[go: up one dir, main page]

CN105069864A - Door lock control secure communication scheme based on NFC (near field communication) function of smart phone - Google Patents

Door lock control secure communication scheme based on NFC (near field communication) function of smart phone Download PDF

Info

Publication number
CN105069864A
CN105069864A CN201510404628.2A CN201510404628A CN105069864A CN 105069864 A CN105069864 A CN 105069864A CN 201510404628 A CN201510404628 A CN 201510404628A CN 105069864 A CN105069864 A CN 105069864A
Authority
CN
China
Prior art keywords
door lock
communication
key
module
smart phone
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510404628.2A
Other languages
Chinese (zh)
Inventor
赵兴文
李晖
朱辉
赵高飞
张少志
林佳萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201510404628.2A priority Critical patent/CN105069864A/en
Publication of CN105069864A publication Critical patent/CN105069864A/en
Pending legal-status Critical Current

Links

Landscapes

  • Lock And Its Accessories (AREA)

Abstract

本发明涉及一种基于智能手机NFC功能的门锁控制安全通信方案,包括两个通信主体,分别为门锁模块与智能手机终端钥匙模块,两个通信主体在ISO/IEC?14443协议之上进行通信,其中通信过程分为两部分:首先门锁模块与钥匙模块进行基于ISO?9798-2三轮认证协议的相互认证,互相确认对方主体为合法主体,然后钥匙模块发送请求内容,门锁模块对请求的内容进行响应并反馈信息,最后结束通信。本发明可以实现门锁与智能终端的交互式通信,克服了现阶段智能手机的NFC?P2P功能实现中无法进行交互式通信的弊端,进而克服现有智能手机门锁控制方案中在双向认证和抵抗重放攻击中的重大安全缺陷。

The invention relates to a security communication scheme for door lock control based on the NFC function of a smart phone, which includes two communication subjects, namely a door lock module and a smart phone terminal key module, and the two communication subjects are in the ISO/IEC? 14443 protocol for communication, in which the communication process is divided into two parts: first, the door lock module and the key module are based on ISO? The mutual authentication of the 9798-2 three-round authentication protocol mutually confirms that the other party is a legal subject, then the key module sends the request content, the door lock module responds to the request content and feeds back information, and finally ends the communication. The present invention can realize the interactive communication between the door lock and the intelligent terminal, and overcomes the NFC of the current intelligent mobile phone? The shortcomings of the inability to carry out interactive communication in the implementation of P2P functions can overcome the major security defects in the two-way authentication and resistance to replay attacks in the existing smart phone door lock control scheme.

Description

基于智能手机NFC功能的门锁控制安全通信方案Security communication scheme for door lock control based on smart phone NFC function

技术领域technical field

本发明涉及一种基于智能手机NFC功能的门锁控制安全通信方案。The invention relates to a security communication scheme for door lock control based on the NFC function of a smart phone.

背景技术Background technique

随着NFC技术的成熟,越来越多的智能手机开始支持这一功能。NFC技术整合了ISO/IEC14443A/B以及FeliCa射频识别技术(RFID)标准。NFC技术本身支持卡模拟(CardEmulation)模式,读卡器(RFIDReader)模式以及点对点(P2P)通信模式,功能十分完备,但是现有Android智能手机对NFC功能的实现比较有限,仅实现了读卡器模式和点对点通信的AndroidBeam功能,卡模拟模式只在Android4.4版本以后才引入,并且功能单一。With the maturity of NFC technology, more and more smart phones begin to support this function. NFC technology integrates ISO/IEC14443A/B and FeliCa Radio Frequency Identification (RFID) standards. NFC technology itself supports card emulation (CardEmulation) mode, card reader (RFIDReader) mode and peer-to-peer (P2P) communication mode, and the functions are very complete, but the existing Android smartphones have limited implementation of the NFC function, only the card reader mode and the AndroidBeam function of point-to-point communication, the card emulation mode is only introduced after Android4.4, and has a single function.

这些实现上的不完全,限制了智能手机NFC功能的应用范围,目前常用的应用局限于NFC电子标签的读写以及手机之间传递简短的信息,比如名片,图片,网址等,另外一种常见的用途是辅助实现蓝牙的配对。与此同时,现在在各大酒店或办公区使用的智能门锁系统有很多都采用非接触式智能卡做为钥匙,虽然提供了一定的便利性,但仍然需要用户携带做为钥匙的智能卡。The incompleteness of these implementations limits the scope of application of the NFC function of smartphones. At present, the commonly used applications are limited to the reading and writing of NFC electronic tags and the transmission of short information between mobile phones, such as business cards, pictures, URLs, etc. Another common The purpose is to assist in the realization of Bluetooth pairing. At the same time, many of the smart door lock systems currently used in major hotels or office areas use contactless smart cards as keys. Although they provide certain convenience, users still need to carry smart cards as keys.

由于NFC技术完全兼容现有的常用的非接触式智能卡的底层通信协议,并且手机已经是人们随人携带的必备物品了,因此将拥有NFC功能的智能手机做为智能门锁的钥匙,具有非常好的应用前景。现在已经出现了不少支持NFC功能的智能门锁,但所有这些门锁的设计都没有注意到或者无法解决智能手机通过NFC功能与门锁通信时的认证和通信安全问题,因此安全性非常低,门锁的设计本身便是为了保证安全性,如果设计的支持NFC功能的门锁不考虑无线通信的安全性的话,根本无法保证门锁应有的安全性。Since NFC technology is fully compatible with the underlying communication protocol of the existing common non-contact smart card, and the mobile phone is already an essential item that people carry with them, the smart phone with NFC function is used as the key of the smart door lock. Very good application prospects. There have been many smart door locks that support the NFC function, but the design of all these door locks has not noticed or cannot solve the authentication and communication security issues when the smart phone communicates with the door lock through the NFC function, so the security is very low , The design of the door lock itself is to ensure security. If the designed door lock supporting NFC function does not consider the security of wireless communication, the security of the door lock cannot be guaranteed at all.

这些现有专利大都回避这一重大安全问题,关键的通信过程只是简单的提到通过NFC手机向门锁发送唯一识别码,甚至在专利《一种基于NFC的门禁系统》(申请号:CN201410664589)中出现了技术性错误,该专利中说“NFC(近距离无线通讯技术)具有数据双向传送、相互认证、动态加密和一次性钥匙的特点”。现阶段的NFC技术根本没有相互认证、动态加密和一次性钥匙的特点。Most of these existing patents avoid this major security issue. The key communication process simply mentions sending a unique identification code to the door lock through the NFC mobile phone, even in the patent "A NFC-based Access Control System" (application number: CN201410664589) A technical error occurred in the patent, which said that "NFC (Near Field Communication Technology) has the characteristics of two-way data transmission, mutual authentication, dynamic encryption and one-time key". The current NFC technology does not have the characteristics of mutual authentication, dynamic encryption and one-time key at all.

现有专利和产品的关键缺点便是NFC智能手机与门锁通信的通信协议只是简单的通过从手机向门锁发送一条包含唯一识别码或密码之类的识别号码来实现的。这种单方向的数据传递无法实现通信双方的相互认证功能,也无法防止重放攻击的发生。The key shortcoming of the existing patents and products is that the communication protocol between the NFC smart phone and the door lock is simply realized by sending an identification number including a unique identification code or password from the mobile phone to the door lock. This one-way data transmission cannot realize the mutual authentication function of the communication parties, nor can it prevent the occurrence of replay attacks.

由于没有相互认证,所以这种门锁系统无法防止非法门锁或者非法手机的出现,最简单的攻击情况是攻击者可以通过使用一个拥有NFC功能的手机代替门锁,直接接受合法手机的开锁指令,也就是唯一识别码,之后便可以向门锁重放之前接收到的唯一识别码来开门了。这种攻击实现起来非常方便,只要攻击者可以接触到用于开锁的智能手机,并运行手机上的相应开锁软件,用另一部NFC手机代替门锁靠近用于开锁的手机便可以轻松获取开锁指令,整个过程不会超过1分钟。Since there is no mutual authentication, this kind of door lock system cannot prevent the emergence of illegal door locks or illegal mobile phones. The simplest attack situation is that the attacker can use a mobile phone with NFC function instead of the door lock, and directly accept the unlock command of the legitimate mobile phone. , which is the unique identification code, and then you can replay the previously received unique identification code to the door lock to open the door. This kind of attack is very convenient to implement. As long as the attacker has access to the smartphone used for unlocking and runs the corresponding unlocking software on the phone, another NFC mobile phone can be used to replace the door lock and approach the mobile phone used for unlocking to easily obtain the unlock. Instructions, the whole process will not take more than 1 minute.

这个安全问题的产生原因便是现有通信方案均为单方向的数据传送,而没有手机与门锁的交互过程。究其原因主要是由于现有NFC技术的点对点通信模式的具体实现方案AndroidBeam技术仅支持一次发送一条数据给对方造成的。因此,若想从根本上解决安全性问题,就不能使用AndroidBeam技术。The reason for this security problem is that the existing communication solutions are all one-way data transmission, and there is no interaction process between the mobile phone and the door lock. The reason is mainly due to the fact that AndroidBeam technology, which is a specific implementation scheme of the point-to-point communication mode of the existing NFC technology, only supports sending one piece of data to the other party at a time. Therefore, if you want to fundamentally solve security problems, you cannot use AndroidBeam technology.

发明内容Contents of the invention

本发明所要解决的问题便是前文提到的NFC智能手机与门锁通信时非交互式,没有相互认证,不能防止重放攻击的安全问题,同时保证功能的可扩展性,通信的及时性以及密码算法的可替换性。The problem to be solved by the present invention is the non-interactive communication between the NFC smart phone and the door lock mentioned above, there is no mutual authentication, and the security problem that replay attacks cannot be prevented, while ensuring the scalability of functions, the timeliness of communication and Replaceability of cryptographic algorithms.

实现上述目的的技术方案如下:The technical scheme for realizing the above-mentioned purpose is as follows:

基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:包括两个通信主体,分别为门锁模块与智能手机终端钥匙模块,两个通信主体在ISO/IEC14443协议之上进行通信,其中通信过程分为两部分:The door lock control security communication scheme based on the smart phone NFC function is characterized in that it includes two communication subjects, namely the door lock module and the smart phone terminal key module, and the two communication subjects communicate on the ISO/IEC14443 protocol, wherein The communication process is divided into two parts:

首先门锁模块与钥匙模块进行基于ISO9798-2三轮认证协议的相互认证,互相确认对方主体为合法主体,然后钥匙模块发送请求内容,门锁模块对请求的内容进行响应并反馈信息,最后结束通信。First, the door lock module and the key module perform mutual authentication based on the ISO9798-2 three-round authentication protocol to confirm that the other party is a legal subject, then the key module sends the request content, the door lock module responds to the request content and feeds back information, and finally ends communication.

本发明中采用相互认证的安全通信协议,门锁采用NFC卡模拟模式,智能手机终端采用读卡器模式进行NFC通信,从而达到可以交互式通信的目的,是整个发明可以成立的基础,本发明可以实现门锁与智能终端的交互式通信,克服了现阶段NFC技术P2P模式实现中无法进行交互式通信的弊端。In the present invention, a mutually authenticated security communication protocol is adopted, the door lock adopts the NFC card simulation mode, and the smart phone terminal adopts the card reader mode for NFC communication, so as to achieve the purpose of interactive communication, which is the basis for the establishment of the entire invention. It can realize the interactive communication between the door lock and the intelligent terminal, and overcomes the disadvantage that the interactive communication cannot be carried out in the realization of the P2P mode of NFC technology at the present stage.

附图说明Description of drawings

图1为本发明通信过程示意图Fig. 1 is a schematic diagram of the communication process of the present invention

具体实施方式detailed description

下面结合附图对本发明做详细的说明。The present invention will be described in detail below in conjunction with the accompanying drawings.

本发明中存在两个通信主体:门锁模块LOCK与智能手机终端钥匙模块KEY。门锁模块采用现有的支持卡模拟功能的NFC芯片,并在卡模拟模式下工作,模拟一张使用ISO/IEC14443通信协议的智能卡,而钥匙模块在读卡器模式下工作。两个通信主体在ISO/IEC14443协议之上进行通信。通信过程可以分为两个部分,首先门锁模块LOCK与钥匙模块KEY进行基于ISO9798-2三轮认证协议的相互认证,互相确认对方主体为合法主体,然后钥匙模块KEY发送请求内容,门锁模块LOCK反馈并响应,之后根据反馈的结果结束通信。整个通信过程使用AES加密算法加密保护。本发明没有对门锁中使用的NFC芯片做硬性规定,只要支持卡模拟功能均可使用。本发明对通信过程的加密算法没有要求,可以使用非AES算法的其他对称分组加密算法实现相同功能。There are two communication subjects in the present invention: the door lock module LOCK and the smart phone terminal key module KEY. The door lock module adopts the existing NFC chip that supports the card simulation function, and works in the card simulation mode, simulating a smart card using the ISO/IEC14443 communication protocol, while the key module works in the card reader mode. The two communication subjects communicate on top of the ISO/IEC14443 protocol. The communication process can be divided into two parts. First, the door lock module LOCK and the key module KEY perform mutual authentication based on the ISO9798-2 three-round authentication protocol, and mutually confirm that the other party is a legal subject. Then the key module KEY sends the request content, and the door lock module LOCK feeds back and responds, and then ends the communication according to the result of the feedback. The entire communication process is encrypted and protected using the AES encryption algorithm. The present invention does not make rigid regulations on the NFC chip used in the door lock, as long as it supports the card simulation function, it can be used. The present invention has no requirements on the encryption algorithm of the communication process, and can use other symmetric block encryption algorithms other than the AES algorithm to realize the same function.

具体通信步骤如下:The specific communication steps are as follows:

(1)首先钥匙模块KEY向门锁模块LOCK发送一个开始认证请求指令REQ_BEGIN,开始整个认证过程;(1) First, the key module KEY sends a start authentication request command REQ_BEGIN to the door lock module LOCK to start the entire authentication process;

(2)门锁模块LOCK接收到开始认证请求指令后,门锁模块LOCK产生一个第一随机数,使用其与钥匙模块KEY共享的系统密钥KS对产生的第一随机数进行AES加密并发送给钥匙模块KEY;(2) After the door lock module LOCK receives the start authentication request command, the door lock module LOCK generates a first random number, and uses the system key KS shared with the key module KEY to perform AES encryption on the generated first random number and send it to Give the key module KEY;

(3)接着钥匙模块KEY对反馈的消息进行解密,并且产生一个第二随机数和临时会话密钥KT,使用共享系统密钥KS(“||”符号表示拼接)对产生的第二随机数、解密结果和临时会话密钥KT进行AES加密并且传输给门锁模块LOCK;(3) Then the key module KEY decrypts the feedback message, and generates a second random number and temporary session key KT, and uses the shared system key KS (“||” symbol to indicate concatenation) to generate the second random number , the decryption result and the temporary session key KT are AES encrypted and transmitted to the door lock module LOCK;

(4)接着门锁模块LOCK对收到的消息进行解密得到解密消息,从而获得临时会话密钥KT与第二随机数,并验证解密消息中是否包含正确的第一随机数,如果包含则完成了对钥匙模块KEY的认证,并使用解密得到的临时会话密钥KT对第一随机数与第二随机数进行AES加密并发送给钥匙模块KEY;如果门锁模块LOCK得到的解密消息包含不正确的第一随机数,则停止通信;(4) Then the door lock module LOCK decrypts the received message to obtain the decrypted message, thereby obtaining the temporary session key KT and the second random number, and verifies whether the decrypted message contains the correct first random number, and if so, completes To authenticate the key module KEY, and use the decrypted temporary session key KT to encrypt the first random number and the second random number with AES and send them to the key module KEY; if the decrypted message obtained by the door lock module LOCK contains incorrect The first random number, then stop the communication;

(5)钥匙模块KEY对收到的消息进行解密得到解密消息,验证是否与上步骤门锁模块反馈的消息相同,如果相同则完成对门锁模块LOCK的认证,整个相互认证过程结束;(5) The key module KEY decrypts the received message to obtain the decrypted message, and verifies whether it is the same as the message fed back by the door lock module in the previous step. If it is the same, the authentication to the door lock module LOCK is completed, and the entire mutual authentication process ends;

(6)接下来进行实际请求发送,在接下来的通信中均使用临时密钥进行加密,钥匙模块KEY加密发送需要的请求命令REQ(比如开锁请求加上开锁密钥),具体命令格式为一个字节的请求码加相应参数。门锁模块LOCK根据收到的请求与相应参数判断是否可以执行该请求命令(比如开锁请求的开锁密钥是否正确),并根据判断结果执行实际请求,然后响应并反馈信息,具体响应格式为一个字节的响应结果码加相关信息,整个通信过程结束。(6) Next, the actual request is sent. In the next communication, the temporary key is used for encryption. The key module KEY encrypts and sends the required request command REQ (such as an unlock request plus an unlock key). The specific command format is a Byte request code plus corresponding parameters. The door lock module LOCK judges whether the request command can be executed according to the received request and corresponding parameters (such as whether the unlock key of the unlock request is correct), and executes the actual request according to the judgment result, and then responds and feeds back information. The specific response format is a Byte response result code plus relevant information, the whole communication process ends.

本发明技术方案带来的有益效果:The beneficial effects brought by the technical solution of the present invention:

(1)本发明可以实现门锁与智能终端的交互式通信。本发明采用门锁在卡模拟模式下进行工作,智能终端工作在读卡器模式下的设置,克服了现阶段智能手机的NFC功能P2P模式实现中无法进行交互式通信的弊端。(1) The present invention can realize the interactive communication between the door lock and the intelligent terminal. The present invention adopts the setting that the door lock works in the card simulation mode, and the intelligent terminal works in the card reader mode, which overcomes the disadvantage that interactive communication cannot be carried out in the realization of the NFC function P2P mode of the smart phone at the present stage.

(2)本发明可以实现门锁与智能终端钥匙的相互认证。本发明基于通信双方共享的系统密钥KS来实现相互认证功能。在通信的第四步中,如果LOCK验证收到的信息与本身产生的相同,则证明通信对端知道系统密钥KS,因此实现LOCK对KEY的合法性认证,同理第五步中如果KEY验证收到的信息与本身产生的相同,则证明通信对端知道系统密钥KS,因此实现KEY对LOCK的合法性认证,并且由于双方发送的随机数中均包含有对方的随机数,保证了通信的新鲜性防认证过程中的止重放攻击的发生,因此本发明可以实现相互认证。(2) The present invention can realize the mutual authentication of the door lock and the intelligent terminal key. The present invention realizes the mutual authentication function based on the system key KS shared by both communication parties. In the fourth step of communication, if the information received by LOCK verification is the same as that generated by itself, it proves that the communication peer knows the system key KS, so the legality authentication of LOCK to KEY is realized. Similarly, in the fifth step, if KEY Verify that the received information is the same as the one generated by itself, which proves that the communication peer knows the system key KS, so the legality authentication of KEY to LOCK is realized, and since the random numbers sent by both parties contain the random number of the other party, it is guaranteed The freshness of the communication prevents replay attacks in the authentication process, so the present invention can realize mutual authentication.

(3)本发明可以杜绝重放攻击的发生。本发明的通信过程均使用AES加密算法进行加密,并且每次通信所使用的临时密钥KT均不相同,所以可以杜绝重放攻击的发生。(3) The present invention can prevent the occurrence of replay attacks. The communication process of the present invention is encrypted using the AES encryption algorithm, and the temporary key KT used in each communication is different, so the occurrence of replay attacks can be prevented.

(4)本发明具有良好的功能扩展性,请求命令使用一个字节编码,可以有256种不同的请求,并且每种请求均可以携带相应参数。方便添加除开锁以外的扩展功能,比如可以设计有时间限制的临时开锁密钥指令、相应的时间同步指令以及开锁日志读取指令等扩展功能。(4) The present invention has good function expandability, the request command uses one byte code, there can be 256 different requests, and each request can carry corresponding parameters. It is convenient to add extended functions other than unlocking, such as a time-limited temporary unlocking key command, corresponding time synchronization command, unlocking log reading command and other extended functions.

(5)本发明通信及时,认证速度快,本发明考虑到硬件资源的运算速度的有限性,采用了对称加密算法认证方式,没有使用公钥密码认证方式,极大加快了认证过程与通信过程中加密操作的耗时,经实际测试完全满足门锁控制的实际需求。(5) The present invention communicates in time, and authentication speed is fast, and the present invention has adopted the symmetric encryption algorithm authentication mode in consideration of the limitation of the computing speed of hardware resource, has not used public key password authentication mode, has accelerated authentication process and communication process greatly The time-consuming encryption operation in the system fully meets the actual needs of door lock control through actual testing.

本发明使用的加密算法可替换,可以使用任何对称分组加密算法进行替换,整个认证过程和所使用的加密算法没有相关性,只要是对称分组加密算法都可以使用。The encryption algorithm used in the present invention is replaceable, and any symmetric block encryption algorithm can be used for replacement. The entire authentication process has no correlation with the encryption algorithm used, and any symmetric block encryption algorithm can be used.

以上仅为本发明实施例的较佳实施例而已,并不用以限制本发明实施例,凡在本发明实施例的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明实施例的保护范围内。The above are only preferred embodiments of the embodiments of the present invention, and are not intended to limit the embodiments of the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the embodiments of the present invention shall include Within the protection scope of the embodiments of the present invention.

Claims (6)

1.基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:包括两个通信主体,分别为门锁模块与智能手机终端钥匙模块,两个通信主体在ISO/IEC14443协议之上进行通信,其中通信过程分为两部分:1. The security communication scheme for door lock control based on the smart phone NFC function, which is characterized in that it includes two communication subjects, namely the door lock module and the smart phone terminal key module, and the two communication subjects communicate on the basis of the ISO/IEC14443 protocol , where the communication process is divided into two parts: 首先门锁模块与钥匙模块进行基于ISO9798-2三轮认证协议的相互认证,互相确认对方主体为合法主体,然后钥匙模块发送请求内容,门锁模块对请求的内容进行响应并反馈信息,最后结束通信。First, the door lock module and the key module perform mutual authentication based on the ISO9798-2 three-round authentication protocol to confirm that the other party is a legal subject, then the key module sends the request content, the door lock module responds to the request content and feeds back information, and finally ends communication. 2.根据权利要求1所述的基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:通信过程的具体步骤包括:2. The door lock control security communication scheme based on smart phone NFC function according to claim 1, characterized in that: the specific steps of the communication process include: 首先钥匙模块向门锁模块发送一个开始认证请求指令,开始整个认证过程;First, the key module sends a start authentication request command to the door lock module to start the entire authentication process; 门锁模块接收到开始认证请求指令后,接着门锁模块产生一个第一随机数,使用其与钥匙模块共享的系统密钥KS对产生的第一随机数进行加密并发送给钥匙模块;After the door lock module receives the start authentication request instruction, then the door lock module generates a first random number, uses the system key KS shared with the key module to encrypt the generated first random number and sends it to the key module; 接着钥匙模块对反馈的消息进行解密得到一个解密结果一,并且产生一个第二随机数和临时会话密钥KT,使用共享系统密钥KS对产生的第二随机数、临时会话密钥KT和解密结果一进行加密并且传输给门锁模块;Then the key module decrypts the feedback message to obtain a decryption result 1, and generates a second random number and temporary session key KT, and uses the shared system key KS to generate the second random number, temporary session key KT and decryption The result is encrypted and transmitted to the door lock module; 接着门锁模块对反馈的消息进行解密得到一个解密结果二,验证解密结果二中是否包含正确的第一随机数,如果包含正确的第一随机数Then the door lock module decrypts the feedback message to get a decryption result 2, verify whether the decryption result 2 contains the correct first random number, if it contains the correct first random number 则完成了对钥匙模块KEY的认证,并将第一随机数与第二随机数使用临时密钥KT加密发送给钥匙模块KEY;如果解密结果二包含错误的第一随机数,则停止通信;Then the authentication of the key module KEY is completed, and the first random number and the second random number are encrypted and sent to the key module KEY using the temporary key KT; if the decryption result 2 contains the wrong first random number, the communication is stopped; 随后钥匙模块对反馈的消息进行解密得到一个解密结果三,验证是否与上步骤门锁模块反馈的消息相同,如果相同则完成对门锁模块的认证,整个相互认证过程结束;Then the key module decrypts the feedback message to get a decryption result 3, verify whether it is the same as the message fed back by the door lock module in the previous step, if it is the same, complete the authentication of the door lock module, and the entire mutual authentication process ends; 接下来进行实际请求发送,在接下来的通信中均使用临时密钥进行加密,钥匙模块加密发送需要的请求命令,门锁模块根据收到的请求与相应参数判断是否可以执行该请求命令,并根据判断结果执行实际请求,然后响应并反馈信息,整个通信过程结束。Next, the actual request is sent. In the next communication, the temporary key is used for encryption. The key module encrypts and sends the required request command. The door lock module judges whether the request command can be executed according to the received request and corresponding parameters, and Execute the actual request according to the judgment result, then respond and feed back the information, and the whole communication process ends. 3.根据权利要求2所述的基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:门锁模块采用支持卡模拟功能的NFC芯片,并在卡模拟模式下进行工作,模拟一张使用ISO/IEC14443通信协议的智能卡;3. The door lock control security communication scheme based on smart phone NFC function according to claim 2, characterized in that: the door lock module adopts an NFC chip that supports the card simulation function, and works in the card simulation mode, simulating a Smart card using ISO/IEC14443 communication protocol; 钥匙模块在读卡器模式下进行工作。The key module works in card reader mode. 4.根据权利要求2所述的基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:所述通信过程使用AES加密算法加密保护。4. The secure communication scheme for door lock control based on the smart phone's NFC function according to claim 2, characterized in that: the communication process is encrypted and protected using the AES encryption algorithm. 5.根据权利要求2所述的基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:所述通信过程使用非AES算法的其他对称分组加密算法。5. The door lock control security communication scheme based on smart phone NFC function according to claim 2, characterized in that: the communication process uses other symmetric block encryption algorithms other than AES algorithm. 6.根据权利要求2所述的基于智能手机NFC功能的门锁控制安全通信方案,其特征在于:钥匙模块加密发送需要的请求命令格式为一个字节的请求码加相应参数。6. The door lock control security communication scheme based on smart phone NFC function according to claim 2, characterized in that: the request command format required for encrypted transmission of the key module is a one-byte request code plus corresponding parameters.
CN201510404628.2A 2015-07-10 2015-07-10 Door lock control secure communication scheme based on NFC (near field communication) function of smart phone Pending CN105069864A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510404628.2A CN105069864A (en) 2015-07-10 2015-07-10 Door lock control secure communication scheme based on NFC (near field communication) function of smart phone

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510404628.2A CN105069864A (en) 2015-07-10 2015-07-10 Door lock control secure communication scheme based on NFC (near field communication) function of smart phone

Publications (1)

Publication Number Publication Date
CN105069864A true CN105069864A (en) 2015-11-18

Family

ID=54499220

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510404628.2A Pending CN105069864A (en) 2015-07-10 2015-07-10 Door lock control secure communication scheme based on NFC (near field communication) function of smart phone

Country Status (1)

Country Link
CN (1) CN105069864A (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106652136A (en) * 2016-12-22 2017-05-10 奇酷互联网络科技(深圳)有限公司 Mobile terminal-based access control management information processing method and device
CN106683245A (en) * 2016-12-22 2017-05-17 贵州航天计量测试技术研究所 NFC (Near Field Communication) mobile intelligent terminal security access control system and control method thereof
CN106846583A (en) * 2017-02-07 2017-06-13 广东南方电信规划咨询设计院有限公司 A kind of wireless intelligent access control system
CN106971441A (en) * 2017-04-28 2017-07-21 深圳星普森信息技术有限公司 A kind of method for unlocking, door lock, key and lockset
CN107610292A (en) * 2017-09-15 2018-01-19 广州市雅天网络科技有限公司 The method for unlocking of controllable distance intelligent door lock based on bluetooth
CN108122311A (en) * 2017-11-30 2018-06-05 北京九五智驾信息技术股份有限公司 Vehicle virtual key realization method and system
CN108171831A (en) * 2017-12-22 2018-06-15 武汉瑞纳捷电子技术有限公司 A kind of bidirectional safe authentication method based on NFC mobile phone and smart lock
CN108320356A (en) * 2018-02-02 2018-07-24 陈旭 Lock control method, apparatus and system
CN108830994A (en) * 2018-06-23 2018-11-16 辽宁工程技术大学 A kind of high security hotel check-in system based on cloud commercial affairs block chain
CN108989282A (en) * 2018-06-06 2018-12-11 咕咚网络(北京)有限公司 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system
CN109064606A (en) * 2018-08-03 2018-12-21 广州邦讯信息系统有限公司 Gate inhibition's task executing method, system, access control system and readable storage medium storing program for executing
CN109326018A (en) * 2018-08-08 2019-02-12 珠海优特电力科技股份有限公司 A kind of authentication method for preventing lockset to be replicated, apparatus and system and electron key
CN109448164A (en) * 2018-09-07 2019-03-08 甘肃农业大学 A kind of terminal, lock body, door-locking system and management method
CN109949461A (en) * 2019-03-15 2019-06-28 北京深思数盾科技股份有限公司 Method for unlocking and device
CN111063070A (en) * 2019-12-26 2020-04-24 捷德(中国)信息科技有限公司 Digital key sharing method, digital key verification method and digital key verification equipment
CN111137245A (en) * 2019-12-17 2020-05-12 重庆邮电大学 Opening and closing method for automobile door lock
CN111508114A (en) * 2020-04-17 2020-08-07 上海钧正网络科技有限公司 Bicycle unlocking method and device, storage medium and hub lock
CN111526210A (en) * 2020-05-06 2020-08-11 广东纬德信息科技股份有限公司 Distribution network safety intelligent cabinet system, control method, medium and terminal equipment
US20220021547A1 (en) * 2017-11-23 2022-01-20 In-Webo Technologies Sas Digital method for controlling access to an object, a resource or service by a user

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1933351A (en) * 2006-09-27 2007-03-21 上海复旦微电子股份有限公司 Mobile telephone apparatus realizing method with non-contact IC card or electronic label and non-contact IC card or electronic label read/write device application
KR101211477B1 (en) * 2011-08-31 2012-12-12 주식회사 아이레보 Method for mobile-key service
CN102982592A (en) * 2011-09-06 2013-03-20 上海博路信息技术有限公司 NFC terminal electronic key
CN203849784U (en) * 2014-04-24 2014-09-24 常州市盈能电气有限公司 NFC-based access control system
CN204442376U (en) * 2014-04-10 2015-07-01 北京数码视讯科技股份有限公司 Near-field communication device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1933351A (en) * 2006-09-27 2007-03-21 上海复旦微电子股份有限公司 Mobile telephone apparatus realizing method with non-contact IC card or electronic label and non-contact IC card or electronic label read/write device application
KR101211477B1 (en) * 2011-08-31 2012-12-12 주식회사 아이레보 Method for mobile-key service
CN102982592A (en) * 2011-09-06 2013-03-20 上海博路信息技术有限公司 NFC terminal electronic key
CN204442376U (en) * 2014-04-10 2015-07-01 北京数码视讯科技股份有限公司 Near-field communication device
CN203849784U (en) * 2014-04-24 2014-09-24 常州市盈能电气有限公司 NFC-based access control system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
饶运涛: "《电子标签技术》", 30 May 2011 *

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106683245A (en) * 2016-12-22 2017-05-17 贵州航天计量测试技术研究所 NFC (Near Field Communication) mobile intelligent terminal security access control system and control method thereof
CN106652136A (en) * 2016-12-22 2017-05-10 奇酷互联网络科技(深圳)有限公司 Mobile terminal-based access control management information processing method and device
CN106846583A (en) * 2017-02-07 2017-06-13 广东南方电信规划咨询设计院有限公司 A kind of wireless intelligent access control system
CN106971441A (en) * 2017-04-28 2017-07-21 深圳星普森信息技术有限公司 A kind of method for unlocking, door lock, key and lockset
CN107610292A (en) * 2017-09-15 2018-01-19 广州市雅天网络科技有限公司 The method for unlocking of controllable distance intelligent door lock based on bluetooth
US20220021547A1 (en) * 2017-11-23 2022-01-20 In-Webo Technologies Sas Digital method for controlling access to an object, a resource or service by a user
CN108122311B (en) * 2017-11-30 2021-03-26 北京九五智驾信息技术股份有限公司 Vehicle virtual key implementation method and system
CN108122311A (en) * 2017-11-30 2018-06-05 北京九五智驾信息技术股份有限公司 Vehicle virtual key realization method and system
CN108171831A (en) * 2017-12-22 2018-06-15 武汉瑞纳捷电子技术有限公司 A kind of bidirectional safe authentication method based on NFC mobile phone and smart lock
CN108320356A (en) * 2018-02-02 2018-07-24 陈旭 Lock control method, apparatus and system
CN108989282A (en) * 2018-06-06 2018-12-11 咕咚网络(北京)有限公司 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system
CN108830994A (en) * 2018-06-23 2018-11-16 辽宁工程技术大学 A kind of high security hotel check-in system based on cloud commercial affairs block chain
CN109064606A (en) * 2018-08-03 2018-12-21 广州邦讯信息系统有限公司 Gate inhibition's task executing method, system, access control system and readable storage medium storing program for executing
CN109326018A (en) * 2018-08-08 2019-02-12 珠海优特电力科技股份有限公司 A kind of authentication method for preventing lockset to be replicated, apparatus and system and electron key
CN109448164A (en) * 2018-09-07 2019-03-08 甘肃农业大学 A kind of terminal, lock body, door-locking system and management method
CN109949461A (en) * 2019-03-15 2019-06-28 北京深思数盾科技股份有限公司 Method for unlocking and device
CN111137245A (en) * 2019-12-17 2020-05-12 重庆邮电大学 Opening and closing method for automobile door lock
CN111063070A (en) * 2019-12-26 2020-04-24 捷德(中国)信息科技有限公司 Digital key sharing method, digital key verification method and digital key verification equipment
CN111063070B (en) * 2019-12-26 2021-07-09 捷德(中国)科技有限公司 Digital key sharing method, digital key verification method and digital key verification equipment
CN111508114A (en) * 2020-04-17 2020-08-07 上海钧正网络科技有限公司 Bicycle unlocking method and device, storage medium and hub lock
CN111508114B (en) * 2020-04-17 2022-04-22 上海钧正网络科技有限公司 Bicycle unlocking method and device, storage medium and hub lock
CN111526210A (en) * 2020-05-06 2020-08-11 广东纬德信息科技股份有限公司 Distribution network safety intelligent cabinet system, control method, medium and terminal equipment

Similar Documents

Publication Publication Date Title
CN105069864A (en) Door lock control secure communication scheme based on NFC (near field communication) function of smart phone
US20200104826A1 (en) Contactless card emulation system and method
CN106034028B (en) A terminal equipment authentication method, device and system
RU2659488C2 (en) Wireless communication system
CN104092550B (en) Cipher code protection method, system and device
JP6092415B2 (en) Fingerprint authentication system and fingerprint authentication method based on NFC
MY203124A (en) Wireless network connection method and apparatus, and storage medium
US20150372813A1 (en) System and method for generating a random number
CN109949461B (en) Unlocking method and device
CN105553932A (en) Method, device and system of remote control safety binding of intelligent home appliance
CN104158666A (en) Method of implementing binding and authentication of intelligent bracelet and intelligent mobile terminal
TW201701599A (en) Wireless communication technology
CN109391468A (en) A kind of authentication method and system
CN105989386A (en) Method and device for reading and writing radio frequency identification card
TWI632798B (en) Server, mobile terminal, and network real-name authentication system and method
JP2024099827A (en) Multi-factor authentication providing credential via contactless card for secure messaging
US20180288092A1 (en) Protection from relay attacks in wireless communication systems
CN103780620A (en) Network security method and network security system
CN106411505A (en) Bidirectional authentication method of mobile radio frequency identification and mobile radio frequency identification system
CN108600176A (en) A kind of intelligent terminal safety certifying method, equipment, server and system
CN101944216A (en) Double-factor online transaction security authentication method and system
CN101895881A (en) Method for realizing GBA secret key and pluggable equipment of terminal
US11895251B2 (en) Mutual authentication with pseudo random numbers
JP2015535154A (en) Communication information transmission method and system
CN103596175A (en) Mobile intelligent terminal certification system and method based on near field communication technology

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20151118

WD01 Invention patent application deemed withdrawn after publication