935433A (zh) * 2015-03-13 2015-09-23 天地融科技股份有限公司 一种通讯过程中密钥跳变的方法、通讯装置和通讯系统
CN105337981A (zh) * 2015-11-18 2016-02-17 上海新储集成电路有限公司 一种中继装置、更新方法及设备间进行数据交互的方法

Also Published As

Publication number Publication date
CN107370735A (zh) 2017-11-21

Similar Documents

Publication Publication Date Title
US11917054B2 (en) Network key processing method and system and related device
US11864263B2 (en) Wireless connection establishing methods and wireless connection establishing apparatuses
CN113840266B (zh) 蓝牙配对方法、装置、系统、电子设备和存储介质
WO2018120247A1 (fr) Procédé et dispositif de mise en correspondance de terminal
CN113301563B (zh) 网络配置方法、装置、设备和存储介质
CN112566113A (zh) 密钥生成以及终端配网方法、装置、设备
WO2017133021A1 (fr) Procédé de traitement de sécurité et dispositif pertinent
CA3185313A1 (fr) Procede et appareil de communication
WO2019019282A1 (fr) Procédé permettant à un terminal de l'internet des objets de chiffrer de manière séquentielle des données, et appareil
WO2018113113A1 (fr) Procédé et dispositif de partage de wi-fi pour terminal à double système
WO2019019280A1 (fr) Procédé pour terminal de l'internet des objets pour chiffrer des données selon des périodes de temps, et appareil
CN106488483B (zh) 一种配置wifi网关设备的方法及相应的网关设备
WO2019010796A1 (fr) Procédé et dispositif de cryptage par sous-dispositif pour recevoir des données d'ap de l'internet des objets
WO2019015041A1 (fr) Procédé et dispositif de chiffrement par répartition dans le temps pour des données d'un répéteur de l'internet des objets
WO2018053895A1 (fr) Dispositif et procédé de commande de cryptage de données de liaison montante basés sur un type destinés à un point d'accès à l'internet des objets
CN107360566B (zh) 物联网终端基于类型的上行数据加密控制方法及装置
CN107483203B (zh) 物联网接入点接收数据的分时段加密方法及装置
CN107493571B (zh) 物联网中继器基于类型的上行数据加密控制方法及装置
WO2019015039A1 (fr) Procédé et appareil basés sur un répéteur de l'internet des objets pour un chiffrement sélectif
WO2019019287A1 (fr) Procédé et appareil de chiffrement aléatoire de données de terminal de l'internet des objets
WO2019015037A1 (fr) Dispositif et procédé fondés sur un point d'accès de l'internet des objets et destinés au chiffrement sélectif
CN117857065A (zh) 保密通信处理方法、第一终端、第二终端及存储介质
WO2025256589A1 (fr) Procédé et appareil de traitement de données, puce et dispositif de module
WO2023030329A1 (fr) Procédé et dispositif de transmission de données
CN119945872A (zh) 一种信息处理方法及服务器、串口设备、存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17918368

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 19.05.2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17918368

Country of ref document: EP

Kind code of ref document: A1