Internet of Things weak resource terminal key security management method

A terminal key and security management technology, applied in the field of IoT weak resource terminal key security management, can solve the problems of unencrypted channel, replay attack, not using correct verification, etc., to achieve the effect of enhancing security

Active Publication Date: 2018-08-07
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, the security problems of weak resource terminals mainly include: exposing the hardware debugging interface, retaining the debugging command interface in the firmware, no encryption of the channel, no correct authentication from the device to the service, replay attacks, and no protection against man-in-the-middle attacks from the device to the server , there is an unprocessed plaintext key in the firmware, the system has only one key and there is no key change mechanism, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet of Things weak resource terminal key security management method
  • Internet of Things weak resource terminal key security management method
  • Internet of Things weak resource terminal key security management method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0052] Such as figure 1 As shown, a method for effectively using limited hardware resources to ensure channel key security includes the steps of obtaining the key for fragmented encryption and decryption keys, encrypting and storing the key, invoking the key for decryption, and updating the key online.

[0053] Specifically, in the process of obtaining the fragmented encryption and decryption key, the purpose of key fragmentation is to prevent the terminal device program (source program, compiled program, etc.) After decompiling and compiling, the program gets the key.

[0054]Key fragmentation can use firmware data such as MAC address, device ID number, etc. that do not appear directly in the program as parameters, and then combine some self-defined methods to obtain a set of keys. The characteristic of this key is that different terminals use the same method to obtain different keys. Since the key acquisition process contains parameters that do not appear directly in the pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Internet of Things weak resource terminal key security management method comprising obtaining a key for fragmentation of encryption and decryption key, key encryption storage, key decryption call, online key update and the like. When the key for the fragmentation of the encryption and decryption key is obtained, the key does not appear in the program directly in the plaintext, is fragmented and needs to be converted by a certain method, and the parameters for obtaining the encryption key comprises an MAC address, a device ID number and other firmware parameters thatcannot be obtained from the program code, the process of obtaining the key can prevent decompilation, that is, the key cannot be directly obtained through the program source code. Therefore, the anti-decompilation acquisition key can be realized by the method, and the existing key can be compensated in time in the case of leakage, thereby fully utilizing the limited hardware resources to maximizethe security of the key.

Description

technical field [0001] The invention relates to the technical field of information security of the Internet of Things, in particular to a security management method for weak resource terminal keys of the Internet of Things. Background technique [0002] The Internet of Things is a huge application system built on the Internet infrastructure. It has developed rapidly in recent years. It is estimated that there will be 28 billion Internet of Things devices by 2020. With the rapid growth of IoT devices, security problems are becoming more and more serious, and the implementation process of IoT information security lags behind the expansion speed of IoT. [0003] At present, there are a large number of terminal devices in the Internet of Things that transmit information in plain text on the Internet. Hackers can easily intercept these Internet of Things information and obtain methods to control devices. The impact on the security of IoT terminal equipment is multifaceted. For t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08
CPCH04L9/0822H04L9/0866H04L9/0891H04L9/0894
Inventor 肖龙辉
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap