CN118632249A - Authentication method and device for device communication, electronic device and storage medium - Google Patents

Authentication method and device for device communication, electronic device and storage medium Download PDF

Info

Publication number
CN118632249A
CN118632249A CN202410906180.3A CN202410906180A CN118632249A CN 118632249 A CN118632249 A CN 118632249A CN 202410906180 A CN202410906180 A CN 202410906180A CN 118632249 A CN118632249 A CN 118632249A
Authority
CN
China
Prior art keywords
slave
master
encrypted data
random number
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410906180.3A
Other languages
Chinese (zh)
Inventor
莫虬
孙添平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Aixiesheng Technology Co Ltd
Original Assignee
Shenzhen Aixiesheng Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Aixiesheng Technology Co Ltd filed Critical Shenzhen Aixiesheng Technology Co Ltd
Priority to CN202410906180.3A priority Critical patent/CN118632249A/en
Publication of CN118632249A publication Critical patent/CN118632249A/en
Pending legal-status Critical Current

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application discloses an authentication method and device for equipment communication, electronic equipment and a storage medium. The scheme can receive a communication request sent by slave terminal equipment, the communication request comprises a slave terminal equipment number, a master terminal random number is generated according to the communication request and returned to the slave terminal equipment, slave terminal encrypted data sent by the slave terminal equipment is received, the slave terminal encrypted data is obtained by processing the slave terminal equipment according to the master terminal random number through a first encryption parameter bound with the slave terminal equipment, the master terminal random number is processed according to a second encryption parameter corresponding to the slave terminal equipment number, master terminal encrypted data is obtained, and the slave terminal equipment is authenticated according to a comparison result of the slave terminal encrypted data and the master terminal encrypted data. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.

Description

Authentication method and device for device communication, electronic device and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to an authentication method and apparatus for device communications, an electronic device, and a storage medium.
Background
In general, electronic devices can communicate and exchange data through various wireless network communication methods such as Wifi (IEEE 802.11 a/b/g/n), UWB, bluetooth (Bluetooth), infrared (Irda), and the like, and can also communicate through wired connection. The wireless or wired communication connection modes can be used for carrying out information exchange and function sharing among the mobile devices, for example, a user can realize functions such as streaming media file transmission, address book backup and the like among the electronic devices through corresponding interfaces.
The applicant found during specific use that: if no anti-fake authentication is performed among a plurality of communication devices, the communication device can be easily connected with the master device through a copy or fake slave device, so that the data stored on the master device is copied and stolen, the master device cannot distinguish the slave devices when communicating with the fake slave device as the original, and the security of the information is seriously damaged.
Disclosure of Invention
The embodiment of the application provides an authentication method, an authentication device, an electronic device and a storage medium for device communication, which can be used for respectively encrypting data by a master device and a slave device, comparing the data based on the uniqueness of encryption parameters bound by the slave device, and authenticating the device according to a comparison result, so that the safety of the data is effectively improved.
The embodiment of the application provides an authentication method for equipment communication, which comprises the following steps:
receiving a communication request sent by slave terminal equipment, wherein the communication request comprises a slave terminal equipment number;
Generating a master random number according to the communication request and returning the master random number to the slave equipment;
receiving slave-end encrypted data sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number by a first encryption parameter bound with the slave-end equipment;
Processing the master random number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data;
And authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
In an embodiment, after generating a master random number from the communication request and returning to the slave device, the method further comprises:
Receiving a slave-end random number and slave-end encrypted data generated and sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number and the slave-end random number through a first encryption parameter bound with the slave-end equipment;
and processing the master terminal random number and the slave terminal random number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encrypted data.
In an embodiment, the method further comprises:
The slave-end encrypted data is obtained by processing the slave-end equipment through a first encryption parameter bound with the slave-end equipment according to the master-end random number, the slave-end random number and the slave-end equipment number;
and processing the master terminal random number, the slave terminal random number and the slave terminal equipment number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encrypted data.
In an embodiment, after receiving the communication request sent by the slave device, the method further comprises:
acquiring a history authentication record and judging whether authentication failure information of the slave terminal equipment number exists in the history authentication record;
And if so, rejecting the communication request.
In an embodiment, authenticating the slave device according to the comparison result of the slave encrypted data and the master encrypted data includes:
Judging whether the encrypted data of the slave end is identical to the encrypted data of the master end;
And if the authentication is the same, determining that the authentication of the slave terminal equipment is successful.
In an embodiment, the method further comprises:
If the encrypted data of the slave end is different from the encrypted data of the master end, confirming that the authentication of the slave end equipment fails;
setting the corresponding preset time length for the slave terminal equipment number, so that the communication request containing the slave terminal equipment number is directly refused within the preset time length.
In an embodiment, after the slave-side encrypted data is different from the master-side encrypted data, the method further comprises:
verifying the integrity of the encrypted data of the slave end before and after receiving and transmitting according to the MD5 value or the hash value;
if the verification is not passed, re-receiving the slave-end encryption data sent by the slave-end equipment for comparison;
and if the verification is passed, confirming that the authentication of the slave terminal equipment fails.
The embodiment of the application also provides an authentication device for equipment communication, which comprises:
The first receiving module is used for receiving a communication request sent by the slave terminal equipment, wherein the communication request comprises the number of the slave terminal equipment;
The generation module is used for generating a master random number according to the communication request and returning the master random number to the slave equipment;
The second receiving module is used for receiving the slave-end encrypted data sent by the slave-end equipment, and the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number through a first encryption parameter bound with the slave-end equipment;
The processing module is used for processing the master terminal random number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encryption data;
And the authentication module is used for authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
The embodiment of the application also provides electronic equipment, which is characterized by comprising a memory and a processor, wherein the memory stores a computer program, and the processor executes the steps in the authentication method of the equipment communication provided by any one of the embodiments of the application by calling the computer program stored in the memory.
An embodiment of the present application further provides a storage medium, where the storage medium stores a computer program, where the computer program is adapted to be loaded by a processor to perform the steps in the authentication method for device communication according to any one of the embodiments of the present application.
The method for authenticating equipment communication provided by the embodiment of the application can receive the communication request sent by the slave equipment, wherein the communication request comprises the slave equipment number, generates the master terminal random number according to the communication request and returns to the slave equipment, receives the slave terminal encrypted data sent by the slave equipment, and the slave terminal encrypted data is obtained by processing the master terminal random number according to the master terminal random number through a first encryption parameter bound with the slave equipment by the slave equipment, processes the master terminal random number according to a second encryption parameter corresponding to the slave equipment number, obtains the master terminal encrypted data and authenticates the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a first flowchart of an authentication method for device communication according to an embodiment of the present application;
fig. 2 is a second flowchart of an authentication method for device communication according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a data encryption flow provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of an authentication apparatus for device communication according to an embodiment of the present application;
Fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the element defined by the phrase "comprising one … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element, and furthermore, elements having the same name in different embodiments of the application may have the same meaning or may have different meanings, the particular meaning of which is to be determined by its interpretation in this particular embodiment or by further combining the context of this particular embodiment.
It should be understood that, although the steps in the flowcharts in the embodiments of the present application are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the figures may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily occurring in sequence, but may be performed alternately or alternately with other steps or at least a portion of the other steps or stages.
It should be noted that, in this document, step numbers such as 101 and 102 are used for the purpose of more clearly and briefly describing the corresponding contents, and not to constitute a substantial limitation on the sequence, and those skilled in the art may execute 102 first and then execute 101 when they are implemented, which is within the scope of the present application.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
The embodiment of the application provides an authentication method for equipment communication, and an execution subject of the authentication method for equipment communication can be an authentication device for equipment communication provided by the embodiment of the application or a server integrated with the authentication device for equipment communication, wherein the authentication device for equipment communication can be realized in a hardware or software mode.
As shown in fig. 1, fig. 1 is a first flow chart of an authentication method for device communication according to an embodiment of the present application, where a specific flow of the authentication method for device communication may be as follows:
101. A communication request sent by a slave device is received, the communication request including a slave device number.
In this embodiment, the execution main body of the authentication method for device communication is a master device, and when other slave devices want to perform communication authentication with the current master device, the master device needs to send request information carrying a device number corresponding to the slave device first, and after receiving the request information, the master device can extract the slave device number from the request information. The slave device number corresponds to the slave device and has uniqueness, specifically may be IMEl (Intemnational Mobile Equipment ldentity, international mobile equipment identification code) number of the slave device, and IMEl is a unique identifier of the device. In other embodiments, the slave device number may also be a device serial number, a device ID, or a UUID (Universally Unique Identifier, universal unique identifier), or the like.
In an embodiment, the slave device number may be used to search in the history authentication record of the master device, so as to determine whether a record which is the same as the slave device number and fails in authentication exists in the history authentication record, and if so, the slave device number has failed in authentication, so that a subsequent step is not required to be executed, and the communication request corresponding to the slave device number is directly rejected or ignored. I.e. after receiving a communication request sent by the slave device, the method may further comprise: and acquiring a historical authentication record, judging whether authentication failure information of the slave terminal equipment number exists in the historical authentication record, and rejecting the communication request if the authentication failure information exists.
102. And generating a master random number according to the communication request and returning the master random number to the slave device.
In one embodiment, the master device may calculate and generate a master random number, such as a 32bit random number, after receiving the communication request, so that the slave device and the master device may perform encryption processing respectively. The master-side random number refers to a random number generated by a random number generating unit in master-side equipment at a first moment, and random numbers generated by the random number generating unit at different moments are different.
In an embodiment, the master random number may be implemented by calling a random number generation API provided by an operating system, using a random number generation function or library built in a programming language, or using a specific random number generation algorithm. Among other things, many operating systems provide APIs that generate random numbers, which can generate high quality random numbers, meeting the needs of most applications. Accordingly, most programming languages also provide libraries or functions that generate Random numbers, such as the Random module of Python, the Random class of Java, the < Random > library of c++, and the like. In order to further improve the security, a cryptographically secure random number generation algorithm may be used, such asThe structured hash function (e.g., SHA-256) is combined with the counter pattern to generate a random number.
In an embodiment, the master-side random number may be sent to the slave-side device over an established data communication connection between the master-side device and the slave-side device, optionally over a signaling route between the master-side device and the slave-side device. Alternatively, the master random number may be written to the file and then the file may be sent to the slave via a file sharing or transfer protocol (e.g., FTP, SFTP, etc.).
103. And receiving the slave-end encrypted data sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number through a first encryption parameter bound with the slave-end equipment.
In an embodiment, after receiving the master random number sent by the master device, the slave device may perform encryption processing by using a first encryption parameter bound to the slave device based on the master random number, so as to obtain the slave encrypted data. It should be noted that, the first encryption parameter bound to the slave device has uniqueness, that is, the encryption parameters bound to different slave devices are different. Therefore, even the fake slave terminal equipment can be guaranteed to be encrypted by using the first encryption parameters corresponding to the equipment.
In encrypting the master random number, the encryption algorithm used may be, for example: advanced encryption standard (Advanced Encryption Standard, AES) algorithm, data encryption standard (DataEncryption Standard, DES), triple data encryption algorithm (TRIPLE DATA Encryption Standard,3 DES), asymmetric encryption algorithm such as RSA, etc. When encrypting according to the algorithm, encrypting according to the corresponding first encryption parameter, and transmitting the encrypted data of the slave end obtained after the encryption to the master end device by the slave end device.
104. And processing the master random number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data.
In an embodiment, after receiving the slave-end encrypted data sent by the slave-end device, the master-end device may encrypt the master-end random number in the same manner, and when the master-end device encrypts, the master-end device needs to determine a second encryption parameter that is bound to the slave-end device number and has uniqueness, so as to obtain the master-end encrypted data.
The master device may store the device numbers of all other slave devices and the corresponding encryption parameters, and it should be noted that the slave device numbers and the encryption parameters are in one-to-one correspondence, and different encryption parameters are different.
105. And authenticating the slave device according to the comparison result of the slave encrypted data and the master encrypted data.
By comparing the master encrypted data obtained in step 104 with the slave encrypted data received in step 103, if the two data are identical, verification of the slave device is confirmed, that is, the authentication of the slave device is confirmed to be successful. In the embodiment of the application, since the encryption parameters corresponding to the slave terminal equipment have uniqueness, even if the slave terminal equipment is counterfeited in the authentication process with the master terminal equipment, the encryption parameters used by the counterfeited equipment are necessarily different from the encryption parameters corresponding to the slave terminal equipment code, and finally the generated slave terminal encryption data are also different from the master terminal encryption data, so that whether the slave terminal equipment is the counterfeited equipment can be easily judged by the method provided by the embodiment, and the anti-counterfeiting authentication is performed.
In view of the foregoing, the authentication method for device communication according to the embodiment of the present application may receive a communication request sent by a slave device, where the communication request includes a slave device number, generates a master device random number according to the communication request, returns the master device random number to the slave device, receives slave encrypted data sent by the slave device, where the slave encrypted data is obtained by processing the slave device according to the master device random number by a first encryption parameter bound to the slave device, processes the master device random number according to a second encryption parameter corresponding to the slave device number, obtains master encrypted data, and authenticates the slave device according to a comparison result of the slave encrypted data and the master encrypted data. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.
Referring to fig. 2, fig. 2 is a second flowchart of an authentication method for device communication according to an embodiment of the present application. The method comprises the following steps:
201. A communication request sent by a slave device is received, the communication request including a slave device number.
202. And generating a master random number according to the communication request and returning the master random number to the slave device.
The master device may calculate and generate a master random number, such as a 32bit random number, after receiving the communication request from the slave device, and then return to the slave device, so as to perform encryption processing on the slave device and the master device respectively.
203. And receiving the slave random number and the slave encrypted data generated and transmitted by the slave device.
In an embodiment, after receiving the master random number sent by the master device, the slave device may also generate a slave random number, for example, a 32bit random number, and then encrypt the master random number and the slave device number. The slave-end encrypted data is processed by the slave-end device according to the master-end random number, the slave-end random number and the slave-end device number through a first encryption parameter bound with the slave-end device. Before the encryption processing, the primary random number, the secondary random number and the secondary device number may first form the basic data, and then the encryption processing is performed on the basic data by using the first encryption parameter bound to the secondary device, as shown in fig. 3. The first encryption parameters bound with the slave terminal equipment have uniqueness, namely the encryption parameters bound with different slave terminal equipment are different.
204. And processing the master terminal random number, the slave terminal random number and the slave terminal equipment number according to the second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encryption data.
The master device receives the encrypted data of the slave device, and then obtains the following data: the slave encrypts data, a master random number, a slave random number, and a slave device number. In an embodiment, after receiving the slave-end encrypted data sent by the slave-end device, the master-end device encrypts the master-end random number, the slave-end random number and the slave-end device number in the same manner, and when the master-end device encrypts, the master-end device needs to determine a second encryption parameter which is bound with the device number and has uniqueness according to the slave-end device number to process the second encryption parameter, so as to obtain the master-end encrypted data.
205. Whether the slave-side encrypted data is the same as the master-side encrypted data is determined, if yes, step 206 is executed, and if not, step 207 is executed.
206. And determining that the authentication of the slave terminal equipment is successful.
By comparing the master encrypted data obtained in step 204 with the slave encrypted data received in step 203, if the two data are identical, verification of the slave device is confirmed, that is, the authentication of the slave device is confirmed to be successful.
And 207, confirming the authentication failure of the slave terminal equipment, and setting the corresponding preset time length of the slave terminal equipment number, so that the communication request containing the slave terminal equipment number is directly refused within the preset time length.
In an embodiment, if the above-mentioned slave-end encrypted data is inconsistent with the master-end encrypted data, it is indicated that the slave-end encrypted data and the master-end encrypted data are data obtained by encrypting with two encryption parameters respectively, so that the slave-end device is determined to be a counterfeit device, and authentication fails. Further, after determining that the authentication fails, the slave device number used for the authentication can be recorded, and the communication request of the device number is refused within a certain time. Through the delay mechanism, the difficulty of the continuous retried violent cracking is increased, and the data security is further improved.
In an embodiment, considering that the inconsistency between the secondary encrypted data and the primary encrypted data may be caused by information loss during transmission, the integrity of the secondary encrypted data may be verified before and after the secondary encrypted data is transceived, that is, after the secondary encrypted data is different from the primary encrypted data, the method may further include: and verifying the integrity of the encrypted data of the slave end before and after receiving and transmitting according to the MD5 value or the hash value, if the verification is not passed, re-receiving the encrypted data of the slave end sent by the slave end device for comparison, and if the verification is passed, confirming that the authentication of the slave end device fails.
The authentication method for equipment communication can lead the directly copied camouflage sample not to have the opportunity of passing authentication, and in addition, the master terminal random number and the slave terminal random number increase the cracking difficulty under the double random numbers.
In this way, the authentication method for device communication provided by the embodiment of the present application may receive a communication request sent by a slave device, where the communication request includes a slave device number, generates a master random number according to the communication request and returns the master random number to the slave device, receives the slave random number and the slave encrypted data generated and sent by the slave device, processes the master random number, the slave random number and the slave device number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data, determines whether the slave encrypted data is identical to the master encrypted data, if yes, determines that the slave device authentication is successful, if no, confirms that the slave device authentication fails, and sets a corresponding preset duration for the slave device number, so that the communication request including the slave device number is directly rejected within the preset duration. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.
In order to implement the above method, the embodiment of the application also provides an authentication device for equipment communication, which can be integrated in terminal equipment such as mobile phones, tablet computers and the like.
For example, as shown in fig. 4, a schematic diagram of a first structure of an authentication apparatus for device communication according to an embodiment of the present application is shown. The authentication means for device communication may include:
A first receiving module 301, configured to receive a communication request sent by a slave device, where the communication request includes a slave device number;
a generating module 302, configured to generate a master random number according to the communication request and return the master random number to the slave device;
A second receiving module 303, configured to receive slave-end encrypted data sent by the slave-end device, where the slave-end encrypted data is obtained by processing, by the slave-end device, according to the master-end random number, through a first encryption parameter bound with the slave-end device;
The processing module 304 is configured to process the master random number according to a second encryption parameter corresponding to the slave device number, so as to obtain master encrypted data;
and the authentication module 305 is configured to authenticate the slave device according to a comparison result between the slave encrypted data and the master encrypted data.
As can be seen from the foregoing, the authentication device for device communication according to the embodiment of the present application may receive a communication request sent by a slave device, where the communication request includes a slave device number, generates a master device random number according to the communication request, returns the master device random number to the slave device, receives slave encrypted data sent by the slave device, where the slave encrypted data is obtained by the slave device processing the master device random number according to the master device random number through a first encryption parameter bound to the slave device, processes the master device random number according to a second encryption parameter corresponding to the slave device number, obtains master encrypted data, and authenticates the slave device according to a comparison result of the slave encrypted data and the master encrypted data. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.
All the above technical solutions may be combined to form an optional embodiment of the present application, and will not be described in detail herein.
Correspondingly, the embodiment of the application also provides electronic equipment which can be a terminal or a server, wherein the terminal can be terminal equipment such as a smart phone, a tablet Personal computer, a notebook computer, a touch screen, a game machine, a Personal computer (PC, personal Computer), a Personal digital assistant (Personal DIGITAL ASSISTANT, PDA) and the like. Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application, as shown in fig. 5. The electronic device 400 includes a processor 401 having one or more processing cores, a memory 402 having one or more computer readable storage media, and a computer program stored on the memory 402 and executable on the processor. The processor 401 is electrically connected to the memory 402. It will be appreciated by those skilled in the art that the electronic device structure shown in the figures is not limiting of the electronic device and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
The processor 401 is a control center of the electronic device 400, connects various parts of the entire electronic device 400 using various interfaces and lines, and performs various functions of the electronic device 400 and processes data by running or loading software programs and/or modules stored in the memory 402, and calling data stored in the memory 402, thereby performing overall monitoring of the electronic device 400.
In the embodiment of the present application, the processor 401 in the electronic device 400 loads the instructions corresponding to the processes of one or more application programs into the memory 402 according to the following steps, and the processor 401 executes the application programs stored in the memory 402, so as to implement various functions:
receiving a communication request sent by slave terminal equipment, wherein the communication request comprises a slave terminal equipment number;
Generating a master random number according to the communication request and returning the master random number to the slave equipment;
receiving slave-end encrypted data sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number by a first encryption parameter bound with the slave-end equipment;
Processing the master random number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data;
And authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
Optionally, as shown in fig. 5, the electronic device 400 further includes: a touch display 403, a radio frequency circuit 404, an audio circuit 405, an input unit 406, and a power supply 407. The processor 401 is electrically connected to the touch display 403, the radio frequency circuit 404, the audio circuit 405, the input unit 406, and the power supply 407, respectively. It will be appreciated by those skilled in the art that the electronic device structure shown in fig. 5 is not limiting of the electronic device and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
The touch display 403 may be used to display a graphical user interface and receive operation instructions generated by a user acting on the graphical user interface. The touch display screen 403 may include a display panel and a touch panel. Wherein the display panel may be used to display information entered by a user or provided to a user as well as various graphical user interfaces of the electronic device, which may be composed of graphics, text, icons, video, and any combination thereof. Alternatively, the display panel may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. The touch panel may be used to collect touch operations on or near the user (such as operations on or near the touch panel by the user using any suitable object or accessory such as a finger, stylus, etc.), and generate corresponding operation instructions, and the operation instructions execute corresponding programs. Alternatively, the touch panel may include two parts, a touch detection device and a touch controller. The touch detection device detects the touch azimuth of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch detection device, converts it into touch point coordinates, and sends the touch point coordinates to the processor 401, and can receive and execute commands sent from the processor 401. The touch panel may overlay the display panel, and upon detection of a touch operation thereon or thereabout, the touch panel is passed to the processor 401 to determine the type of touch event, and the processor 401 then provides a corresponding visual output on the display panel in accordance with the type of touch event. In the embodiment of the present application, the touch panel and the display panel may be integrated into the touch display screen 403 to realize the input and output functions. In some embodiments, however, the touch panel and the touch panel may be implemented as two separate components to perform the input and output functions. I.e. the touch-sensitive display 403 may also implement an input function as part of the input unit 406.
In an embodiment of the present application, the graphical user interface is generated on the touch display 403 by the processor 401 executing an application program. The touch display 403 is used for presenting a graphical user interface and receiving an operation instruction generated by a user acting on the graphical user interface.
The radio frequency circuitry 404 may be used to transceive radio frequency signals to establish wireless communications with a network device or other electronic device via wireless communications. Typically, the radio frequency circuitry 404 includes, but is not limited to, an antenna, at least one amplifier, a tuner, one or more oscillators, a subscriber identity module (SIM, subscriber Identity Module) card, a transceiver, a coupler, a low noise amplifier (LNA, low Noise Amplifier), a duplexer, and the like.
The audio circuitry 405 may be used to provide an audio interface between a user and an electronic device through a speaker, microphone. The audio circuit 405 may transmit the received electrical signal after audio data conversion to a speaker, where the electrical signal is converted into a sound signal for output; on the other hand, the microphone converts the collected sound signals into electrical signals, which are received by the audio circuit 405 and converted into audio data, which are processed by the audio data output processor 401 and sent via the radio frequency circuit 404 to e.g. another electronic device, or which are output to the memory 402 for further processing. The audio circuit 405 may also include an ear bud jack to provide communication of the peripheral headphones with the electronic device.
The input unit 406 may be used to receive input numbers, character information, or user characteristic information (e.g., fingerprint, iris, facial information, etc.), and to generate keyboard, mouse, joystick, optical, or trackball signal inputs related to user settings and function control.
The power supply 407 is used to power the various components of the electronic device 400. Alternatively, the power supply 407 may be logically connected to the processor 401 through a power management system, so as to implement functions of managing charging, discharging, and power consumption management through the power management system. The power supply 407 may also include one or more of any of a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
Although not shown in fig. 5, the electronic device 400 may further include a camera, a sensor, a wireless fidelity module, a bluetooth module, etc., which are not described herein.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.
As can be seen from the foregoing, in the electronic device provided in this embodiment, by receiving a communication request sent by a slave device, where the communication request includes a slave device number, generating a master device random number according to the communication request and returning the master device random number to the slave device, receiving slave encrypted data sent by the slave device, where the slave encrypted data is obtained by processing the slave device according to the master device random number by using a first encryption parameter bound to the slave device, processing the master device random number according to a second encryption parameter corresponding to the slave device number, obtaining master encrypted data, and authenticating the slave device according to a comparison result of the slave encrypted data and the master encrypted data. According to the embodiment of the application, the data encryption can be respectively carried out by the master device and the slave device, the uniqueness of the encryption parameters bound by the slave device is compared, and then the device authentication is carried out according to the comparison result, so that the data security is effectively improved.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the various methods of the above embodiments may be performed by instructions, or by instructions controlling associated hardware, which may be stored in a computer-readable storage medium and loaded and executed by a processor.
To this end, an embodiment of the present application provides a computer readable storage medium in which a plurality of computer programs are stored, the computer programs being capable of being loaded by a processor to perform steps in any one of the authentication methods for device communication provided by the embodiment of the present application. For example, the computer program may perform the steps of:
receiving a communication request sent by slave terminal equipment, wherein the communication request comprises a slave terminal equipment number;
Generating a master random number according to the communication request and returning the master random number to the slave equipment;
receiving slave-end encrypted data sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number by a first encryption parameter bound with the slave-end equipment;
Processing the master random number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data;
And authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
Wherein the storage medium may include: read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disk, and the like.
The steps in the authentication method for any device communication provided by the embodiment of the present application can be executed by the computer program stored in the storage medium, so that the beneficial effects that can be achieved by the authentication method for any device communication provided by the embodiment of the present application can be achieved, which are detailed in the previous embodiments and are not described herein.
The foregoing describes in detail a device communication authentication method, device, electronic device and storage medium provided in the embodiments of the present application, and specific examples are applied to illustrate the principles and embodiments of the present application, where the foregoing examples are only used to help understand the method and core idea of the present application; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in light of the ideas of the present application, the present description should not be construed as limiting the present application.

Claims (10)

1. A method of authenticating device communications, comprising:
receiving a communication request sent by slave terminal equipment, wherein the communication request comprises a slave terminal equipment number;
Generating a master random number according to the communication request and returning the master random number to the slave equipment;
receiving slave-end encrypted data sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number by a first encryption parameter bound with the slave-end equipment;
Processing the master random number according to a second encryption parameter corresponding to the slave device number to obtain master encrypted data;
And authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
2. The authentication method of device communication according to claim 1, wherein after generating a master-side random number from the communication request and returning to the slave-side device, the method further comprises:
Receiving a slave-end random number and slave-end encrypted data generated and sent by the slave-end equipment, wherein the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number and the slave-end random number through a first encryption parameter bound with the slave-end equipment;
and processing the master terminal random number and the slave terminal random number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encrypted data.
3. The authentication method of device communication of claim 2, wherein the method further comprises:
The slave-end encrypted data is obtained by processing the slave-end equipment through a first encryption parameter bound with the slave-end equipment according to the master-end random number, the slave-end random number and the slave-end equipment number;
and processing the master terminal random number, the slave terminal random number and the slave terminal equipment number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encrypted data.
4. The authentication method of device communication of claim 1, wherein after receiving a communication request sent from an end device, the method further comprises:
acquiring a history authentication record and judging whether authentication failure information of the slave terminal equipment number exists in the history authentication record;
And if so, rejecting the communication request.
5. The authentication method of device communication according to claim 1, wherein authenticating the slave device based on a comparison of the slave-side encrypted data and the master-side encrypted data comprises:
Judging whether the encrypted data of the slave end is identical to the encrypted data of the master end;
And if the authentication is the same, determining that the authentication of the slave terminal equipment is successful.
6. The authentication method of device communication of claim 5, wherein the method further comprises:
If the encrypted data of the slave end is different from the encrypted data of the master end, confirming that the authentication of the slave end equipment fails;
setting the corresponding preset time length for the slave terminal equipment number, so that the communication request containing the slave terminal equipment number is directly refused within the preset time length.
7. The authentication method of device communication of claim 6, wherein after the slave-side encrypted data is not identical to the master-side encrypted data, the method further comprises:
verifying the integrity of the encrypted data of the slave end before and after receiving and transmitting according to the MD5 value or the hash value;
if the verification is not passed, re-receiving the slave-end encryption data sent by the slave-end equipment for comparison;
and if the verification is passed, confirming that the authentication of the slave terminal equipment fails.
8. An authentication apparatus for device communication, comprising:
The first receiving module is used for receiving a communication request sent by the slave terminal equipment, wherein the communication request comprises the number of the slave terminal equipment;
The generation module is used for generating a master random number according to the communication request and returning the master random number to the slave equipment;
The second receiving module is used for receiving the slave-end encrypted data sent by the slave-end equipment, and the slave-end encrypted data is obtained by processing the slave-end equipment according to the master-end random number through a first encryption parameter bound with the slave-end equipment;
The processing module is used for processing the master terminal random number according to a second encryption parameter corresponding to the slave terminal equipment number to obtain master terminal encryption data;
And the authentication module is used for authenticating the slave terminal equipment according to the comparison result of the slave terminal encrypted data and the master terminal encrypted data.
9. An electronic device comprising a memory in which a computer program is stored and a processor that performs the steps in the authentication method of device communication according to any of claims 1-7 by invoking the computer program stored in the memory.
10. A storage medium storing a computer program adapted to be loaded by a processor to perform the steps of the authentication method of device communication according to any of claims 1-7.
CN202410906180.3A 2024-07-08 2024-07-08 Authentication method and device for device communication, electronic device and storage medium Pending CN118632249A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410906180.3A CN118632249A (en) 2024-07-08 2024-07-08 Authentication method and device for device communication, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410906180.3A CN118632249A (en) 2024-07-08 2024-07-08 Authentication method and device for device communication, electronic device and storage medium

Publications (1)

Publication Number Publication Date
CN118632249A true CN118632249A (en) 2024-09-10

Family

ID=92596021

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410906180.3A Pending CN118632249A (en) 2024-07-08 2024-07-08 Authentication method and device for device communication, electronic device and storage medium

Country Status (1)

Country Link
CN (1) CN118632249A (en)

Similar Documents

Publication Publication Date Title
US11488234B2 (en) Method, apparatus, and system for processing order information
KR102223609B1 (en) Content sharing method and apparatus
US9294287B2 (en) Interrogating an authentication device
US9654981B2 (en) Data integrity for proximity-based communication
US20170127282A1 (en) Secure protocol for peer-to-peer network
US9615257B2 (en) Data integrity for proximity-based communication
WO2017185711A1 (en) Method, apparatus and system for controlling smart device, and storage medium
US11496900B2 (en) Electronic device and method for storing user identification information
KR102632548B1 (en) Method for uwb transaction and electronic device therefor
CN105144670A (en) Wireless networking-enabled personal identification system
CN104954126B (en) Sensitive operation verification method, device and system
CN109416800B (en) Authentication method of mobile terminal and mobile terminal
CN105468952A (en) Authentication method and apparatus
CN111800273B (en) Information processing method, electronic device, and storage medium
KR20200028809A (en) Method for uwb transaction and electronic device therefor
CN106778295B (en) File storage method, file display method, file storage device, file display device and terminal
CN106255102B (en) Terminal equipment identification method and related equipment
CN112165704A (en) Information sharing method, earphone box and computer readable storage medium
CN108475304A (en) A kind of method, apparatus and mobile terminal of affiliate application and biological characteristic
US20230261886A1 (en) Electronic device and method for sharing data using blockchain network
CN104023040B (en) A kind of method and device of information processing
CN105022948A (en) Control method of intelligent watch, intelligent watch and terminal
CN114844629A (en) Verification method and device of block chain account, computer equipment and storage medium
US20150264048A1 (en) Information processing apparatus, information processing method, and recording medium
CN118632249A (en) Authentication method and device for device communication, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination