[go: up one dir, main page]

CN115766119B - Communication method, device, communication system and storage medium - Google Patents

Communication method, device, communication system and storage medium Download PDF

Info

Publication number
CN115766119B
CN115766119B CN202211346244.6A CN202211346244A CN115766119B CN 115766119 B CN115766119 B CN 115766119B CN 202211346244 A CN202211346244 A CN 202211346244A CN 115766119 B CN115766119 B CN 115766119B
Authority
CN
China
Prior art keywords
client
key
ciphertext
authentication server
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211346244.6A
Other languages
Chinese (zh)
Other versions
CN115766119A (en
Inventor
高伟
张丽霞
闫俊
景卫哲
刘泽辉
马东娟
郭旻
郑惠萍
李�瑞
柴雯
琚贇
赵勇彪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Research Institute of State Grid Shanxi Electric Power Co Ltd
North China Electric Power University
Original Assignee
Electric Power Research Institute of State Grid Shanxi Electric Power Co Ltd
North China Electric Power University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of State Grid Shanxi Electric Power Co Ltd, North China Electric Power University filed Critical Electric Power Research Institute of State Grid Shanxi Electric Power Co Ltd
Priority to CN202211346244.6A priority Critical patent/CN115766119B/en
Publication of CN115766119A publication Critical patent/CN115766119A/en
Application granted granted Critical
Publication of CN115766119B publication Critical patent/CN115766119B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)

Abstract

The application discloses a communication method, a device, a communication system and a storage medium, wherein the method comprises the steps that a first client generates a message according to a first ciphertext, a theme and an encryption device identifier and sends the message to a proxy server; the authentication server generates a third ciphertext according to the second shared communication key, the theme, the encrypted equipment identifier and the first public key, the proxy server encrypts the first ciphertext and the third ciphertext by using the third shared communication key to generate a fourth ciphertext, the second client decrypts the fourth ciphertext by using the fourth shared communication key to obtain the first ciphertext and the third ciphertext, the second client decrypts the third ciphertext by using the first private key to obtain the first session key and the equipment identifier, and the second client decrypts the first ciphertext by using the first session key to obtain the payload and the equipment identifier. The MQTT protocol achieves a better compromise effect between the performance index and the data security.

