Unlock instant, AI-driven research and patent intelligence for your innovation.

A security association method, device and system

A security association and routing technology, applied in the field of information security, can solve problems such as limited use range, inability to ensure industrial wireless network security, and the difficulty of implementing security association methods, achieving the effect of ensuring communication security and a wide range of applications

Active Publication Date: 2020-07-14
北京中测安华科技有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Because the field devices in the industrial wireless network have the characteristics of dynamic access to the network and mobility, the first type of security association method is not easy to implement in practical applications; the second type of security association method usually requires entering passwords, establishing out-of-band channels, etc. To prevent man-in-the-middle attacks, and some field devices and routing devices in practical applications do not have the conditions for input interface and establishment of out-of-band channels, so the scope of use of this method is relatively limited
It can be seen that none of the existing security association methods can ensure the security of industrial wireless networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A security association method, device and system
  • A security association method, device and system
  • A security association method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] see figure 1 It is a schematic flowchart of a security association method provided by Embodiment 1 of the present invention, the method is applied to field devices, and the method includes the following steps:

[0048] S11. The field device establishes a connection with the routing device through a network interface;

[0049] It can be understood that the essence of the so-called security association is to realize the authentication pairing between the field device and the routing device and the configuration of the shared key, wherein the configuration of the shared key includes two cases, one case is to enable a pre- Stored in the shared key of the two devices; another case is that the two devices generate a shared key through key agreement, and the embodiment of the present invention describes the latter case.

[0050] S12. Send the generated first random number to the routing device;

[0051] S13. Receive the second random number and the first signature sent by th...

Embodiment 2

[0065] see figure 2 A security association method provided in Embodiment 2 of the present invention is applicable to routing devices, and the method includes the following steps:

[0066] S21. The routing device establishes a connection with the field device through a network interface;

[0067] S22. After receiving the first random number sent by the field device, generate a second random number, calculate and obtain a first signature according to the first random number and the second random number, and use the second random number and sending the first signature to the field device;

[0068] S23. Receive the second signature sent by the field device, and verify the second signature. If the verification is passed, generate a random key, encrypt the random key to obtain a ciphertext, and calculate according to the ciphertext to obtain the second signature. three signatures, and send the third signature to the field device, wherein the second signature is the field device a...

Embodiment 3

[0074] Corresponding to the security association method disclosed in Embodiment 1 of the present invention, Embodiment 3 of the present invention also provides a security association device, see image 3 , the device is applied to field equipment, and the device includes:

[0075] The first connection module 11 is configured to establish a connection between the field device and the routing device through a network interface;

[0076] The first sending module 12 is configured to send the generated first random number to the routing device;

[0077] The first receiving module 13 is configured to receive the second random number and the first signature sent by the routing device, wherein the first signature is the second random number generated by the routing device itself and the received first signature. The first signature generated by random number calculation;

[0078] The first verification module 14 is used to verify the first signature, and if the verification is passe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security association method, apparatus and system. When the security association method is applied to a field device, the method comprises the following steps: establishing a connection with a routing device by the field device through a network interface; sending a generated first random number to the routing device; receiving a second random number and a first signature sent by the routing device; verifying the first signature, and performing calculating according to the first random number and the second random number if the first signature passes the verification to obtain a second signature, and sending the second signature to the routing device; and receiving a ciphertext and a third signature sent by the routing device, verifying the third signature, and decrypting the ciphertext to obtain a random key if the third signature passes the verification. By adoption of the security association method, apparatus and system, the purpose of communication security between the field device in an industrial wireless network and the routing device is realized on the premise of ensuring the application range.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a method, device and system for securely associating field devices and routing devices in industrial wireless networks. Background technique [0002] Industrial wireless network is developed from wireless sensor network and is used in wireless communication technology in the field of industrial control. Industrial wireless network has the characteristics of low cost, low energy consumption, high flexibility and strong scalability, which provides technical guarantee for the development of industrial automation system. However, due to the complex environment of industrial sites and special requirements in some industrial applications, wireless networks are facing serious security threats. [0003] The security association protocol can realize device pairing and shared key establishment, which is the basis for ensuring secure communication between devices, ther...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/32H04L29/06G06F21/44
CPCG06F21/44H04L9/0869H04L9/3226H04L9/3247H04L63/08H04L63/083
Inventor 梁露露代刚常文娟甘焕
Owner 北京中测安华科技有限公司