Description

Communication method, device, communication system and storage medium
Technical Field
The present application relates to the field of communications security technologies, and in particular, to a communications method, apparatus, communications system, and storage medium.
Background
The MQTT (Message Queuing Telemetry Transport, message queuing transmission protocol) protocol is used as a lightweight communication protocol, and has the characteristics of small communication overhead, unreliable network adaptability and the like, so that the MQTT (Message Queuing Telemetry Transport) protocol has wide application in the field of the Internet of things. The MQTT protocol does not provide a measure for guaranteeing the data security, and the message is in a plaintext state by default during pushing, forwarding and cloud storage processing, so that an attacker is given the opportunity.
In the related art, a method of embedding SSL (Secure Sockets Layer, secure socket protocol)/TLS (Transport Layer Security, secure transport layer protocol) protocol between MQTT protocol and TCP (Transmission Control Protocol ) protocol is adopted, and further, the SSL/TLS protocol scheme is light-weighted, i.e. the step of certificate authentication of SSL/TLS is put off-line, so as to implement a lightweight communication encryption transmission method.
In carrying out the present application, the applicant has found that the related art has at least the following problems:
firstly, for some resource-constrained devices, it is difficult to integrate SSL/TLS, so this method is not suitable for computing resources or network resource-constrained devices, and secondly, for lightweight protocol schemes, since the certificate authentication of SSL/TLS is put offline, although the resource-constrained devices can be improved, this offline authentication method cannot meet the requirements when a large number of publishers and subscribers enter the system.
Disclosure of Invention
In view of this, the present application provides a communication method, apparatus, communication system and storage medium, and aims to solve the problems that the current lightweight SSL/TLS protocol scheme is limited for computing resources or network resources, and when there are a large number of clients, the computing overhead and storage overhead of the clients are large due to the network resource limited devices.
According to a first aspect of the application, a communication method is provided, which is suitable for a communication system, wherein the communication system comprises a first client, a second client, a proxy server and an authentication server, the method comprises the steps of responding to a communication request, obtaining a theme and a payload to be distributed on the theme, which are included in the communication request, encrypting a device identifier of the payload and the first client by using a first session key to generate a first ciphertext, encrypting the device identifier and the first session key by the first client by using a first shared communication key to generate an encrypted device identifier and a second session key, transmitting the second session key to the authentication server, generating a message according to the first ciphertext, the theme and the encrypted device identifier by the first client, transmitting the message to the proxy server, determining a second client corresponding to the theme and the second client by using the message, and transmitting the theme, the second client and the encrypted device identifier to the authentication server, decrypting the first ciphertext by using the first shared communication key, and the first shared secret key by using the first shared device identifier and the first shared secret key by the first client, decrypting the first ciphertext by using the first client and the first shared secret key by the first client, the method comprises the steps of obtaining a payload and a device identifier, comparing the device identifier obtained by decrypting with a first private key with the device identifier obtained by decrypting with a first session key by a second client, and reserving the payload if the device identifier obtained by decrypting with the first subscription private key is identical with the device identifier obtained by decrypting with the first session key.
Optionally, the authentication server generates a third ciphertext according to the second shared communication key, the theme, the encrypted device identifier and the first public key, and sends the third ciphertext to the proxy server; the authentication server utilizes the theme and the equipment identifier to determine a first session key, generates a first public-private key pair according to the theme and the second client, wherein the first public-private key pair comprises a first public key and a first private key, encrypts the first private key by utilizing a third shared communication key and sends the encrypted first private key to the second client, encrypts the first session key and the equipment identifier by utilizing the first public key to generate a third ciphertext, and sends the third ciphertext to the proxy server.
Optionally, before the communication request is responded to and the theme and the payload to be distributed on the theme are acquired, the method further comprises the steps of responding to a client registration request to acquire registration information of a target client included in the client registration request, wherein the target client is a first client or a second client, judging whether the target client is registered or not by an authentication server according to the registration information and the client information in the authentication server, and generating an identity of the target client according to a client equipment identity, a first timestamp and preset parameter information by the authentication server under the condition that the target client is not registered so as to register the target client.
Optionally, the authentication server generates an identity of the target client according to the client device identifier, the first timestamp and the preset parameter information to register the target client, and then the authentication server sends the first prime number, the second prime number and the identity corresponding to the target client, the target client generates a first hash value and a first hash digest according to the identity, the device identifier and the first timestamp, the target client sends the device identifier, the first timestamp, the first hash value and the first hash digest to the authentication server, the authentication server generates a second hash digest according to the first hash value, the device identifier and the first timestamp, the authentication server generates a second hash digest according to the device identifier and the first timestamp when the first hash digest is the same as the second hash digest, the authentication server generates a second public key pair, a third public key pair and a first value when the first hash value is the same as the second hash value, the second public key pair, the third public key pair and the first hash value are generated, the second public key pair, the second public key and the first hash value are generated by the authentication server when the first hash value is the second hash value is the same as the second hash value, the second public key pair, the third public key is generated by the authentication server, the authentication server generates a second hash digest according to the second public key pair, and the second public key is the second public key, and the third public key is the third public key and the second public key is the same as the second public key, and the second public key is the target key, and the target key is generated by the second public key and the second public key is the first public key is the same The authentication server generates a fifth shared communication key corresponding to the target client according to the fourth public key, the identity mark and the third timestamp, generates a sixth hash digest according to the fourth public key, the identity mark and the third timestamp, and generates a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value when the fifth hash digest is identical to the sixth hash digest, and generates the sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value when the fifth hash digest is identical to the sixth hash digest.
Optionally, the step of generating the fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value specifically includes calculating a first parameter according to the first hash digest, the third hash digest and the fifth hash digest by using a first preset formula, wherein the first preset formula is as follows:
t=Hash(HDP1||HDP2||HDP3);
The method comprises the steps of taking t as a first parameter, taking Hash as a Hash function, taking HD P1 as a first Hash digest, taking HD P2 as a third Hash digest, taking HD P3 as a fifth Hash digest, and calculating to obtain a second parameter according to a first prime number and a second prime number by using a second preset formula, wherein the second preset formula is as follows:
M=m1×m2;
Wherein M is a second parameter, M 1 is a first prime number, M 2 is a second prime number, a third parameter is calculated according to the second parameter, the first prime number and the second prime number by using a third preset formula, and the third preset formula is:
Wherein M i is a third parameter, M i is a first prime number or a second prime number, a fourth parameter is calculated by a fourth preset formula according to the third parameter, the first prime number and the second prime number, and the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
Wherein y i is a fourth parameter, mod is a residual function, and a fifth parameter is calculated according to the second parameter, the third parameter, the fourth parameter, the first value and the second value by using a fifth preset formula, wherein the fifth preset formula is:
x=(a1y1M1+a2y2M2)(mod(M));
Wherein x is a fifth parameter, a 1 is a first value, y 1 is a fourth parameter when i=1, M 1 is a third parameter when i=1, a 2 is a second value, y 2 is a fourth parameter when i=2, M 2 is a third parameter when i=2, a fifth shared communication key is calculated according to the fifth parameter, the second public key, the third public key, and the fourth private key using a sixth predetermined formula, and the sixth predetermined formula is:
shareKeyclient=e(Fx+tR);
wherein shareKey client is a fifth shared communication key, e is a fourth private key, F is a second public key, and R is a third public key.
The method comprises the steps of generating a sixth shared communication key corresponding to an authentication server according to a first hash digest, a third hash digest, a fifth hash digest, a first prime number, a second private key, a third private key, a fourth public key, a first numerical value and a second numerical value, wherein the method specifically comprises the steps of calculating to obtain a first parameter according to the first hash digest, the third hash digest and the fifth hash digest by using a first preset formula, calculating to obtain a second parameter according to the first prime number and the second prime number by using a second preset formula, calculating to obtain a third parameter according to the second parameter, the first prime number and the second prime number by using a third preset formula, calculating to obtain a fourth parameter according to the third parameter, the first prime number and the second prime number by using a fourth preset formula, and the fourth preset formula is as follows:
yi=Mi -1(mod(mi))(i=1、2);
calculating a fifth parameter according to the second parameter, the third parameter, the fourth parameter, the first numerical value and the second numerical value by using a fifth preset formula, calculating a fifth shared communication key according to the fifth parameter, the second private key, the third private key and the fourth public key by using a sixth preset formula, wherein the sixth preset formula is as follows:
shareKeybroker=E(fx+tr);
wherein shareKey broker is a sixth shared communication key, E is a fourth public key, f is a second private key, and t is a third private key.
According to a second aspect of the present application, there is provided a communication apparatus adapted for use in a communication system, wherein the communication system comprises a first client, a second client, a proxy server and an authentication server, the apparatus comprising an acquisition module for acquiring a payload to be distributed on a topic and a theme included in the communication request in response to the communication request, a generation module for the first client to encrypt a device identifier of the payload and the first client using a first session key to generate a first ciphertext, a generation module for the first client to encrypt the device identifier and the first session key using a first shared communication key to generate an encrypted device identifier and a second session key and to transmit the second session key to the authentication server, a generation module for the first client to generate a message according to the first ciphertext, the topic and the encrypted device identifier, a determination module for the proxy server to determine a second client corresponding to the topic and the topic according to the message, and to transmit the second ciphertext and the encrypted device identifier to the authentication server, a generation module for the first client to generate a second shared secret key and a third secret key and a fourth secret key and a third secret key for the first client to the first shared communication server, the system comprises a first cipher text, a second cipher text, a third cipher text, a generation module, a comparison module and a storage module, wherein the first cipher text is decrypted by the first cipher text to obtain a first session key and a device identifier, the generation module is also used for decrypting the first cipher text by the second client to obtain a payload and the device identifier by the first session key, the comparison module is used for comparing the device identifier decrypted by the first private key with the device identifier decrypted by the first session key by the second client, and the storage module is used for reserving the payload if the device identifier decrypted by the first subscription private key is identical to the device identifier decrypted by the first session key.
The generation module is specifically configured to decrypt the encrypted device identifier by using the second shared communication key to obtain a device identifier of the first client, determine a first session key by using the theme and the device identifier by using the authentication server, generate a first public-private key pair according to the theme and the second client, where the first public-private key pair includes the first public key and the first private key, encrypt the first private key by using the third shared communication key by using the authentication server, and send the encrypted first private key to the second client, encrypt the first session key and the device identifier by using the first public key to generate a third ciphertext, and send the third ciphertext to the proxy server by using the authentication server.
Optionally, the obtaining module is further configured to obtain, in response to the client registration request, registration information of a target client included in the client registration request, where the target client is a first client or a second client.
Optionally, the device further comprises a judging module, which is used for judging whether the target client is registered according to the registration information and the client information in the authentication server.
Optionally, the generating module is further configured to, when the target client is not registered, generate an identity of the target client according to the client device identifier, the first timestamp and the preset parameter information, so as to register the target client.
Optionally, the device further comprises a sending module, wherein the sending module is used for sending the first prime number, the second prime number and the identity identifier corresponding to the target client by the authentication server.
Optionally, the generating module is further configured to generate the first hash value and the first hash digest according to the identity, the device identifier and the first timestamp by the target client.
Optionally, the sending module is further configured to send the device identifier, the first timestamp, the first hash value, and the first hash digest to the authentication server by the target client.
Optionally, the generating module is further configured to generate a second hash value according to the device identifier and the first timestamp when the first hash digest is the same as the second hash digest, generate a second public-private key pair, a third public-private key pair and the first numerical value when the first hash value is the same as the second hash value, wherein the second public-private key pair includes the second public key and the second private key, and the third public-private key pair includes the third public key and the third private key, and generate the third hash digest according to the third public key, the identity identifier and the second timestamp.
Optionally, the sending module is further configured to send the second public key, the third public key, the first numerical value, the second timestamp, and the third hash digest to the target client by the authentication server.
Optionally, the generating module is further configured to generate a fourth hash digest according to the second public key, the second timestamp and the identity, and if the third hash digest is the same as the fourth hash digest, the target client generates a fourth public-private key pair, where the fourth public-private key pair includes the fourth public key and the fourth private key, and the target client generates a fifth hash digest according to the fourth public key, the identity and the third timestamp.
Optionally, the sending module is further configured to send the fourth public key, the fifth hash digest, the second numerical value, and the third timestamp to the authentication server by the target client.
Optionally, the generating module is further configured to generate a sixth hash digest according to the fourth public key, the identity identifier and the third timestamp, where the fifth hash digest is the same as the sixth hash digest, and the target client generates a fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value in response to a verification passing instruction sent by the authentication server, and generates a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value in response to a verification confirming instruction sent by the target client.
Optionally, the generating module is further specifically configured to calculate, according to the first hash digest, the third hash digest, and the fifth hash digest, a first parameter according to a first preset formula, where the first preset formula is:
t=Hash(HDP1||HDP2||HDP3);
The method comprises the steps of taking t as a first parameter, taking Hash as a Hash function, taking HD P1 as a first Hash digest, taking HD P2 as a third Hash digest, taking HD P3 as a fifth Hash digest, and calculating to obtain a second parameter according to a first prime number and a second prime number by using a second preset formula, wherein the second preset formula is as follows:
M=m1×m2;
Wherein M is a second parameter, M 1 is a first prime number, M 2 is a second prime number, a third parameter is calculated according to the second parameter, the first prime number and the second prime number by using a third preset formula, and the third preset formula is:
Wherein M i is a third parameter, M i is a first prime number or a second prime number, a fourth parameter is calculated by a fourth preset formula according to the third parameter, the first prime number and the second prime number, and the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
Wherein y i is a fourth parameter, mod is a residual function, and a fifth parameter is calculated according to the second parameter, the third parameter, the fourth parameter, the first value and the second value by using a fifth preset formula, wherein the fifth preset formula is:
x=(a1y1M1+a2y2M2)(mod(M));
Wherein x is a fifth parameter, a 1 is a first value, y 1 is a fourth parameter when i=1, M 1 is a third parameter when i=1, a 2 is a second value, y 2 is a fourth parameter when i=2, M 2 is a third parameter when i=2, a fifth shared communication key is calculated according to the fifth parameter, the second public key, the third public key, and the fourth private key using a sixth predetermined formula, and the sixth predetermined formula is:
shareKeyclient=e(Fx+tR);
wherein shareKey client is a fifth shared communication key, e is a fourth private key, F is a second public key, and R is a third public key.
Optionally, the generating module is further specifically configured to calculate, according to the first hash digest, the third hash digest, and the fifth hash digest, a first parameter according to a first preset formula, calculate, according to the first prime number and the second prime number, a second parameter according to a second preset formula, calculate, according to the second parameter, the first prime number, and the second prime number, a third parameter according to a third preset formula, calculate, according to the third parameter, the first prime number, and the second prime number, a fourth parameter according to a fourth preset formula, wherein the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
calculating a fifth parameter according to the second parameter, the third parameter, the fourth parameter, the first numerical value and the second numerical value by using a fifth preset formula, calculating a fifth shared communication key according to the fifth parameter, the second private key, the third private key and the fourth public key by using a sixth preset formula, wherein the sixth preset formula is as follows:
shareKeybroker=E(fx+tr);
wherein shareKey broker is a sixth shared communication key, E is a fourth public key, f is a second private key, and t is a third private key.
According to a third aspect of the present application there is provided a communication system comprising a communication method as described in the first aspect.
Optionally, the communication system further comprises:
the first client is used for issuing messages, is in communication connection with the authentication server and is in communication connection with the proxy server;
the system comprises a first client, a second client, a proxy server and an authentication server, wherein the first client is used for receiving a message of a subscribed theme, and is in communication connection with the proxy server.
According to a fourth aspect of the present application there is provided a storage medium having stored therein at least one executable instruction which when executed by a processor causes the steps of the communication method of any of the first aspects to be carried out.
By means of the technical scheme, the communication method, the device, the communication system and the storage medium provided by the application, specifically, by designing a lightweight key negotiation algorithm, the client and the authentication server generate symmetrical shared communication keys based on the lightweight key negotiation algorithm, a safe communication channel is established for the client and the server in the MQTT protocol, on one hand, the keys and the messages are encrypted by the shared communication keys in the communication process, an attacker can only acquire the encrypted messages and session keys, the plaintext of the messages cannot be obtained, the corresponding messages cannot be subjected to eavesdropping, leakage and other operations, so that the safety problem of the messages in the plaintext form of storing processing is solved, the key safety is improved, on the other hand, the additional handshake flow is not required to be increased like the SSL/TLS scheme to negotiate keys, the problem that the SSL/TLS scheme needs additional network round-trip is solved, the burden on the client in communication is avoided, the calculation cost and the storage cost of the MQTT client are reduced, the portability of the communication is improved, and the effect of the MQTT is better than the MQTT is achieved in the data protocol.
The foregoing description is only an overview of the present application, and is intended to be implemented in accordance with the teachings of the present application in order that the same may be more clearly understood and to make the same and other objects, features and advantages of the present application more readily apparent.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
Fig. 1 shows a schematic flow chart of a communication method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a communication device according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an authentication server according to an embodiment of the present application;
fig. 4 shows a schematic structural diagram of a communication system according to an embodiment of the present application.
Detailed Description
Exemplary embodiments of the present application will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present application are shown in the drawings, it should be understood that the present application may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the application to those skilled in the art.
The embodiment of the application provides a communication method, as shown in fig. 1, which comprises the following steps:
101. And responding to the communication request, and acquiring a theme and a payload to be issued on the theme, which are included in the communication request.
In this step, in response to the communication request, the subject issued by the issuer in the communication request and the payload to be issued on the subject are acquired, and it is to be noted that the payload is the specific content of the message to be issued.
102. The first client encrypts the payload and the device identification of the first client by using the first session key to generate a first ciphertext.
In this step, the first client is a publisher that publishes the message, and each publisher generates a first session key according to the theme when publishing the message, and then encrypts the payload and the device identifier of the publisher by using the generated first session key to generate a first ciphertext.
By the method, the first client side encrypts the transmission message and the identity mark by utilizing the session key generated according to the theme, and the security of the client side on session key management and control is improved.
103. The first client encrypts the device identifier and the first session key using the first shared communication key, generates an encrypted device identifier and a second session key, and sends the second session key to the authentication server.
In this step, the first client encrypts its device identifier using the first shared communication key to generate an encrypted device identifier. Meanwhile, the first client encrypts the first session key by using the first shared communication key, and generates an encrypted second session key. Thereafter, the encrypted second session key is sent to the authentication server for the authentication server to store the first session key in the database.
Optionally, after receiving the second session key, the authentication server unlocks the second session key with a second shared communication key that is symmetrical to the first shared communication key to decrypt the first session key, and stores the first session key in the database.
The shared communication key belongs to a symmetric key, and is generated by the client and the authentication server by using a key negotiation algorithm, and the client uses the shared communication key to encrypt and decrypt data, and the proxy server and the authentication server to carry out secure transmission. Specifically, the first shared communication key is a shared communication key generated by the first client, and the second shared communication key capable of decrypting the first shared communication key is a shared communication key generated by the authentication server.
104. And the first client generates a message according to the first ciphertext, the theme and the encryption equipment identifier and sends the message to the proxy server.
In the step, the first client encapsulates the encrypted first ciphertext, the theme and the encrypted encryption equipment identifier into a message, and sends the message to the proxy server.
By the method, on one hand, the message is in an encrypted state before transmission, so that an attacker is difficult to obtain the original text of the message, the safety of data transmission is improved, and on the other hand, an additional handshake process similar to an SSL/TLS scheme is not required to be added to negotiate a subsequent symmetric key, and the burden on a client in the data transmission process is avoided.
105. And the proxy server determines the theme and a second client corresponding to the theme according to the message, and sends the theme, the second client and the encryption equipment identifier to the authentication server.
In the step, after receiving the message sent by the first client, the proxy server analyzes the message to determine the topic to which the message sent by the first client belongs, and then queries a second client, namely a subscriber, corresponding to the topic. After the subscriber is determined, the proxy server sends the theme, the encryption equipment identification of the second client and the first client to the authentication server.
106. The authentication server generates a third ciphertext according to the second shared communication key, the theme, the encrypted device identifier, and the first public key, and sends the third ciphertext to the proxy server.
107. And the proxy server encrypts the first ciphertext and the third ciphertext by using the third shared communication key, generates a fourth ciphertext, and sends the fourth ciphertext to the second client.
In step 106 and step 107, after receiving the message sent by the proxy server, the authentication server decrypts the encrypted device identifier with the second shared communication key to obtain the device identifier of the first client. The proxy server then queries the database for the stored first session key for the first client using the theme and the device identification of the first client.
Further, the proxy server encrypts the first session key and the device identifier by using the first public key, generates a third ciphertext, and sends the third ciphertext and the third shared communication key to the proxy server.
Further, the proxy server encrypts the first ciphertext and the third ciphertext by using the third shared communication key sent by the authentication server, so as to obtain a fourth ciphertext. The proxy server sends the fourth ciphertext to the second client.
It should be noted that, the first public key is a subscription public key in a subscription public-private key pair corresponding to the second client. Specifically, after receiving the topic and the subscriber terminal, the authentication server generates a subscription public-private key pair for the topic and the subscriber terminal, wherein the generation of the subscription public-private key pair adopts a key algorithm conventional in the art, and the application is not limited in detail herein. The third shared communication key is a shared communication key for the second client generated by the authentication server.
108. And the second client decrypts the fourth ciphertext by using the fourth shared communication key to obtain the first ciphertext and the third ciphertext.
In the step, after receiving the ciphertext sent by the proxy server, the second client decrypts the fourth ciphertext sent by the proxy server by using a fourth shared communication key symmetrical to the third shared communication key, thereby obtaining a third ciphertext and a first ciphertext containing a payload.
By the method, the proxy server can utilize the shared communication key of the subscriber terminal to carry out secondary encryption when forwarding the data published by the publisher, so that the problem that the message is stored and processed in a plaintext form in the proxy server is solved, and the communication safety is improved.
109. And the second client decrypts the third ciphertext by using the first private key to obtain the first session key and the equipment identifier.
In the step, after the second client decrypts the third ciphertext, the first private key is utilized to decrypt the third ciphertext, and the first session key and the equipment identifier of the first client are obtained.
It should be noted that, the first private key is a subscription private key of a subscription public private key generated by the authentication server and aiming at the topic and the subscriber, and the subscription private key is used for decrypting the message encrypted by the subscription public key.
110. The second client decrypts the first ciphertext using the first session key to obtain the payload and the device identifier.
In this step, the second client decrypts the first ciphertext using the first session key to obtain the payload published by the publisher and the device identification of the first client.
By the method, the subscriber receives the ciphertext of the message after secondary encryption, and the original message is obtained by secondary decryption, so that the integrity of the whole release and forwarding process is ensured. Furthermore, the message and the secret key are always in an encrypted state before the subscriber decrypts the message, so that an attacker cannot obtain the original text of the message on the premise that the session secret key of the subscriber is not revealed, and the safety of the whole communication is ensured.
111. The second client compares the device identification decrypted using the first private key with the device identification decrypted using the first session key.
112. If the device identifier decrypted by the first subscription private key is the same as the device identifier decrypted by the first session key, the payload is reserved.
In step 111 and step 112, the device identifier obtained by decrypting the third ciphertext is the device identifier sent by the authentication server to the subscriber terminal through the proxy server, and the device identifier in the first ciphertext is the device identifier in the message of the publisher terminal, so as to avoid falsification of the data by an attacker in the data transmission process, the second client compares whether the device identifier obtained by decrypting the first private key is identical with the device identifier in the message of the publisher terminal, if so, it indicates that the data is complete and not falsified in the data transmission process, and then a payload is reserved, and if not, it indicates that the data is falsified maliciously in the data transmission process, and then the data including the payload is refused.
By the method, the device identifiers in different secrets received by the subscribers are compared, so that the verification of the data transmission safety is realized, the data stored by the most comprehensive subscribers is ensured to be correct, and the safety of the data transmission is effectively improved.
According to the communication method provided by the embodiment of the application, the lightweight key negotiation algorithm is designed, so that the client and the authentication server generate symmetrical shared communication keys based on the lightweight key negotiation algorithm, a safe communication channel is established for the client and the server in the MQTT protocol, on one hand, the keys and the messages are encrypted through the shared communication keys in the communication process, an attacker can only acquire the encrypted messages and session keys, the plaintext of the messages cannot be obtained, namely the corresponding messages cannot be subjected to eavesdrop, leakage and other operations, thereby solving the safety problem when the messages are stored in the plaintext form at the proxy end, improving the key safety, on the other hand, the additional handshake flow is not required to be added like an SSL/TLS scheme to negotiate the keys, the problem that the SSL/TLS scheme needs additional network round trip possibly is solved, the burden on the client in the communication is avoided, the calculation cost and the storage cost of the client are reduced, the portability of the internet of things communication is improved, and the MQTT protocol is better compromised between the performance index and the data safety.
Further, as a refinement and extension of the foregoing embodiment, in order to fully describe a specific implementation procedure of the embodiment, an embodiment of the present application provides another communication method, where the method includes:
201. And responding to the client registration request, and acquiring registration information of a target client included in the client registration request, wherein the target client comprises a first client and a second client.
In the step, when each client registers, a registration request is sent to an authentication center, the authentication center responds to the registration request to acquire the registration information of the target client in the request, so that the authentication center can conveniently compare the root registration information with the registration information of the registered client stored in a database to perform identity verification on the target client and judge whether the target client is legal or not.
It should be noted that the target client may be any client to be registered, where the target client includes a first client of a publisher and a second client of a subscriber.
Optionally, the registration information includes device information such as a device identifier of the target client, a timestamp when registration was initiated, and the like.
202. The authentication server judges whether the target client is registered or not according to the registration information and the client information in the authentication server.
In this step, the authentication server compares the registered information of the target client with the registered client information in the database of the authentication server to determine whether the target client is registered, thereby determining the validity of the target client. Specifically, when the client information in the database does not contain the registration information of the target client, the target client is not registered, the target client is determined to be a trusted legal client, when the client information in the database already contains the registration information of the target client, the target client is determined to be a non-trusted client, and the target client is possibly a client which is maliciously registered by an attacker.
By the method, the registered client information stored in the authentication server database is utilized to carry out identity verification on the target client, and the untrusted client is screened out, so that the security of the proxy server is ensured, and the security of subsequent data transmission is further ensured.
203. And under the condition that the target client is not registered, the authentication server generates an identity of the target client according to the client equipment identity, the first timestamp and the preset parameter information so as to register the target client.
In this step, after determining that the target client is not registered, the authentication center generates a unique identity of the target client according to the target client device identifier, the first timestamp when registration is initiated, and the parameter information of the proxy server.
Optionally, after the authentication center generates the identity of the target client, the generated identity is stored in the database, and each client identity is ensured to be used only once through the identity in the database, so that the untrusted clients are screened, and the security of the connection between the proxy server and the clients is effectively improved.
It should be noted that, the parameter information of the proxy server refers to various parameter indexes of the proxy server when the proxy server is currently running, and IP address information of the proxy server.
204. And the authentication server sends the first prime number, the second prime number and the identity identifier corresponding to the target client.
In the step, after the authentication server completes the registration of the target client, the authentication server generates a first prime number and a second prime number corresponding to the target client, and then sends the first prime number, the second prime number and the identity of the target client to the target client.
It should be noted that, the first prime number and the second prime number of each client are different, and when the target client is registered, two non-duplicate prime numbers are randomly selected as the first prime number and the second prime number of the target client from all the unused prime numbers.
In a specific embodiment, after the authentication server completes the registration of the target client, the authentication server generates two prime numbers m 1、m2 for the target client, and then returns m 1、m2 and the identity ClientToken of the target client to the target client.
205. And the target client generates a first hash value and a first hash abstract according to the identity, the equipment identity and the first timestamp.
In the step, the target client calculates an identity, a device identifier of the target client and a first timestamp by using a hash function to obtain a first hash value. And then, calculating the first hash value, the equipment identifier and the first timestamp to obtain a first hash digest.
By the method, the hash value is obtained by carrying out hash operation on the data sent by the target client and the proxy, the identity of the client and the timestamp, and the identity is issued by the authentication server, so that an attacker cannot obtain the identity and modify the hash value, and the integrity of the data is effectively ensured.
206. The target client sends the device identification, the first timestamp, the first hash value and the first hash digest to the authentication server.
207. The authentication server generates a second hash digest according to the first hash value, the device identification and the first timestamp.
In step 206 and step 207, the target client sends the device identification, the first timestamp, and the generated first hash value and first hash digest to the authentication server. Further, after receiving the information sent by the target client, the authentication server searches the stored identity of the target client in the database through the equipment identifier of the target client, and then carries out hash operation on the first hash value, the equipment identifier and the first timestamp to obtain a second hash abstract.
208. And under the condition that the first hash digest is identical to the second hash digest, the authentication server generates a second hash value according to the equipment identifier and the first timestamp.
In the step, the generated first hash digest is compared with the second hash digest, and if the first hash digest is different from the second hash digest, the first hash digest indicates that an attacker maliciously falsifies the data of the target client, a warning prompt is sent out, and the request of the subsequent client is ignored. Further, if the first hash digest is the same as the second hash digest, the current data security is described, and at this time, the authentication server queries, according to the device identifier of the target client, a stored identity identifier corresponding to the device identifier in the database. And further, carrying out hash operation on the equipment identifier, the stored identity identifier and the first timestamp to obtain a second hash value.
By the method, based on the comparison result of the first hash digest and the second hash digest, whether the data is complete or not is judged, so that the safety of the data is checked before the target client sends the data to the authentication server, replay attacks and man-in-the-middle attacks are effectively resisted, the situation that an attacker maliciously falsifies the data of the target client is avoided, and the safety of data transmission is effectively improved.
In a specific embodiment, the target client calculates the identity ClientToken, the device identifier ClientID and the first timestamp STAMP P1 using a hash function, obtains the first hash value Q Client, and calculates the first hash digest HD P1. Thereafter, the target client sends the relevant necessary ClientID, the first timestamp STAMP P1,QClient and HD P1 to the authentication server. After receiving this information, the authentication server queries ClientToken to the target client via the ClientID, then calculates ClientToken, clientID and STAMP P1 in the same manner to obtain a second hash value Q Client1 of the data, and compares it with the data Q Client sent from the target client to verify the integrity of the data.
209. And under the condition that the first hash value is the same as the second hash value, the authentication server generates a second public-private key pair, a third public-private key pair and a first numerical value, wherein the second public-private key pair comprises a second public key and a second private key, and the third public-private key pair comprises a third public key and a third private key.
In the step, after the authentication server generates the second hash value, the authentication server compares the first hash value with the second hash value, if the first hash value is the same as the second hash value, the authentication server randomly generates a second public key pair and a third public key pair, and simultaneously randomly selects a first numerical value between 0 and the first prime number.
It should be noted that, the authentication server generates a second public-private key pair and a third public-private key pair by using a key generation algorithm that is conventional in the art, where the second public-private key pair includes a second public key and a second private key, and the third public-private key pair includes a third public key and a third private key.
By the method, after the data is verified by the hash digest, the data is verified by the hash value, and as the hash digest is simpler, after the data is tampered according to the hash digest, subsequent operation is not needed, so that the time for data verification is effectively saved, and the efficiency of data security verification is improved. Further, after the data security verification is performed by utilizing the hash digest, the complete hash value is further adopted to verify the client so as to improve the security of the connection between the server and the client.
210. And the authentication server generates a third hash digest according to the third public key, the identity and the second timestamp.
In the step, the authentication server performs hash operation on the third public key, the identity of the target client and the second timestamp to generate a third hash digest. The second timestamp is a timestamp corresponding to the current time.
211. The authentication server sends the second public key, the third public key, the first value, the second timestamp, and the third hash digest to the target client.
In this step, the authentication server transmits the generated second public key, third public key, first numerical value, second timestamp, and third hash digest to the target client.
212. And the target client generates a fourth hash digest according to the second public key, the second timestamp and the identity.
In the step, after receiving the second public key, the third public key, the first numerical value, the second timestamp and the third hash digest, the target client performs hash operation on the second public key, the second timestamp and the identity of the target client to obtain a fourth hash digest.
In an embodiment, after the integrity check of the data is completed, the authentication server generates two pairs of public and private keys, namely, a second public and private key pair (F, F) and a third public and private key pair (R, R), and randomly selects a first value a 1 between (0, m 1). Then, hash calculation is performed by using the second male and female screws R, clientToken of the second pair and the second timestamp STAMP P2 to obtain a third hash digest HD P2. After completion, the authentication server returns the second public key F, the third public key R, a 1、STAMPP2, and the HD P2 of the two pairs of public and private screws to the target client. After the target client receives the data, the received R, STAMP P2 and ClientToken of the target client are calculated by utilizing a hash function, a corresponding fourth hash digest HD P21 is obtained, and the fourth hash digest HD P2 is compared with the corresponding fourth hash digest HD P21 to carry out data integrity verification.
213. And under the condition that the third hash digest is the same as the fourth hash digest, the target client generates a fourth public-private key pair, wherein the fourth public-private key pair comprises a fourth public key and a fourth private key.
In this step, after the target client generates the fourth hash digest, the received third hash digest is compared with the fourth hash digest. After determining that the third hash digest is the same as the fourth hash digest, the target client randomly generates a fourth public-private key pair, and specifically, the fourth public-private key pair includes a fourth public key and a fourth private key.
Optionally, after determining that the third hash digest is identical to the fourth hash digest, the target client randomly selects a second value between 0 and the second prime number, and determines the third timestamp according to the current time.
214. And the target client generates a fifth hash digest according to the fourth public key, the identity and the third timestamp.
In the step, the target client performs hash operation on the generated fourth public key, the self identity and the third timestamp to generate a fifth hash digest.
215. The target client sends the fourth public key, the fifth hash digest, the second value, and the third timestamp to the authentication server.
216. The authentication server generates a sixth hash digest according to the fourth public key, the identity and the third timestamp.
In step 215 and step 216, the target client sends the generated fourth public key, fifth hash digest, second value, and third timestamp to the authentication server. And the authentication server performs hash operation on the received fourth public key, the identification mark and the third timestamp to obtain a sixth hash digest.
In an embodiment, after the target client completes the data verification, the target client randomly generates a pair of fourth public-private key pairs (E, E), and randomly selects a second value a 2 between 0 and m 2. Thereafter, the fourth public key E, the third timestamp STAMP P3, and ClientToken are calculated using a hash function, generating a fifth hash digest HD P3. Then, the target client sends E, a 2、STAMPP3 and HD P3 to the authentication server, and the authentication server calculates the received E, clientToken and STAMP P3 using the hash function to obtain a sixth hash digest HD P31, and compares the sixth hash digest HD P31 with HD P3 to perform data verification.
217. And under the condition that the fifth hash digest is the same as the sixth hash digest, the target client responds to a verification passing instruction sent by the authentication server, and generates a fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value.
In this step, the fifth hash digest generated by the target client is compared with the sixth hash digest generated by the authentication server. And under the condition that the fifth hash digest is the same as the sixth hash digest, the authentication server sends a verification passing instruction to the target client, and the client calculates and obtains a fifth shared communication key special for the target client by using the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value after receiving the verification passing instruction.
By the method, after the integrity and the safety of the data of the client and the authentication server are ensured, the target client calculates the shared communication key, so that the data can be encrypted and communicated by using the shared communication key in the subsequent communication process.
In the embodiment of the present application, optionally, in step 217, a fifth shared communication key corresponding to the target client is generated according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value, specifically including calculating to obtain a first parameter by using a first preset formula according to the first hash digest, the third hash digest and the fifth hash digest;
The first preset formula is:
t=Hash(HDP1||HDP2||HDP3);
Wherein, t is a first parameter, hash is a Hash function, HD P1 is a first Hash digest, HD P2 is a third Hash digest, and HD P3 is a fifth Hash digest;
According to the first prime number and the second prime number, a second parameter is calculated by using a second preset formula;
The second preset formula is:
M=m1×m2;
Wherein M is a second parameter, M 1 is a first prime number, and M 2 is a second prime number;
according to the second parameter, the first prime number and the second prime number, a third preset formula is utilized to calculate and obtain a third parameter;
The third preset formula is:
Wherein M i is a third parameter, and M i is a first prime number or a second prime number;
According to the third parameter, the first prime number and the second prime number, a fourth preset formula is utilized to calculate and obtain a fourth parameter;
the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
Wherein y i is a fourth parameter, mod is a remainder function;
calculating a fifth parameter according to the second parameter, the third parameter, the fourth parameter, the first numerical value and the second numerical value by utilizing a fifth preset formula;
the fifth preset formula is:
x=(a1y1M1+a2y2M2)(mod(M));
Wherein x is a fifth parameter, a 1 is a first value, y 1 is a fourth parameter when i=1, M 1 is a third parameter when i=1, a 2 is a second value, y 2 is a fourth parameter when i=2, and M 2 is a third parameter when i=2;
according to the fifth parameter, the second public key, the third public key and the fourth private key, a fifth shared communication key is obtained through calculation by utilizing a sixth preset formula;
the sixth preset formula is:
shareKeyclient=e(Fx+tR);
wherein shareKey client is a fifth shared communication key, e is a fourth private key, F is a second public key, and R is a third public key.
In this embodiment, first, the first hash digest HD P1, the third hash digest HD P2, and the fifth hash digest HD P3 are hashed to obtain a first parameter t. Thereafter, the first prime number M 1 and the second prime number M 2 are multiplied to obtain a second parameter M, and the second parameter M is divided by M 1 to obtain a third parameter M 1 when i=1, and divided by M 2 to obtain a third parameter M 2 when i=2. Thereafter, fourth parameters y 1 and y 2 are calculated using fourth preset formulas, respectively, and fifth parameter x is calculated using fifth preset formulas. Finally, a fifth shared communication key shareKey client dedicated to the target client is calculated by using a sixth preset formula.
It is understood that the fifth shared communication key includes the first shared communication key and the third shared communication key.
218. And the authentication server responds to a verification confirmation instruction sent by the target client and generates a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value.
In this step, the target client sends a verification confirmation instruction that has been verified by the instruction to the authentication server while generating the fifth shared communication key, and the authentication server generates the sixth shared communication key based on the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value, and the second numerical value after receiving the confirmation instruction of the target client. The sixth shared communication key corresponds to the fifth shared communication key of the target client, and is used for decrypting the data encrypted by the fifth shared communication key.
Optionally, the authentication server encrypts the verification passing instruction by using a fourth public key and then sends the verification passing instruction to the target client, and the target client receives the encrypted instruction and decrypts the encrypted instruction by using a fourth private key to obtain the verification passing instruction. And then, the target client adopts the second public key to verify the confirmation instruction, and sends the encrypted verification confirmation instruction to the authentication server to inform the authentication server that the verification passing instruction is obtained, and the authentication server adopts the second private key to decrypt the verification passing instruction, so that the decrypted verification confirmation instruction is obtained. By encrypting and decrypting the transmitted verification passing instruction and verification confirming instruction, the safety of data transmission is effectively improved.
In the embodiment of the present application, optionally, in step 218, a sixth shared communication key corresponding to the authentication server is generated according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value, specifically including calculating to obtain a first parameter according to the first hash digest, the third hash digest and the fifth hash digest by using a first preset formula, calculating to obtain a second parameter according to the first prime number and the second prime number by using a second preset formula, calculating to obtain a third parameter according to the second parameter, the first prime number and the second prime number by using a third preset formula, and calculating to obtain a fourth parameter by using a fourth preset formula according to the third parameter, the first prime number and the second prime number;
the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
calculating a fifth parameter according to the second parameter, the third parameter, the fourth parameter, the first numerical value and the second numerical value by using a fifth preset formula;
the sixth preset formula is:
shareKeybroker=E(fx+tr);
wherein shareKey broker is a sixth shared communication key, E is a fourth public key, f is a second private key, and t is a third private key.
In this embodiment, first, the first hash digest HD P1, the third hash digest HD P2, and the fifth hash digest HD P3 are hashed to obtain a first parameter t. Thereafter, the first prime number M 1 and the second prime number M 2 are multiplied to obtain a second parameter M, and the second parameter M is divided by M 1 to obtain a third parameter M 1 when i=1, and divided by M 2 to obtain a third parameter M 2 when i=2. Thereafter, fourth parameters y 1 and y 2 are calculated using fourth preset formulas, respectively, and fifth parameter x is calculated using fifth preset formulas. Finally, a sixth shared communication key shareKey broker of the authentication server is calculated using a sixth predetermined formula.
It is understood that the sixth shared communication key includes the second shared communication key and the fourth shared communication key.
By the method, after the target client registers and verifies with the authentication server, the target client and the authentication server generate a safe shared communication key by using a key negotiation algorithm and a lightweight key negotiation method of the residual theory, so that the safety of subsequent data transmission and storage is improved.
219. And responding to the communication request, and acquiring a theme and a payload to be issued on the theme, which are included in the communication request.
In this step, in response to the communication request, the subject issued by the issuer in the communication request and the payload to be issued on the subject are acquired, and it is to be noted that the payload is the specific content of the message to be issued.
Optionally, when the first client/second client needs to connect to the proxy server, authentication needs to be performed to the authentication server, and the authentication server compares connection information such as a device identifier sent by the first client/second client with registration information in the database to verify the identity of the first client/second client, so as to determine whether the first client/second client is an unregistered client or an untrusted client, so as to ensure security of subsequent data transmission.
In a specific embodiment, after the publisher client and the subscriber client register with the authentication server and perform verification, the publisher pub, the subscriber sub, and the authentication server perform key negotiation by using a lightweight key negotiation method, so as to obtain a first shared communication key shareKey pub of the publisher pub, a third shared communication key shareKey sub of the subscriber sub, and a second shared communication key shareKey pbroker and a fourth shared communication key shareKey sbroker of the authentication server. In response to a publication request by a publisher pub, a topic and a payload in the request are obtained.
220. The first client encrypts the payload and the device identification of the first client by using the first session key to generate a first ciphertext.
In this step, the first client is a publisher that publishes the message, and each publisher generates a first session key according to the theme when publishing the message, and then encrypts the payload and the device identifier of the publisher by using the generated first session key to generate a first ciphertext. 221. The first client encrypts the device identifier and the first session key using the first shared communication key, generates an encrypted device identifier and a second session key, and sends the second session key to the authentication server.
In this step, the first client encrypts its device identifier using the first shared communication key to generate an encrypted device identifier. Meanwhile, the first client encrypts the first session key by using the first shared communication key, and generates an encrypted second session key. Thereafter, the encrypted second session key is sent to the authentication server for the authentication server to store the first session key in the database.
222. And the first client generates a message according to the first ciphertext, the theme and the encryption equipment identifier and sends the message to the proxy server.
In the step, the first client encapsulates the encrypted first ciphertext, the theme and the encrypted encryption equipment identifier into a message, and sends the message to the proxy server.
In a specific embodiment, the publisher pub generates a first session key encKey T1 at random according to the topic, encrypts the payload pt of the message to be published on the topic T1 and the device identifier ClientID with encKey T1 to generate a ciphertext first ciphertext ct T1, encrypts the first session key encKey T1 with the first shared communication key shareKey pub to generate an encrypted second session key pEncKey T1, and encrypts the device identifier ClientID with the first shared communication key shareKey pub to generate an encrypted device identifier CTCLIENTID. Further, the publisher pub encapsulates the encrypted ciphertext first ciphertext ct T1, the subject T1, and the subject CTCLIENTID into a message PUBLISH to be sent to the proxy server, and then sends the encrypted second session key pEncKey T1 to the authentication server.
223. And the proxy server determines the theme and a second client corresponding to the theme according to the message, and sends the theme, the second client and the encryption equipment identifier to the authentication server.
In the step, after receiving the message sent by the first client, the proxy server analyzes the message to determine the topic to which the message sent by the first client belongs, and then queries a second client, namely a subscriber, corresponding to the topic. After the subscriber is determined, the proxy server sends the theme, the encryption equipment identification of the second client and the first client to the authentication server.
224. The authentication server generates a third ciphertext according to the second shared communication key, the theme, the encrypted device identifier, and the first public key, and sends the third ciphertext to the proxy server.
225. And the proxy server encrypts the first ciphertext and the third ciphertext by using the third shared communication key, generates a fourth ciphertext, and sends the fourth ciphertext to the second client.
In step 224 and step 225, after receiving the message sent by the proxy server, the authentication server decrypts the encrypted device identifier with the second shared communication key to obtain the device identifier of the first client. The proxy server then queries the database for the stored first session key for the first client using the theme and the device identification of the first client. Further, the proxy server encrypts the first session key and the device identifier by using the first public key, generates a third ciphertext, and sends the third ciphertext and the third shared communication key to the proxy server. Further, the proxy server encrypts the first ciphertext and the third ciphertext by using the third shared communication key sent by the authentication server, so as to obtain a fourth ciphertext. The proxy server sends the fourth ciphertext to the second client.
In the embodiment of the present application, optionally, in step 224, that is, the authentication server generates a third ciphertext according to the second shared communication key, the theme, the encrypted device identifier and the first public key, and sends the third ciphertext to the proxy server, where the authentication server decrypts the encrypted device identifier by using the second shared communication key to obtain the device identifier of the first client; the authentication server utilizes the theme and the equipment identifier to determine a first session key, generates a first public-private key pair according to the theme and the second client, wherein the first public-private key pair comprises a first public key and a first private key, encrypts the first private key by utilizing a third shared communication key and sends the encrypted first private key to the second client, encrypts the first session key and the equipment identifier by utilizing the first public key to generate a third ciphertext, and sends the third ciphertext to the proxy server.
In a specific embodiment, after receiving the PUBLISH sent by the publisher pub, the proxy server analyzes, through a message header, that the message sent by the publisher pub belongs to the topic T1, and then queries the subscriber sub who obtains the topic T1. The proxy server sends the topic T1, the subscriber sub and the encrypted device identifier CTCLIENTID to the authentication server. The authentication server, upon receiving the encrypted second session key pEncKeyT1 transmitted by the issuer, decrypts the first session key encKeyT1 using the second shared communications key shareKey pbroker and stores it. Further, after receiving the message sent by the proxy server, the authentication server decrypts CTCLIENTID the message using the second shared communication key shareKey pbroker to obtain the ClientID, and then finds the first session key encKeyT using the topic T1 and the ClientID. The authentication server then generates a first public-private key pair, the subscription public-private key pair (Y, Y), for the topic T1 and the subscriber sub. Encrypting the first session key encKeyT and the device identification ClientID using the first public key Y generates an encrypted third ciphertext ctkey T1ID. Thereafter, the encrypted third ciphertext ctkey T1ID and the third shared communication key shareKey sbroker are sent to the proxy server, and the first private key y is encrypted by using the third shared communication key shareKey sbroker to obtain an encrypted first private key, which is sent to the subscriber sub. Further, the proxy server encrypts the first ciphertext ct T1 including the payload and the encrypted third ciphertext ctkey T1ID, which are issued by the publisher pub and previously forwarded to the subscriber sub, by using the third preset communication key shareKey sbroker to obtain a fourth ciphertext. The proxy server fourth ciphertext is sent to the subscriber sub.
226. And the second client decrypts the fourth ciphertext by using the fourth shared communication key to obtain the first ciphertext and the third ciphertext.
In the step, after receiving the ciphertext sent by the proxy server, the second client decrypts the fourth ciphertext sent by the proxy server by using a fourth shared communication key symmetrical to the third shared communication key, thereby obtaining a third ciphertext and a first ciphertext containing a payload.
227. And the second client decrypts the third ciphertext by using the first private key to obtain the first session key and the equipment identifier.
In the step, after the second client decrypts the third ciphertext, the first private key is utilized to decrypt the third ciphertext, and the first session key and the equipment identifier of the first client are obtained.
228. The second client decrypts the first ciphertext by using the first session key to obtain the payload and the identity.
In this step, the second client decrypts the first ciphertext using the first session key to obtain the payload published by the publisher and the device identification of the first client.
229. The second client compares the device identification decrypted using the first private key with the device identification decrypted using the first session key.
230. If the device identifier decrypted by the first subscription private key is the same as the device identifier decrypted by the first session key, the payload is reserved.
In step 229 and step 230, the device identifier obtained by decrypting the third ciphertext is the device identifier sent by the authentication server to the subscriber terminal through the proxy server, and the device identifier in the first ciphertext is the device identifier in the message of the publisher terminal, so as to avoid falsification of the data by an attacker in the data transmission process, the second client compares whether the device identifier obtained by decrypting the first private key is identical with the device identifier in the message of the publisher terminal, if so, it indicates that the data is complete and not falsified in the data transmission process, and then a payload is reserved, and if not, it indicates that the data is falsified maliciously in the data transmission process, and then the data including the payload is refused.
Further, as shown in fig. 2, as a specific implementation of the method described in fig. 1, an embodiment of the present application provides a communication apparatus 200, which is suitable for a communication system, where the communication system includes a first client, a second client, a proxy server, and an authentication server, and the apparatus includes an obtaining module 201 configured to obtain a theme included in the communication request and a payload to be distributed on the theme in response to the communication request, a generating module 202 configured to encrypt a device identifier of the payload and the first client by using a first session key to generate a first ciphertext, the generating module 202 is further configured to encrypt the device identifier and the second session key by using a first shared communication key to generate an encrypted device identifier and a second session key, and send the second session key to the authentication server, the generating module 202 is further configured to generate a message according to the first ciphertext, the theme, and the encrypted device identifier, and send the message to the authentication server, the determining module 203 is configured to determine a second client corresponding to the theme and the theme according to the message, the proxy server is further configured to send the second client, the second client and the shared device identifier to the first shared device identifier to the authentication server, and the first shared device identifier is further configured to generate a second ciphertext by using the first client and the first shared communication key to the first shared device identifier and the second shared device, and the second ciphertext is further configured to generate a second ciphertext by using the first shared device identifier and the first shared device and the second shared device identifier to the authentication server, and the second ciphertext is further configured to generate a second ciphertext and the second ciphertext is further configured to be sent to the authentication server, the method comprises the steps of obtaining a first ciphertext and a third ciphertext, generating a module 202, further used for decrypting the third ciphertext by a second client to obtain a first session key and a device identifier, generating the module 202, further used for decrypting the first ciphertext by the second client to obtain a payload and the device identifier by the first session key, comparing the device identifier obtained by decrypting the first private key with the device identifier obtained by decrypting the first session key by the second client, and storing the payload if the device identifier obtained by decrypting the first subscription private key is identical to the device identifier obtained by decrypting the first session key by the storage module 205.
Optionally, the generating module 202 is specifically configured to decrypt the encrypted device identifier by using the second shared communication key to obtain a device identifier of the first client, determine the first session key by using the theme and the device identifier by using the authentication server, generate a first public-private key pair according to the theme and the second client, where the first public-private key pair includes the first public key and the first private key, encrypt the first private key by using the third shared communication key by using the authentication server, and send the encrypted first private key to the second client, encrypt the first session key and the device identifier by using the first public key by using the authentication server to generate a third ciphertext, and send the third ciphertext to the proxy server by using the authentication server.
Optionally, the obtaining module 201 is further configured to obtain, in response to the client registration request, registration information of a target client included in the client registration request, where the target client is the first client or the second client.
Optionally, the apparatus further comprises a judging module 206, configured to judge, by the authentication server, whether the target client is registered according to the registration information and the client information in the authentication server.
Optionally, the generating module 202 is further configured to, if the target client is not registered, generate an identity of the target client according to the client device identifier, the first timestamp and the preset parameter information, so as to register the target client.
Optionally, the device further comprises a sending module 207, configured to send, by the authentication server, the first prime number, the second prime number, and the identity corresponding to the target client.
Optionally, the generating module 202 is further configured to generate the first hash value and the first hash digest according to the identity, the device identifier and the first timestamp by the target client.
Optionally, the sending module 207 is further configured to send the device identifier, the first timestamp, the first hash value and the first hash digest to the authentication server by the target client.
Optionally, the generating module 202 is further configured to generate a second hash value according to the device identifier and the first timestamp when the first hash digest is the same as the second hash digest, generate a second public-private key pair, a third public-private key pair and the first numerical value when the first hash value is the same as the second hash value, wherein the second public-private key pair includes the second public key and the second private key, and the third public-private key pair includes the third public key and the third private key, and generate the third hash digest according to the third public key, the identity identifier and the second timestamp.
Optionally, the sending module 207 is further configured to send the second public key, the third public key, the first numerical value, the second timestamp, and the third hash digest to the target client by using the authentication server.
Optionally, the generating module 202 is further configured to generate a fourth hash digest according to the second public key, the second timestamp and the identity, generate a fourth public-private key pair by the target client if the third hash digest is the same as the fourth hash digest, where the fourth public-private key pair includes the fourth public key and the fourth private key, and generate a fifth hash digest by the target client according to the fourth public key, the identity and the third timestamp.
Optionally, the sending module 207 is further configured to send the fourth public key, the fifth hash digest, the second numerical value, and the third timestamp to the authentication server by the target client.
Optionally, the generating module 202 is further configured to generate a sixth hash digest according to the fourth public key, the identity identifier and the third timestamp, generate, by the authentication server, a fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value in response to a verification passing instruction sent by the authentication server, and generate, by the authentication server, a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value in response to a verification passing instruction sent by the authentication server.
Optionally, the generating module 202 is further specifically configured to calculate, according to the first hash digest, the third hash digest, and the fifth hash digest, a first parameter according to a first preset formula, where the first preset formula is:
t=Hash(HDP1||HDP2||HDP3);
The method comprises the steps of taking t as a first parameter, taking Hash as a Hash function, taking HD P1 as a first Hash digest, taking HD P2 as a third Hash digest, taking HD P3 as a fifth Hash digest, and calculating to obtain a second parameter according to a first prime number and a second prime number by using a second preset formula, wherein the second preset formula is as follows:
M=m1×m2;
Wherein M is a second parameter, M 1 is a first prime number, M 2 is a second prime number, a third parameter is calculated according to the second parameter, the first prime number and the second prime number by using a third preset formula, and the third preset formula is:
Wherein M i is a third parameter, M i is a first prime number or a second prime number, a fourth parameter is calculated by a fourth preset formula according to the third parameter, the first prime number and the second prime number, and the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
Wherein y i is a fourth parameter, mod is a residual function, and a fifth parameter is calculated according to the second parameter, the third parameter, the fourth parameter, the first value and the second value by using a fifth preset formula, wherein the fifth preset formula is:
x=(a1y1M1+a2y2M2)(mod(M));
Wherein x is a fifth parameter, a 1 is a first value, y 1 is a fourth parameter when i=1, M 1 is a third parameter when i=1, a 2 is a second value, y 2 is a fourth parameter when i=2, M 2 is a third parameter when i=2, a fifth shared communication key is calculated according to the fifth parameter, the second public key, the third public key, and the fourth private key using a sixth predetermined formula, and the sixth predetermined formula is:
shareKeyclient=e(Fx+tR);
wherein shareKey client is a fifth shared communication key, e is a fourth private key, F is a second public key, and R is a third public key.
Optionally, the generating module 202 is further specifically configured to calculate a first parameter according to a first preset formula according to the first hash digest, the third hash digest, and the fifth hash digest, calculate a second parameter according to a second preset formula according to the first prime number and the second prime number, calculate a third parameter according to the second parameter, the first prime number, and the second prime number, and calculate a fourth parameter according to the third parameter, the first prime number, and the second prime number, and calculate a fourth parameter according to a fourth preset formula, where the fourth preset formula is:
yi=Mi -1(mod(mi))(i=1、2);
calculating a fifth parameter according to the second parameter, the third parameter, the fourth parameter, the first numerical value and the second numerical value by using a fifth preset formula, calculating a fifth shared communication key according to the fifth parameter, the second private key, the third private key and the fourth public key by using a sixth preset formula, wherein the sixth preset formula is as follows:
shareKeybroker=E(fx+tr);
wherein shareKey broker is a sixth shared communication key, E is a fourth public key, f is a second private key, and t is a third private key.
According to an embodiment of the present invention, there is provided a communication system including the above communication method.
In the embodiment of the application, the communication system further comprises a first client, a second client, a proxy server and an authentication server, wherein the first client is used for publishing messages, the first client is in communication connection with the authentication server, the first client is in communication connection with the proxy server, the second client is used for receiving messages of subscribed topics, and the second client is in communication connection with the proxy server.
In this embodiment, the communication system includes a first client, a second client, a proxy server, and an authentication server. It should be noted that the first client is a client for publishing a message, the second client is a client for receiving a subscribed message on a topic, the proxy server is a server with a message storage processing function, and the authentication server is a trusted third party mechanism with a message security authentication function.
Specifically, the first client is a client for issuing a message, registers to the authentication server, and performs lightweight key negotiation with the authentication server to obtain a secure shared communication key. The publisher randomly generates a session key to encrypt original text data aiming at the theme, transmits the encrypted session key to the proxy server, and transmits the encrypted session key to the authentication server by utilizing the shared communication key. Because the message is in an encrypted state before transmission, on the premise that the session key is not revealed, an attacker has difficulty in acquiring the original text of the message.
Further, the second client is a client that receives messages on the subscribed topic. The subscriber receives the subscription private key sent by the authentication server and the encrypted data sent by the proxy server. The subscriber decrypts the data sent by the proxy server with its own shared communication key to obtain the encrypted session key and the session key encrypted data. And then decrypting the received private key sent by the authentication server to obtain a session key, thereby obtaining the original text sent by the publisher. As with the publisher, since the message is already in an encrypted state prior to transmission, it is difficult for an attacker to obtain the original text of the message without revealing the session key.
Further, the authentication server is used for registration of clients (publishers/subscribers), identity authentication, and calculation generation of keys and related information storage. The authentication server receives the encrypted session key transmitted by the issuer and decrypts the store using the issuer shared communications key. And then the authentication server generates a subscription public and private key with the topic as granularity according to the topic sent by the proxy server and the subscriber subscribing to the topic, and sends the subscription private key to the subscriber by using the subscriber sharing communication key. The session key is then encrypted with the subscription public key and sent to the proxy server side in a shared communication with the subscriber. Specifically, as shown in fig. 3, the authentication server mainly includes a registration management center, an identity authentication center, a key agreement generation center, and a database. The publishing/subscriber device registers with the authentication server through the client, and the identity authentication center authenticates the client to judge whether the client is legal or not. And when the client is determined to be unregistered, the registration management center registers the client, generates an identity and stores the identity in a database. Further, after the registration is successful, a key negotiation generating center of the authentication server generates a shared communication key for each device, so that safe transmission and storage processing of data are ensured. By transferring the key generation operation from the client to the authentication server, the calculation amount of the client and the key storage amount are reduced.
Further, the proxy server is used for forwarding message data to subscribers and storing and processing data transmitted by publishers. And the proxy server verifies the security of the data after receiving the data, and after the verification is passed, the topic plus the subscriber of the topic is analyzed and sent to the authentication server. When the proxy server transmits the message to the subscriber, the subscriber sharing communication key sent by the authentication server is used for encrypting data, and the session key encrypted by the subscription public key is added to the encrypted data for transmitting to the subscriber.
Alternatively, as shown in fig. 4, the communication flow between the first client and the proxy server is unidirectional, i.e. from the first client to the proxy server, and an attacker cannot steal the encryption key since the session key is randomly generated by the first client. In the transmission process, the secret key and the message are encrypted, an attacker can only acquire the encrypted message and the secret key of the message, the plaintext of the message can not be obtained, and the operations such as interception, leakage and the like can not be carried out on the corresponding message. This also ensures the security of the data during transmission.
Further, as shown in fig. 4, the communication between the proxy server and the authentication server is bidirectional, and the request and response processes of the process key are mainly performed between the proxy server and the authentication server, and the problem that the proxy server and the authentication server do not have the hardware limitation of the client in the internet of things environment, such as the memory and the computing capacity limitation, can be completely solved by the existing scheme, namely the SSL/TLS protocol scheme. Because of the SSL/TLS protocol scheme, the corresponding attack means cannot be validated. In addition, even if the proxy server is invaded, because the data transmitted in the whole communication process are encrypted, an attacker can only acquire the shared communication key returned by the authentication server and the encrypted session key of the subscriber end, and for the shared communication key, the issuer end or the encryption key of the subscriber end cannot be independently deduced through the shared communication key, so that the attacker cannot decrypt and obtain the original message through the shared communication key. For the encrypted session key of the subscriber terminal, the shared communication key generated by the subscriber terminal needs to be obtained first for decryption, but the shared communication key of the subscriber terminal is unique, so that the security of the data in the aspect of storage processing is ensured.
Further, as shown in fig. 4, the communication between the proxy server and the second client is unidirectional, and the proxy server forwards and pushes the message ciphertext and the encrypted session key to the corresponding second client. In the transmission process, the session key and the corresponding message ciphertext are in an encryption state, and an attacker cannot reversely push out the corresponding plaintext according to the ciphertext alone, but can only indirectly obtain the plaintext content by cracking the encryption key. The session key is encrypted by the related shared communication key, and only the second client can calculate and derive the corresponding shared communication key. Therefore, an attacker cannot acquire the original plaintext message content, so that the security of the data in transmission is ensured.
According to one embodiment of the present invention, there is provided a storage medium storing at least one executable instruction that can perform the communication method of any of the above-described method embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the present application may be implemented in hardware, or may be implemented by means of software plus necessary general hardware platforms. Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.), and includes several instructions for causing a computer device (may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective implementation scenario of the present application.
Those skilled in the art will appreciate that the drawing is merely a schematic illustration of a preferred implementation scenario and that the modules or flows in the drawing are not necessarily required to practice the application.
Those skilled in the art will appreciate that modules in an apparatus in an implementation scenario may be distributed in an apparatus in an implementation scenario according to an implementation scenario description, or that corresponding changes may be located in one or more apparatuses different from the implementation scenario. The modules of the implementation scenario may be combined into one module, or may be further split into a plurality of sub-modules.
The above-mentioned inventive sequence numbers are merely for description and do not represent advantages or disadvantages of the implementation scenario.
The foregoing disclosure is merely illustrative of some embodiments of the application, and the application is not limited thereto, as modifications may be made by those skilled in the art without departing from the scope of the application.

Claims (10)

1.一种通信方法,其特征在于,适用于通信系统,其中,所述通信系统包括第一客户端、第二客户端、代理服务器和认证服务器,所述方法包括:1. A communication method, characterized in that it is applicable to a communication system, wherein the communication system includes a first client, a second client, a proxy server and an authentication server, and the method includes: 响应于通信请求,获取所述通信请求中包括的主题和所述主题上待发布的有效荷载;In response to a communication request, obtaining a topic included in the communication request and a valid load to be published on the topic; 所述第一客户端利用第一会话密钥,对所述有效荷载和所述第一客户端的设备标识进行加密,生成第一密文;The first client encrypts the payload and the device identifier of the first client using the first session key to generate a first ciphertext; 所述第一客户端利用第一共享通信密钥对所述设备标识和所述第一会话密钥进行加密,生成加密设备标识和第二会话密钥,并将所述第二会话密钥发送至所述认证服务器;The first client encrypts the device identification and the first session key using the first shared communication key to generate an encrypted device identification and a second session key, and sends the second session key to the authentication server; 所述第一客户端根据所述第一密文、所述主题和所述加密设备标识,生成消息报文,并发送至所述代理服务器;The first client generates a message according to the first ciphertext, the subject and the encryption device identifier, and sends the message to the proxy server; 所述代理服务器根据所述消息报文,确定所述主题和所述主题对应的第二客户端,并将所述主题、所述第二客户端和所述加密设备标识发送至所述认证服务器;The proxy server determines the subject and the second client corresponding to the subject according to the message, and sends the subject, the second client and the encryption device identifier to the authentication server; 所述认证服务器根据第二共享通信密钥、所述主题、所述加密设备标识和第一公钥,生成第三密文,并发送至所述代理服务器;The authentication server generates a third ciphertext according to the second shared communication key, the subject, the encryption device identifier and the first public key, and sends the third ciphertext to the proxy server; 所述代理服务器利用第三共享通信密钥对所述第一密文和所述第三密文进行加密,生成第四密文,并发送至所述第二客户端;The proxy server encrypts the first ciphertext and the third ciphertext using a third shared communication key to generate a fourth ciphertext, and sends the fourth ciphertext to the second client; 所述第二客户端利用第四共享通信密钥,对所述第四密文进行解密,得到所述第一密文和所述第三密文;The second client uses the fourth shared communication key to decrypt the fourth ciphertext to obtain the first ciphertext and the third ciphertext; 所述第二客户端利用第一私钥,对所述第三密文进行解密,得到所述第一会话密钥和设备标识;The second client uses the first private key to decrypt the third ciphertext to obtain the first session key and the device identifier; 所述第二客户端利用所述第一会话密钥对所述第一密文进行解密,得到所述有效荷载和设备标识;The second client decrypts the first ciphertext using the first session key to obtain the effective load and the device identifier; 所述第二客户端将利用第一私钥解密得到的设备标识与利用所述第一会话密钥解密得到的设备标识进行比较;The second client compares the device identification obtained by decrypting using the first private key with the device identification obtained by decrypting using the first session key; 若利用第一订阅私钥解密得到的设备标识与利用所述第一会话密钥解密得到的设备标识相同,保留所述有效荷载。If the device identification obtained by decrypting using the first subscription private key is the same as the device identification obtained by decrypting using the first session key, the effective load is retained. 2.根据权利要求1所述的通信方法,其特征在于,所述认证服务器根据第二共享通信密钥、所述主题、所述加密设备标识和第一公钥,生成第三密文,并发送至所述代理服务器的步骤,具体包括:2. The communication method according to claim 1, characterized in that the authentication server generates a third ciphertext according to the second shared communication key, the subject, the encryption device identifier and the first public key, and sends the third ciphertext to the proxy server, specifically comprising: 所述认证服务器利用所述第二共享通信密钥对所述加密设备标识进行解密,得到所述第一客户端的设备标识;The authentication server decrypts the encrypted device identification using the second shared communication key to obtain the device identification of the first client; 所述认证服务器利用所述主题和所述设备标识,确定所述第一会话密钥;The authentication server determines the first session key using the subject and the device identifier; 所述认证服务器根据所述主题和所述第二客户端,生成第一公私钥对,其中,所述第一公私钥对包括第一公钥和第一私钥;The authentication server generates a first public-private key pair according to the subject and the second client, wherein the first public-private key pair includes a first public key and a first private key; 所述认证服务器利用所述第三共享通信密钥对所述第一私钥进行加密,并将加密后的第一私钥发送至所述第二客户端;The authentication server encrypts the first private key using the third shared communication key, and sends the encrypted first private key to the second client; 所述认证服务器利用所述第一公钥对所述第一会话密钥和所述设备标识进行加密,生成所述第三密文;The authentication server encrypts the first session key and the device identification using the first public key to generate the third ciphertext; 所述认证服务器将所述第三密文发送至所述代理服务器。The authentication server sends the third ciphertext to the proxy server. 3.根据权利要求1所述的通信方法,其特征在于,响应于通信请求,获取所述通信请求中包括的主题和所述主题上待发布的有效荷载之前,所述方法还包括:3. The communication method according to claim 1, characterized in that, before obtaining the subject included in the communication request and the effective load to be published on the subject in response to the communication request, the method further comprises: 响应于客户端注册请求,获取所述客户端注册请求中包括的目标客户端的注册信息,其中,所述目标客户端为第一客户端或第二客户端;In response to a client registration request, obtaining registration information of a target client included in the client registration request, wherein the target client is the first client or the second client; 所述认证服务器根据所述注册信息和所述认证服务器内的客户端信息,判断所述目标客户端是否被注册;The authentication server determines whether the target client is registered according to the registration information and the client information in the authentication server; 在所述目标客户端未被注册的情况下,所述认证服务器根据客户端设备标识、第一时间戳和预设参数信息,生成所述目标客户端的身份标识,以对所述目标客户端进行注册。In the case that the target client is not registered, the authentication server generates an identity identifier of the target client according to the client device identifier, the first timestamp and preset parameter information to register the target client. 4.根据权利要求3所述的通信方法,其特征在于,所述认证服务器根据客户端设备标识、第一时间戳和预设参数信息,生成所述目标客户端的身份标识,以对所述目标客户端进行注册之后,所述方法还包括:4. The communication method according to claim 3, characterized in that after the authentication server generates the identity identifier of the target client according to the client device identifier, the first timestamp and the preset parameter information to register the target client, the method further comprises: 所述认证服务器将所述目标客户端对应的第一素数、第二素数和所述身份标识发送至所述目标客户端;The authentication server sends the first prime number, the second prime number and the identity identifier corresponding to the target client to the target client; 所述目标客户端根据所述身份标识、设备标识和所述第一时间戳,生成第一哈希值和第一哈希摘要;The target client generates a first hash value and a first hash digest according to the identity identifier, the device identifier and the first timestamp; 所述目标客户端将所述设备标识、所述第一时间戳、所述第一哈希值和所述第一哈希摘要发送至所述认证服务器;The target client sends the device identification, the first timestamp, the first hash value and the first hash digest to the authentication server; 所述认证服务器根据所述第一哈希值、所述设备标识和所述第一时间戳,生成第二哈希摘要;The authentication server generates a second hash digest according to the first hash value, the device identifier and the first timestamp; 在所述第一哈希摘要与所述第二哈希摘要相同的情况下,所述认证服务器根据所述设备标识和所述第一时间戳,生成第二哈希值;When the first hash digest is the same as the second hash digest, the authentication server generates a second hash value according to the device identifier and the first timestamp; 在所述第一哈希值和所述第二哈希值相同的情况下,所述认证服务器生成第二公私钥对、第三公私钥对和第一数值,其中,所述第二公私钥对包括第二公钥和第二私钥、第三公私钥对包括第三公钥和第三私钥;When the first hash value and the second hash value are the same, the authentication server generates a second public-private key pair, a third public-private key pair, and a first value, wherein the second public-private key pair includes a second public key and a second private key, and the third public-private key pair includes a third public key and a third private key; 所述认证服务器根据所述第三公钥、所述身份标识和第二时间戳,生成第三哈希摘要;The authentication server generates a third hash digest according to the third public key, the identity identifier, and the second timestamp; 所述认证服务器将所述第二公钥、所述第三公钥、所述第一数值、所述第二时间戳和所述第三哈希摘要发送至所述目标客户端;The authentication server sends the second public key, the third public key, the first value, the second timestamp and the third hash digest to the target client; 所述目标客户端根据所述第二公钥、所述第二时间戳和所述身份标识,生成第四哈希摘要;The target client generates a fourth hash digest according to the second public key, the second timestamp and the identity identifier; 在所述第三哈希摘要与所述第四哈希摘要相同的情况下,所述目标客户端生成第四公私钥对,其中,所述第四公私钥对包括第四公钥和第四私钥;When the third hash digest is the same as the fourth hash digest, the target client generates a fourth public-private key pair, wherein the fourth public-private key pair includes a fourth public key and a fourth private key; 在确定所述第三哈希摘要与所述第四哈希摘要相同后,所述目标客户端在0与第二素数之间随机选取一个第二数值,且根据当前时间确定第三时间戳;After determining that the third hash digest is the same as the fourth hash digest, the target client randomly selects a second value between 0 and a second prime number, and determines a third timestamp according to the current time; 所述目标客户端根据所述第四公钥、所述身份标识和所述第三时间戳,生成第五哈希摘要;The target client generates a fifth hash digest according to the fourth public key, the identity identifier and the third timestamp; 所述目标客户端将所述第四公钥、所述第五哈希摘要、所述第二数值和所述第三时间戳发送至所述认证服务器;The target client sends the fourth public key, the fifth hash digest, the second value and the third timestamp to the authentication server; 所述认证服务器根据所述第四公钥、所述身份标识和所述第三时间戳,生成第六哈希摘要;The authentication server generates a sixth hash digest according to the fourth public key, the identity identifier and the third timestamp; 在所述第五哈希摘要与所述第六哈希摘要相同的情况下,所述目标客户端响应于所述认证服务器发送的验证通过指令,根据第一哈希摘要、第三哈希摘要、第五哈希摘要、第一素数、第二素数、第二公钥、第三公钥、第四私钥、第一数值和第二数值,生成所述目标客户端对应的第五共享通信密钥;When the fifth hash digest is the same as the sixth hash digest, the target client generates a fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second prime number, the second public key, the third public key, the fourth private key, the first numerical value, and the second numerical value in response to the verification pass instruction sent by the authentication server; 所述认证服务器响应于所述目标客户端发送的验证确认指令,根据第一哈希摘要、第三哈希摘要、第五哈希摘要、第一素数、第二素数、第二私钥、第三私钥、第四公钥、第一数值和第二数值,生成所述认证服务器对应的第六共享通信密钥。The authentication server responds to the verification confirmation instruction sent by the target client, and generates a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value. 5.根据权利要求4所述的通信方法,其特征在于,根据第一哈希摘要、第三哈希摘要、第五哈希摘要、第一素数、第二素数、第二公钥、第三公钥、第四私钥、第一数值和第二数值,生成所述目标客户端对应的第五共享通信密钥的步骤,具体包括:5. The communication method according to claim 4, characterized in that the step of generating a fifth shared communication key corresponding to the target client according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second prime number, the second public key, the third public key, the fourth private key, the first numerical value and the second numerical value specifically comprises: 根据所述第一哈希摘要、所述第三哈希摘要和所述第五哈希摘要,利用第一预设公式,计算得到第一参数;According to the first hash digest, the third hash digest and the fifth hash digest, a first parameter is calculated using a first preset formula; 所述第一预设公式为:The first preset formula is: t=Hash(HDP1||HDP2||HDP3);t=Hash(HD P1 ||HD P2 ||HD P3 ); 其中,上述t为第一参数;上述Hash为哈希函数;上述HDP1为第一哈希摘要;上述HDP2为第三哈希摘要;上述HDP3为第五哈希摘要;Wherein, the above t is the first parameter; the above Hash is the hash function; the above HD P1 is the first hash summary; the above HD P2 is the third hash summary; the above HD P3 is the fifth hash summary; 根据所述第一素数和所述第二素数,利用第二预设公式,计算得到第二参数;According to the first prime number and the second prime number, a second parameter is calculated using a second preset formula; 所述第二预设公式为:The second preset formula is: M=m1×m2M = m 1 × m 2 ; 其中,上述M为第二参数;上述m1为第一素数;上述m2为第二素数;Wherein, the above M is the second parameter; the above m 1 is the first prime number; the above m 2 is the second prime number; 根据所述第二参数、所述第一素数和所述第二素数,利用第三预设公式,计算得到第三参数;A third parameter is calculated using a third preset formula according to the second parameter, the first prime number and the second prime number; 所述第三预设公式为:The third preset formula is: ; 其中,上述Mi为第三参数,上述mi为第一素数或第二素数;Wherein, the above Mi is the third parameter, and the above mi is the first prime number or the second prime number; 根据所述第三参数、所述第一素数和所述第二素数,利用第四预设公式,计算得到第四参数;A fourth parameter is calculated using a fourth preset formula according to the third parameter, the first prime number and the second prime number; 所述第四预设公式为:The fourth preset formula is: yi=Mi -1(mod(mi))(i=1、2);y i =M i -1 (mod (m i )) (i=1, 2); 其中,上述yi为第四参数;上述mod为求余函数;Wherein, the above yi is the fourth parameter; the above mod is the remainder function; 根据所述第二参数、所述第三参数、所述第四参数、所述第一数值和所述第二数值,利用第五预设公式,计算第五参数;Calculate a fifth parameter using a fifth preset formula according to the second parameter, the third parameter, the fourth parameter, the first value and the second value; 所述第五预设公式为:The fifth preset formula is: x=(a1y1M1+a2y2M2)(mod(M));x=(a 1 y 1 M 1 +a 2 y 2 M 2 )(mod(M)); 其中,上述x为第五参数;上述a1为第一数值;上述y1为i=1时的第四参数;上述M1为i=1时的第三参数;上述a2为第二数值;上述y2为i=2时的第四参数;上述M2为i=2时的第三参数;Wherein, the above x is the fifth parameter; the above a1 is the first value; the above y1 is the fourth parameter when i=1; the above M1 is the third parameter when i= 1 ; the above a2 is the second value; the above y2 is the fourth parameter when i=2; the above M2 is the third parameter when i=2; 根据所述第五参数、所述第二公钥、所述第三公钥和所述第四私钥,利用第六预设公式,计算得到所述第五共享通信密钥;The fifth shared communication key is calculated using a sixth preset formula according to the fifth parameter, the second public key, the third public key and the fourth private key; 所述第六预设公式为:The sixth preset formula is: shareKeyclient=e(Fx+tR);shareKey client =e(Fx+tR); 其中,上述shareKeyclient为第五共享通信密钥;上述e为第四私钥;上述F为第二公钥;上述R为第三公钥。Among them, the above-mentioned shareKey client is the fifth shared communication key; the above-mentioned e is the fourth private key; the above-mentioned F is the second public key; and the above-mentioned R is the third public key. 6.根据权利要求5所述的通信方法,其特征在于,根据第一哈希摘要、第三哈希摘要、第五哈希摘要、第一素数、第二素数、第二私钥、第三私钥、第四公钥、第一数值和第二数值,生成所述认证服务器对应的第六共享通信密钥的步骤,具体包括:6. The communication method according to claim 5, characterized in that the step of generating a sixth shared communication key corresponding to the authentication server according to the first hash digest, the third hash digest, the fifth hash digest, the first prime number, the second prime number, the second private key, the third private key, the fourth public key, the first numerical value and the second numerical value specifically comprises: 根据所述第一哈希摘要、所述第三哈希摘要和所述第五哈希摘要,利用所述第一预设公式,计算得到第一参数;According to the first hash digest, the third hash digest and the fifth hash digest, using the first preset formula, calculate a first parameter; 根据所述第一素数和所述第二素数,利用所述第二预设公式,计算得到第二参数;According to the first prime number and the second prime number, using the second preset formula, a second parameter is calculated; 根据所述第二参数、所述第一素数和所述第二素数,利用所述第三预设公式,计算得到第三参数;According to the second parameter, the first prime number and the second prime number, a third parameter is calculated using the third preset formula; 根据所述第三参数、所述第一素数和所述第二素数,利用所述第四预设公式,计算得到第四参数;According to the third parameter, the first prime number and the second prime number, a fourth parameter is calculated using the fourth preset formula; 所述第四预设公式为:The fourth preset formula is: yi=Mi -1(mod(mi))(i=1、2);y i =M i -1 (mod (m i )) (i=1, 2); 根据所述第二参数、所述第三参数、所述第四参数、所述第一数值和所述第二数值,利用所述第五预设公式,计算第五参数;Calculate a fifth parameter using the fifth preset formula according to the second parameter, the third parameter, the fourth parameter, the first value and the second value; 根据所述第五参数、所述第二私钥、所述第三私钥和所述第四公钥,利用第六预设公式,计算得到所述第五共享通信密钥;The fifth shared communication key is calculated using a sixth preset formula according to the fifth parameter, the second private key, the third private key and the fourth public key; 所述第六预设公式为:The sixth preset formula is: shareKeybroker=E(fx+tr);shareKey broker =E(fx+tr); 其中,上述shareKeybroker为第六共享通信密钥;上述E为第四公钥;上述f为第二私钥;上述t为第三私钥。Among them, the above-mentioned shareKey broker is the sixth shared communication key; the above-mentioned E is the fourth public key; the above-mentioned f is the second private key; and the above-mentioned t is the third private key. 7.一种通信装置,其特征在于,适用于通信系统,其中,所述通信系统包括第一客户端、第二客户端、代理服务器和认证服务器,所述装置包括:7. A communication device, characterized in that it is applicable to a communication system, wherein the communication system includes a first client, a second client, a proxy server and an authentication server, and the device includes: 获取模块,用于响应于通信请求,获取所述通信请求中包括的主题和所述主题上待发布的有效荷载;An acquisition module, configured to, in response to a communication request, acquire a subject included in the communication request and a valid load to be published on the subject; 生成模块,用于所述第一客户端利用第一会话密钥,对所述有效荷载和所述第一客户端的设备标识进行加密,生成第一密文;A generating module, configured for the first client to encrypt the payload and the device identification of the first client using a first session key to generate a first ciphertext; 生成模块,还用于所述第一客户端利用第一共享通信密钥对所述设备标识和所述第一会话密钥进行加密,生成加密设备标识和第二会话密钥,并将所述第二会话密钥发送至所述认证服务器;The generating module is further used for the first client to encrypt the device identification and the first session key using the first shared communication key, generate an encrypted device identification and a second session key, and send the second session key to the authentication server; 生成模块,还用于所述第一客户端根据所述第一密文、所述主题和所述加密设备标识,生成消息报文,并发送至所述代理服务器;The generating module is further used for the first client to generate a message according to the first ciphertext, the subject and the encryption device identifier, and send the message to the proxy server; 确定模块,用于所述代理服务器根据所述消息报文,确定所述主题和所述主题对应的第二客户端,并将所述主题、所述第二客户端和所述加密设备标识发送至所述认证服务器;A determination module, configured for the proxy server to determine the subject and a second client corresponding to the subject according to the message, and to send the subject, the second client and the encryption device identifier to the authentication server; 生成模块,还用于所述认证服务器根据第二共享通信密钥、所述主题、所述加密设备标识和第一公钥,生成第三密文,并发送至所述代理服务器;The generating module is further used for the authentication server to generate a third ciphertext according to the second shared communication key, the subject, the encryption device identifier and the first public key, and send the third ciphertext to the proxy server; 生成模块,还用于所述代理服务器利用第三共享通信密钥对所述第一密文和所述第三密文进行加密,生成第四密文,并发送至所述第二客户端;The generating module is further used for the proxy server to encrypt the first ciphertext and the third ciphertext by using the third shared communication key to generate a fourth ciphertext, and send the fourth ciphertext to the second client; 生成模块,还用于所述第二客户端利用第四共享通信密钥,对所述第四密文进行解密,得到所述第一密文和所述第三密文;The generating module is further used for the second client to decrypt the fourth ciphertext by using the fourth shared communication key to obtain the first ciphertext and the third ciphertext; 生成模块,还用于所述第二客户端利用第一私钥,对所述第三密文进行解密,得到所述第一会话密钥和设备标识;The generating module is further used for the second client to decrypt the third ciphertext using the first private key to obtain the first session key and the device identification; 生成模块,还用于所述第二客户端利用所述第一会话密钥对所述第一密文进行解密,得到所述有效荷载和设备标识;The generating module is further used for the second client to decrypt the first ciphertext using the first session key to obtain the effective load and the device identification; 比较模块,用于所述第二客户端将利用第一私钥解密得到的设备标识与利用所述第一会话密钥解密得到的设备标识进行比较;A comparison module, configured for the second client to compare the device identification obtained by decrypting the first private key with the device identification obtained by decrypting the first session key; 存储模块,用于若利用第一订阅私钥解密得到的设备标识与利用所述第一会话密钥解密得到的设备标识相同,保留所述有效荷载。The storage module is configured to retain the effective load if the device identification obtained by decrypting the first subscription private key is the same as the device identification obtained by decrypting the first session key. 8.一种通信系统,包括:8. A communication system comprising: 如权利要求1-6中任一项所述的通信方法。A communication method as claimed in any one of claims 1 to 6. 9.根据权利要求8所述的通信系统,其特征在于,还包括:9. The communication system according to claim 8, further comprising: 第一客户端,用于发布消息,所述第一客户端与认证服务器通信连接,所述第一客户端与代理服务器通信连接;A first client, used for publishing a message, wherein the first client is connected to the authentication server for communication, and the first client is connected to the proxy server for communication; 所述第二客户端,用于接收已订阅的主题的消息,所述第二客户端与所述代理服务器通信连接;The second client is used to receive messages of the subscribed topic, and the second client is connected to the proxy server for communication; 所述代理服务器;the proxy server; 所述认证服务器。The authentication server. 10.一种存储介质,所述存储介质中存储有至少一可执行指令,所述可执行指令使处理器执行如权利要求1-6中任一项所述的通信方法对应的操作。10. A storage medium, wherein at least one executable instruction is stored in the storage medium, and the executable instruction enables a processor to execute an operation corresponding to the communication method according to any one of claims 1 to 6.
CN202211346244.6A 2022-10-31 2022-10-31 Communication method, device, communication system and storage medium Active CN115766119B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211346244.6A CN115766119B (en) 2022-10-31 2022-10-31 Communication method, device, communication system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211346244.6A CN115766119B (en) 2022-10-31 2022-10-31 Communication method, device, communication system and storage medium

Publications (2)

Publication Number Publication Date
CN115766119A CN115766119A (en) 2023-03-07
CN115766119B true CN115766119B (en) 2025-06-13

Family

ID=85354497

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211346244.6A Active CN115766119B (en) 2022-10-31 2022-10-31 Communication method, device, communication system and storage medium

Country Status (1)

Country Link
CN (1) CN115766119B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116319108B (en) * 2023-05-23 2023-08-11 江苏意源科技有限公司 File encryption transmission method
CN118214556B (en) * 2024-05-20 2024-07-26 北京信安世纪科技股份有限公司 Access request response method, system, device, storage medium and program product
CN118250016B (en) * 2024-05-28 2024-09-10 慧翰微电子股份有限公司 TCP private protocol communication authentication method of Internet of things equipment
CN118473832B (en) * 2024-07-12 2024-09-24 冠骋信息技术(苏州)有限公司 LocalStorage anti-loss method and system based on proxy mode
CN119946620B (en) * 2025-04-08 2025-07-08 安徽创瑞技术股份有限公司 Short message sending method capable of preventing data leakage

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989984A (en) * 2010-08-24 2011-03-23 北京易恒信认证科技有限公司 Electronic document safe sharing system and method thereof
CN106603485A (en) * 2016-10-31 2017-04-26 美的智慧家居科技有限公司 Secret key negotiation method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009018512A1 (en) * 2007-08-02 2009-02-05 Imagineer Software, Inc. Systems and methods for implementing a mutating transport layer security protocol
CN114050897B (en) * 2021-08-20 2023-10-03 北卡科技有限公司 SM 9-based asynchronous key negotiation method and device
CN114095229B (en) * 2021-11-15 2024-09-17 中国电力科学研究院有限公司 Method, device and system for constructing data transmission protocol of energy internet

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989984A (en) * 2010-08-24 2011-03-23 北京易恒信认证科技有限公司 Electronic document safe sharing system and method thereof
CN106603485A (en) * 2016-10-31 2017-04-26 美的智慧家居科技有限公司 Secret key negotiation method and device

Also Published As

Publication number Publication date
CN115766119A (en) 2023-03-07

Similar Documents

Publication Publication Date Title
CN111371730B (en) Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene
CN115766119B (en) Communication method, device, communication system and storage medium
CN101459506B (en) Cipher key negotiation method, system, customer terminal and server for cipher key negotiation
CN111756529B (en) Quantum session key distribution method and system
JP2015146567A (en) Computer-implemented system and method for lightweight authentication in datagram transfer for the Internet of Things
CN112637136A (en) Encrypted communication method and system
CN106878016A (en) Data is activation, method of reseptance and device
CN113364811B (en) Network layer safety protection system and method based on IKE protocol
CN101902476A (en) Mobile P2P User Identity Authentication Method
CN110999202A (en) Computer-implemented system and method for highly secure, high-speed encryption and transmission of data
CN115834211B (en) CoAP network security access method based on software defined boundary
KR101704540B1 (en) A method of managing group keys for sharing data between multiple devices in M2M environment
CN101958907A (en) Method, system and device for transmitting key
CN114095229B (en) Method, device and system for constructing data transmission protocol of energy internet
CN118540167B (en) An identity authentication method and data transmission method of MQTT protocol based on IPK
CN114513339A (en) A security authentication method, system and device
CN114386020B (en) Quantum-safe fast secondary identity authentication method and system
JP2016514913A (en) Method and apparatus for establishing a session key
CN114386054B (en) Control method, system and medium for message storage processing and security authentication
CN103401872B (en) The method prevented and detect man-in-the-middle attack based on RDP improved protocol
CN115766066A (en) Data transmission method, device, secure communication system and storage medium
CN104618362A (en) Method and device for session message interaction between resource server and client side
CN119051878A (en) Method and system for data encryption transmission
CN103986716A (en) Establishment method of SSL connection and communication method and device based on SSL connection
KR20040013966A (en) Authentication and key agreement scheme for mobile network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant