Communication method and apparatus, electronic device, and computer-readable storage medium

By introducing third-party auditing institutions, hash value verification, signature mechanisms, and temporary key encryption, the problem that location-based authenticity protection technology cannot cover IP address spoofing is solved, achieving higher communication security and trustworthiness.

CN115643033BActive Publication Date: 2026-07-07CHINA ELECTRONICS CORP 6TH RES INST

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA ELECTRONICS CORP 6TH RES INST
Filing Date
2022-10-26
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

Existing location-based authenticity protection technologies cannot cover all scenarios of IP address spoofing in trusted communications, resulting in low communication security.

Method used

By introducing a third-party auditing agency between the controller and the trusted computing device, using hash value verification and signature mechanisms, the integrity of transmitted data and system status data is ensured, and temporary keys are used to encrypt transmitted data to prevent data tampering and theft.

Benefits of technology

It improves the security of data transmission during communication, prevents data tampering and privacy leaks, and enhances the credibility and security of communication.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115643033B_ABST
    Figure CN115643033B_ABST
Patent Text Reader

Abstract

The application provides a communication method and device, electronic equipment and computer readable storage medium. The method is applied to a controller and includes: receiving transmission data sent by a trusted computing device; sending the transmission data to a cloud server and sending a challenge request to a third-party auditing agency, the challenge request being used for the third-party auditing agency to perform integrity measurement on the transmission data; and after receiving information sent by the third-party auditing agency and representing the integrity of the transmission data, sending information representing communication success to the trusted computing device. In this way, the transmitted data can be verified in the communication process of the controller and the trusted computing device, so that it can be ensured that the received transmission data is not tampered with in the communication process, and the security of communication can be improved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of communication technology, and more specifically, to a communication method, apparatus, electronic device, and computer-readable storage medium. Background Technology

[0002] Trusted communication technology ensures secure and reliable communication through both hardware and software, as well as the security and reliability of information both internally and externally within the control system. Control system communication technology within trusted communication primarily involves adding a trusted computing chip to the system hardware as a trusted core, serving as the trusted foundation for the entire trusted communication technology. This ensures the security of trusted communication interfaces and links, thereby guaranteeing the reliable and trustworthy transmission of data.

[0003] Currently, location-based authentication techniques are commonly used in trusted communication technologies. These techniques primarily rely on routing tables to perform reverse verification of the source address's authenticity. However, because these location-based authentication techniques lack checks on the legitimacy of the address source, they cannot cover all scenarios of IP address spoofing, thus resulting in relatively low security for trusted communication using location-based authentication techniques. Summary of the Invention

[0004] The purpose of this application is to provide a communication method, apparatus, electronic device, and computer-readable storage medium to improve communication security.

[0005] This invention is implemented as follows:

[0006] In a first aspect, embodiments of this application provide a communication method applied to a controller. The method includes: receiving transmission data sent by a trusted computing device; sending the transmission data to a cloud server and issuing a challenge request to a third-party auditing agency, the challenge request being used to enable the third-party auditing agency to perform an integrity measurement on the transmission data; and after receiving information from the third-party auditing agency indicating the integrity of the transmission data, sending information indicating successful communication to the trusted computing device.

[0007] In this embodiment, after receiving transmission data from the trusted computing device, the controller can perform third-party verification of the transmission data. Specifically, it can initiate a challenge request to a third-party auditing agency to measure the integrity of the transmission data. If the third-party auditing agency verifies the integrity of the transmission data, the communication is considered successful. This method allows for verification of transmitted data during communication, ensuring that the received transmission data has not been tampered with, thereby improving communication security.

[0008] In conjunction with the technical solution provided in the first aspect above, in some possible implementations, before receiving the transmission data sent by the trusted computing device, the method further includes: upon receiving the identity information sent by the trusted computing device, after verifying the correctness of the identity information sent by the trusted computing device, sending system status data to the cloud server, and issuing a challenge request to the third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, where the system status data corresponds to various states of the controller during the startup phase; after receiving information from the third-party auditing agency indicating the completeness of the system status data, sending its own identity information to the trusted computing device.

[0009] In this embodiment, after receiving the identity information sent by the trusted computing device and verifying its correctness, the controller's own system status data undergoes third-party verification. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the controller itself is reliable and without problems. At this point, the controller can send the identity information to the trusted communication device for authentication. This method ensures that the controller is reliable before receiving transmission data from the trusted computing device, i.e., it has not been tampered with, thereby further improving the security of communication between the trusted computing device and the controller.

[0010] In conjunction with the technical solution provided in the first aspect above, in some possible implementations, before receiving the transmission data sent by the trusted computing device, the method further includes: after receiving the identity information and encryption information sent by the trusted computing device, and verifying the correctness of the identity of the trusted computing device based on the identity information, sending system status data to the cloud server, and issuing a challenge request to the third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, where the system status data is the data corresponding to various states of the controller during the startup phase; after receiving information from the third-party auditing agency indicating the completeness of the system status data, sending its own identity information and encryption information to the trusted computing device; receiving a signature sent by the trusted computing device, where the signature is a signature made by the trusted computing device using its own serial number after determining that the identity information of the controller is correct, using its platform identity certificate; and after verifying the correctness of the signature, sending its own signature to the trusted computing device.

[0011] In this embodiment, after receiving the identity information and encrypted information sent by the trusted computing device and verifying the correctness of the identity information sent by the trusted computing device, the controller's own system status data is verified by a third party. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the controller itself is trustworthy and has no problems. At this time, the controller can send the identity information and encrypted information to the trusted communication device for identity verification. After the trusted computing device verifies the correctness of the identity information sent by the controller, it can send its own signature to the controller, so that the controller, after verifying the correctness of the signature, sends its own signature to the trusted computing device. In this way, the system status data of the controller can be verified by a third-party auditing agency before the trusted computing device transmits data to the controller, ensuring that the controller's own data has not been tampered with. Furthermore, verifying the other party's identity before verifying the other party's signature can prevent intruders from eavesdropping on the transmission process and causing privacy leaks, thereby further improving communication security.

[0012] In conjunction with the technical solution provided in the first aspect above, in some possible implementations, before sending its own identity information and encrypted information to the trusted computing device, the method further includes: comparing the hash value received from the third-party auditing agency with the hash value calculated by itself based on the system status data, wherein the hash value sent by the third-party auditing agency is the hash value calculated by the third-party auditing agency based on the system status data; and determining that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0013] In this embodiment, comparing the hash value sent by the third-party auditing agency with the hash value calculated by the controller itself based on system status data verifies the trustworthiness of the third-party auditing agency. Specifically, if the hash value sent by the third-party auditing agency matches the calculated hash value, the third-party auditing agency is considered trustworthy. In this case, the integrity information of the system status data sent by the third-party auditing agency can be determined to be reliable, allowing subsequent steps to proceed. This method ensures the correctness of the integrity results sent by the third-party auditing agency, thereby further improving communication security.

[0014] In conjunction with the technical solution provided in the first aspect above, in some possible implementations, after sending its own signature to the trusted computing device, the method further includes: after the trusted computing device determines that the controller's signature is correct and sends the public key corresponding to the temporary key generated by the trusted computing device to the controller, receiving the public key sent by the trusted computing device; generating a temporary key, and sending the public key corresponding to the temporary key to the trusted computing device.

[0015] In this embodiment of the application, by means of the above method, the transmitted data can be encrypted with a newly generated key before the trusted computing device sends the transmitted data to the controller. That is, the transmitted data is not encrypted with the normally used key, thereby preventing the previously used key from being used to decrypt the transmitted data after the encrypted transmitted data is stolen, thereby stealing the transmitted data and further improving the security of communication.

[0016] Secondly, embodiments of this application provide a communication method applied to a trusted computing device. The method includes: sending transmission data to a controller, causing the controller to send the transmission data to a cloud server after receiving the transmission data, and issuing a challenge request to a third-party auditing agency, the challenge request being used to enable the third-party auditing agency to perform an integrity measurement on the transmission data; and causing the controller to send information indicating successful communication to the trusted computing device after receiving information indicating the integrity of the transmission data sent by the third-party auditing agency; and receiving the information indicating successful communication sent by the controller.

[0017] In this embodiment, after the trusted computing device sends the transmission data to the controller, the controller can perform third-party verification of the transmission data. Specifically, it can request a third-party auditing agency to perform an integrity measurement challenge on the transmission data. If the third-party auditing agency verifies the integrity of the transmission data, the communication is considered successful. This method allows for verification of the transmitted data during communication, ensuring that the received transmission data has not been tampered with, thereby improving communication security.

[0018] In conjunction with the technical solution provided in the second aspect above, in some possible implementations, before sending the transmission data to the controller, the method further includes: sending system status data to the cloud server and issuing a challenge request to the third-party auditing agency, the challenge request being used to enable the third-party auditing agency to perform an integrity measurement on the system status data, the system status data being data corresponding to various states of the system where the trusted computing device is located during the startup phase; after receiving information from the third-party auditing agency indicating the completeness of the system status data, sending its own identity information to the controller; receiving the identity information sent by the controller, and verifying the correctness of the controller's identity based on the identity information.

[0019] In this embodiment, before sending transmission data to the controller, the trusted communication device can first perform third-party verification of its system status data. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the trusted communication device itself is reliable and without problems. At this point, its identity information can be sent to the controller for authentication. After the controller verifies the identity of the trusted communication device, it can receive the identity information sent by the controller. After verifying the controller's identity based on this identity information, the trusted communication device can then send transmission data to the controller. This method allows for verification of the system status data by a third-party auditing agency before sending transmission data to the controller, ensuring that the data has not been tampered with. Furthermore, after both parties verify each other's identities, the trusted computing device sends transmission data to the controller, further enhancing communication security.

[0020] In conjunction with the technical solution provided in the second aspect above, in some possible implementations, before sending the transmission data to the controller, the method further includes: sending system status data to the cloud server and issuing a challenge request to the third-party auditing agency, the challenge request being used to enable the third-party auditing agency to perform an integrity measurement on the system status data, the system status data being data corresponding to various states of the system where the trusted computing device resides during the startup phase; after receiving information from the third-party auditing agency indicating the completeness of the system status data, sending its own identity information and encrypted information to the controller; receiving the identity information and encrypted information sent by the controller; after verifying the correctness of the identity information sent by the controller, sending its own signature to the controller, the signature being a signature made by the trusted computing device using a platform identity certificate to sign its own serial number after determining that the controller's identity information is correct; receiving the signature sent by the controller and verifying the correctness of the signature.

[0021] In this embodiment, before sending transmission data to the controller, the system status data is verified by a third-party auditing agency to ensure its correctness. Only after verification does the system send its identity information and encrypted information to the controller. After verifying the identity of the trusted computing device, the controller sends its own identity information and encrypted information. The trusted computing device can then verify the controller's identity based on the received identity information. After verifying the controller's identity, both parties can exchange signatures. This method allows a third-party auditing agency to verify the trusted computing device's system status data before sending transmission data to the controller, ensuring that the controller's data has not been tampered with. Furthermore, verifying the other party's identity before verifying their signature prevents intruders from eavesdropping on the transmission process and causing privacy leaks, thereby further improving communication security.

[0022] In conjunction with the technical solution provided in the second aspect above, in some possible implementations, before sending its own identity information and encrypted information to the controller, the method further includes: comparing the hash value received from the third-party auditing agency with the hash value calculated by itself based on the system status data, wherein the hash value sent by the third-party auditing agency is the hash value calculated by the cloud server based on the system status data; and determining that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0023] In this embodiment, comparing the hash value sent by the third-party auditing agency with the hash value calculated by the trusted computing device based on system status data verifies the trustworthiness of the third-party auditing agency. Specifically, if the hash value sent by the third-party auditing agency matches the calculated hash value, the third-party auditing agency is considered trustworthy. In this case, the complete system status data sent by the third-party auditing agency can be determined to be trustworthy, allowing subsequent steps to proceed. This method ensures the correctness of the integrity results issued by the third-party auditing agency, thereby further improving communication security.

[0024] In conjunction with the technical solution provided in the second aspect above, in some possible implementations, after verifying the correctness of the signature, the method further includes: generating a temporary key and sending the public key corresponding to the temporary key to the controller; receiving the public key corresponding to the temporary key sent by the controller, wherein the transmitted data is data encrypted using the private key corresponding to the temporary key generated by the trusted computing device.

[0025] In this embodiment of the application, by means of the above method, the transmitted data can be encrypted with a newly generated key before the trusted computing device sends the transmitted data to the controller. That is, the transmitted data is not encrypted with the normally used key, thereby preventing the previously used key from being used to decrypt the transmitted data after the encrypted transmitted data is stolen, thereby stealing the transmitted data and further improving the security of communication.

[0026] Thirdly, embodiments of this application provide a communication device applied to a controller. The device includes: a receiving module for receiving transmission data sent by a trusted computing device; a communication module for sending the transmission data to a cloud server and issuing a challenge request to a third-party auditing agency, the challenge request being used to enable the third-party auditing agency to perform an integrity measurement on the transmission data; and if information indicating the integrity of the transmission data is received from the third-party auditing agency, then information indicating successful communication is sent to the trusted computing device.

[0027] Fourthly, embodiments of this application provide a communication device applied to a trusted computing device. The device includes: a sending module, configured to send transmission data to a controller, so that after receiving the transmission data, the controller sends the transmission data to a cloud server and issues a challenge request to a third-party auditing institution, the challenge request being used to enable the third-party auditing institution to perform an integrity measurement on the transmission data; and enabling the controller, after receiving information from the third-party auditing institution indicating the integrity of the transmission data, to send information indicating successful communication to the trusted computing device; and a receiving module, configured to receive the information indicating successful communication sent by the controller.

[0028] Fifthly, embodiments of this application provide an electronic device, including: a device body and a controller that performs a method as provided in the first aspect embodiments and / or some possible implementations of the first aspect embodiments, the controller being disposed on the device body.

[0029] In a sixth aspect, embodiments of this application provide an electronic device, including: a device body and a trusted computing device that performs the method provided by the embodiments of the second aspect above and / or some possible implementations of the embodiments of the second aspect above, wherein the trusted computing device is disposed on the device body.

[0030] In a seventh aspect, embodiments of this application provide a computer-readable storage medium having a computer program stored thereon. When the computer program is run by a processor, it executes the method provided by the embodiments of the first aspect described above and / or some possible implementations of the embodiments of the first aspect described above, or executes the method provided by the embodiments of the second aspect described above and / or some possible implementations of the embodiments of the second aspect described above. Attached Figure Description

[0031] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. It should be understood that the following drawings only show some embodiments of this application and should not be regarded as a limitation of the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0032] Figure 1 This is a flowchart illustrating the steps of a communication method provided in an embodiment of this application.

[0033] Figure 2 A flowchart illustrating the steps of another communication method provided in an embodiment of this application.

[0034] Figure 3 A flowchart illustrating the steps of another communication method provided in this application embodiment.

[0035] Figure 4 This is a module block diagram of a communication device provided in an embodiment of this application.

[0036] Figure 5 A block diagram of another communication device provided in an embodiment of this application.

[0037] Figure 6 This is a module block diagram of an electronic device provided in an embodiment of this application.

[0038] Figure 7 This is a module block diagram of another electronic device provided in an embodiment of this application. Detailed Implementation

[0039] The technical solutions in the embodiments of this application will now be described with reference to the accompanying drawings.

[0040] Given that location-based authentication techniques, commonly used in trusted communication technologies, cannot cover all scenarios of IP address spoofing, the security of trusted communication using location-based authentication techniques is not high. The inventors of this application, through research and exploration, propose the following embodiments to improve the above-mentioned problems.

[0041] The following combination Figure 1 The specific process and steps of a communication method are described. This application provides a communication method applicable to communication between a controller and a trusted computing device. The controller can be a PLC (Programmable Logic Controller), and the trusted computing device can be a trusted cryptography module, such as a TCM (Trusted Cryptography Module).

[0042] It should be noted that the communication method provided in the embodiments of this application is not based on... Figure 1 The following order is a restriction.

[0043] Step S101: The trusted computing device sends transmission data to the controller.

[0044] Before the trusted computing device sends transmission data to the controller, it can first establish a communication connection with the controller, such as a TCP (Transmission Control Protocol) connection. After the communication connection between the trusted computing device and the controller is established, the trusted computing device can send transmission data to the controller, and this transmission data can be configured according to the actual situation.

[0045] After the trusted computing device sends the transmission data to the controller, the method may continue to step S102.

[0046] Step S102: The controller receives the transmission data sent by the trusted computing device.

[0047] After the trusted computing device sends transmission data to the controller, the controller can receive the transmission data. Upon receiving the transmission data, the method can proceed to step S103.

[0048] Step S103: The controller sends the transmission data to the cloud server and sends a challenge request to a third-party auditing agency.

[0049] The aforementioned challenge request is used to enable a third-party auditing firm to perform an integrity measurement on the transmitted data. The third-party auditing firm (TPA) can select the appropriate auditing firm based on the specific circumstances.

[0050] The controller described above can send the transmission data to the cloud server by dividing the transmission data into n blocks and sending each of the n blocks to the cloud server, where n is any positive integer.

[0051] After the controller sends the transmitted data to the cloud server and issues a challenge request to a third-party auditing firm, the third-party auditing firm receives the challenge request, which carries controller information. Then, based on this controller information, the third-party auditing firm sends a request to the cloud server to retrieve the controller's transmitted data, thereby obtaining the transmitted data. Upon receiving the transmitted data from the cloud server, the third-party auditing firm determines the hash function and initial hash value, and calculates the hash value for each data block sequentially until a final hash value is generated. Based on this final hash value, the third-party auditing firm determines whether the transmitted data is complete, i.e., whether the transmitted data has been tampered with. If the transmitted data is complete, it indicates that the transmitted data has not been tampered with. Furthermore, after determining the completeness of the transmitted data based on the final hash value, the third-party auditing firm will feed back the corresponding result to the controller.

[0052] The hash function mentioned above can be selected according to the actual situation. For example, the SHA-2 function can be used, which calculates the hash value of the next data block based on the hash value calculated from the previous data block. It is understandable that different hash functions correspond to different initial hash values.

[0053] It should be noted that the specific principles by which third-party auditing firms use hash functions to measure data integrity can be found in existing technologies, and will not be elaborated upon here to avoid further explanation.

[0054] After the controller issues a challenge request to the third-party auditing agency, the method may proceed to step S104.

[0055] Step S104: After receiving the information indicating that the transmitted data is complete from the third-party auditing agency, the controller sends the information indicating successful communication to the trusted computing device.

[0056] If the controller receives a message from a third-party auditing agency indicating the integrity of the transmitted data, it means the transmitted data has not been tampered with and is therefore trustworthy, allowing the controller to use it. In this case, the controller can send a message indicating successful communication to the trusted computing device.

[0057] After the controller sends a message indicating successful communication to the trusted computing device, the method may proceed to step S105.

[0058] Step S105: The trusted computing device receives a message from the controller indicating successful communication.

[0059] Once the trusted device receives the message from the controller indicating successful communication, it can terminate the communication.

[0060] In this embodiment, after receiving transmission data from the trusted computing device, the controller can perform third-party verification of the transmission data. Specifically, it can initiate a challenge request to a third-party auditing agency to measure the integrity of the transmission data. If the third-party auditing agency verifies the integrity of the transmission data, the communication is considered successful. This method allows for verification of transmitted data during communication, ensuring that the received transmission data has not been tampered with, thereby improving communication security.

[0061] Optionally, if the controller receives information from a third-party auditing firm indicating the integrity of the transmitted data, the information indicating the input data sent to the trusted computing device may specifically include: if the controller receives the final hash value from the third-party auditing firm, it compares the hash value it calculates based on the transmitted data with the final hash value. If the final hash value is the same as the hash value it calculates, it sends the verification result to the trusted computing device. This verification result may be information indicating that the final hash value is the same as the hash value it calculates. Correspondingly, the trusted computing device receives the verification result sent by the controller.

[0062] In this embodiment, after confirming the integrity of the transmitted data, the third-party auditing agency can send the final hash value to the controller, indicating that it has confirmed the integrity of the transmitted data. Upon receiving the final hash value, the controller can compare its own hash value calculated based on the transmitted data with the final hash value to verify the trustworthiness of the third-party auditing agency. If the final hash value is different from its own calculated hash value, it indicates that the third-party auditing agency may have been tampered with, meaning the third-party auditing agency is untrustworthy. In this case, the information that the third-party auditing agency sent regarding the integrity of the transmitted data is untrustworthy, and the communication with the trusted computing device can be terminated. Conversely, if the final hash value is the same as its own calculated hash value, it indicates that the third-party auditing agency is trustworthy. In this case, the information that the third-party auditing agency sent regarding the integrity of the transmitted data is trustworthy, and the verification result can be sent to the trusted computing device, indicating successful communication.

[0063] The above methods enable verification of third-party auditing institutions during communication. This allows for the assessment of the results of transmitted data issued by third-party auditing institutions, thereby further enhancing communication security.

[0064] Optional, please refer to Figure 2 Before the trusted computing device sends transmission data to the controller, the above communication method may further include:

[0065] Step S201: The trusted computing device sends the system status data to the cloud server and sends a challenge request to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform integrity measurement on the system status data. The system status data is the data corresponding to various states of the system where the trusted computing device is located during the startup phase.

[0066] Step S202: After receiving information from a third-party auditing agency indicating that the system status data is complete, the trusted computing device sends its own identity information to the controller.

[0067] Step S203: After receiving the identity information sent by the trusted computing device and verifying the identity of the trusted computing device based on the identity information, the controller sends the system status data to the cloud server and sends a challenge request to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the controller's system status data. The system status data is the data corresponding to various states of the controller during the startup phase.

[0068] Step S204: After receiving information from a third-party auditing agency indicating that the system status data is complete, the controller sends its own identity information to the trusted computing device.

[0069] Step S205: The trusted computing device receives the identity information sent by the controller and verifies the correctness of the controller's identity based on the identity information.

[0070] The identity information can be the platform's identity certificate.

[0071] The trusted computing device sending system status data to the cloud server can specifically include: dividing the system status data into n blocks and sending each of the n blocks to the cloud server, where n is any positive integer. Similarly, the controller sending system status data to the cloud server can also specifically include: dividing the system status data into n blocks and sending each of the n blocks to the cloud server, where n is any positive integer. Furthermore, the process by which a third-party auditing agency performs integrity measurements on the system data can be referenced from the process described in the preceding embodiments, and will not be elaborated further here.

[0072] It is understandable that the process of measuring the integrity of the system state data of the aforementioned trusted computing device and controller can be performed after the trusted computing device and controller establish a communication connection.

[0073] In this embodiment, before the trusted communication device sends transmission data to the controller, it can first perform third-party verification of its system status data. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the trusted communication device itself is reliable and without problems. At this point, it can send its identity information to the controller for authentication. After receiving the identity information sent by the trusted communication device, the controller can first verify the identity of the trusted communication device based on this information. If the identity of the trusted communication device is correct, it can then perform third-party verification of its own system status data. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the controller itself is reliable and without problems. At this point, the controller can send its identity information to the trusted communication device for authentication. After the trusted computing device receives the identity information sent by the controller and verifies the controller's identity based on this information, it can then send transmission data to the controller.

[0074] By employing the above method, a third-party auditing agency can verify the system status data of both parties before the trusted computing device transmits data to the controller, ensuring that their own data has not been tampered with. Only after confirming that their own data has not been tampered with and that both parties have verified each other's identities can the trusted computing device send data to the controller, thereby further enhancing communication security.

[0075] Furthermore, it should be noted that if the trusted computing device fails to verify the identity of the controller, or if the trusted computing device's system status data is incomplete, or if the controller fails to verify the identity of the trusted computing device, or if the controller's system status data is incomplete, the party that discovers the problem shall interrupt the communication, thereby ensuring the security of the communication between the two parties.

[0076] Optional, please refer to Figure 3 Before the trusted computing device sends transmission data to the controller, the above communication method may further include:

[0077] Step S301: The trusted computing device sends system status data to the cloud server and issues a challenge request to a third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which consists of data corresponding to various states of the system where the trusted computing device resides during the startup phase.

[0078] Step S302: After receiving information from a third-party auditing agency indicating that the system status data is complete, the trusted computing device sends its own identity information and encryption information to the controller.

[0079] Step S303: After receiving the identity information and encryption information sent by the trusted computing device, and verifying the correctness of the identity information sent by the trusted computing device, the controller sends the system status data to the cloud server and issues a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which consists of data corresponding to various states of the controller during the startup phase.

[0080] Step S304: After receiving the information from the third-party auditing agency indicating that the system status data is complete, the controller sends its own identity information and encryption information to the trusted computing device.

[0081] Step S305: The trusted computing device receives the identity information and encryption information sent by the controller; after verifying that the identity information sent by the controller is correct, it sends its own signature to the controller. The signature is the signature made by the trusted computing device using the platform identity certificate on its own serial number after determining that the identity information of the controller is correct.

[0082] Step S306: The control device receives a signature sent by the trusted computing device. This signature is a signature made by the trusted computing device using its platform identity certificate to sign its own serial number after determining that the controller's identity information is correct. After verifying that the signature is correct, the control device sends its own signature to the trusted computing device.

[0083] Step S307: The trusted computing device receives the signature sent by the controller and verifies that the signature is correct.

[0084] The identity information can be the platform's identity certificate; the encrypted information can be the platform's encryption certificate.

[0085] It should be noted that sending one's own identity information and encrypted information as mentioned above refers to sending the encrypted identity information. Furthermore, when verifying the encrypted identity information, it can first be decrypted using the stored public key, and then the identity can be verified based on the decrypted information. For example, after receiving the identity information and encrypted information sent by the trusted computing device, the controller can use the public key of the trusted computing device stored locally to decrypt the encrypted identity information, and then verify whether the identity information sent by the trusted computing device is correct based on the decrypted information.

[0086] The specific process by which the trusted computing device and controller send system status data to the cloud server can be referred to in the previous embodiment, and will not be repeated here. Similarly, the process by which the third-party auditing agency performs integrity measurement on the system data can be referred to in the previous embodiment, and will not be repeated here.

[0087] It is understandable that the process of measuring the integrity of the system state data of the aforementioned trusted computing device and controller can be performed after the trusted computing device and controller establish a communication connection.

[0088] In this embodiment, before the trusted computing device sends transmission data to the controller, its system status data can be verified by a third party. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the trusted communication device itself is reliable and without problems. At this point, the identity information and encrypted information can be sent to the controller for authentication. After the controller receives the identity information and encrypted information sent by the trusted communication device, it can first verify whether the identity of the trusted communication device is correct based on the identity information. If the identity of the trusted communication device is correct, the controller's own system status data can be verified by a third party. If the system status data is complete, it indicates that the system status data has not been tampered with, meaning the controller itself is reliable and without problems. At this point, the controller can send the identity information and encrypted information to the trusted communication device for authentication.

[0089] After the trusted computing device receives the identity information and encrypted information sent by the controller and verifies that the identity information sent by the controller is correct, it sends its own signature to the controller; after the controller verifies that the signature is correct, it sends its own signature to the trusted computing device, so as to realize mutual signature verification between the trusted computing device and the controller.

[0090] By employing the above methods, a third-party auditing agency can verify the system status data of both parties before the trusted computing device transmits data to the controller, ensuring that their own data has not been tampered with. Furthermore, after confirming that their own data has not been altered and that both parties have verified each other's identity, they then sign each other's documents. This prevents intruders from eavesdropping on the transmission process and causing privacy leaks, thereby further enhancing communication security.

[0091] Furthermore, it should be noted that if the trusted computing device fails to verify the identity of the controller, or if the trusted computing device's system status data is incomplete, or if the trusted computing device fails to verify the controller's signature, or if the controller fails to verify the identity of the trusted computing device, or if the controller's system status data is incomplete, or if the controller fails to verify the trusted computing device's signature, then the party that discovers the problem shall interrupt communication, thereby ensuring the security of previous communication between the two parties.

[0092] Furthermore, before the trusted computing device sends its own identity information and encrypted information to the controller, the above communication method may also include: comparing the hash value received from the third-party auditing agency with the hash value calculated by itself based on system status data, wherein the hash value sent by the third-party auditing agency is the hash value calculated by the cloud server based on system status data; and determining that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0093] In this embodiment, comparing the hash value sent by the third-party auditing agency with the hash value calculated by the trusted computing device based on system status data verifies the trustworthiness of the third-party auditing agency. If the hash value sent by the third-party auditing agency differs from the calculated hash value, it indicates that the third-party auditing agency may have been tampered with, meaning it is untrustworthy. In this case, the complete system status data sent by the third-party auditing agency is deemed untrustworthy, and communication with the trusted computing device can be interrupted. Conversely, if the hash value sent by the third-party auditing agency matches the calculated hash value, it indicates that the third-party auditing agency is trustworthy. In this case, the complete system status data sent by the third-party auditing agency is deemed trustworthy, and subsequent steps can proceed. This method ensures the correctness of the integrity results sent by the third-party auditing agency, thereby further improving communication security.

[0094] Furthermore, before the controller sends its own identity information and encrypted information to the trusted computing device, the above communication method may also include: comparing the hash value received from the third-party auditing agency with the hash value calculated by the controller based on system status data, wherein the hash value sent by the third-party auditing agency is the hash value calculated by the third-party auditing agency based on system status data; and determining that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0095] In this embodiment, comparing the hash value sent by the third-party auditing agency with the hash value calculated by the controller based on system status data verifies the trustworthiness of the third-party auditing agency. If the hash value sent by the third-party auditing agency differs from the calculated hash value, it indicates that the third-party auditing agency may have been tampered with, meaning it is untrustworthy. In this case, the complete system status data sent by the third-party auditing agency is deemed untrustworthy, and communication with the trusted computing device can be interrupted. Conversely, if the hash value sent by the third-party auditing agency matches the calculated hash value, it indicates that the third-party auditing agency is trustworthy. In this case, the complete system status data sent by the third-party auditing agency is deemed trustworthy, and subsequent steps can proceed. This method ensures the correctness of the integrity results sent by the third-party auditing agency, thereby further improving communication security.

[0096] Optionally, after the trusted computing device verifies that the signature sent by the controller is correct, the above communication method may further include:

[0097] Step S401: The trusted computing device generates a temporary key and sends the public key corresponding to the temporary key to the controller.

[0098] Step S402: The controller receives the public key sent by the trusted computing device.

[0099] Step S403: The controller generates a temporary key and sends the public key corresponding to the temporary key to the trusted computing device.

[0100] Step S404: The trusted computing device receives the public key corresponding to it sent by the controller.

[0101] The transmitted data is encrypted using the private key corresponding to the temporary key generated by the trusted computing device. The principles underlying the generation of the temporary key by the trusted computing device and controller are detailed in existing technologies and will not be elaborated upon here.

[0102] In this embodiment, after the trusted computing device and the controller exchange signatures and verify their correctness, they then exchange the public keys of the temporary keys they generated. This allows the trusted computing device to subsequently use the private key of the newly generated temporary key to encrypt the transmitted data. Correspondingly, the controller can subsequently use the public key of the received optional computing device to decrypt the encrypted transmitted data. In this way, the transmitted data can be encrypted using a newly generated key before the trusted computing device sends it to the controller, thus preventing the use of a commonly used key. This prevents the encrypted transmitted data from being stolen and then decrypted using the previously used key, thereby further improving communication security.

[0103] Furthermore, it is understood that since both the controller and the trusted computing device receive the public key corresponding to the other's temporary key, the controller can send transmission data to the trusted computing device based on the methods of the foregoing embodiments, that is, the controller and the trusted computing device can send information to each other based on the methods of the foregoing embodiments.

[0104] Please see Figure 4 Based on the same inventive concept, this application also provides a communication device 100 for use with a controller. The device 100 includes a receiving module 101 and a communication module 102.

[0105] The receiving module 101 is used to receive transmission data sent by the trusted computing device.

[0106] The communication module 102 is used to send the transmitted data to the cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to measure the integrity of the transmitted data. After receiving the information indicating the integrity of the transmitted data sent by the third-party auditing agency, it sends information indicating successful communication to the trusted computing device.

[0107] Optionally, before receiving the transmission data sent by the trusted computing device, the receiving module 101 is further configured to, upon receiving the identity information sent by the trusted computing device and verifying the correctness of the identity information sent by the trusted computing device, send the system status data to the cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which is the data corresponding to various states of the controller during the startup phase. After receiving the information sent by the third-party auditing agency indicating the completeness of the system status data, the receiving module 101 sends its own identity information to the trusted computing device.

[0108] Optionally, before receiving the transmission data sent by the trusted computing device, the receiving module 101 is further configured to, after receiving the identity information and encrypted information sent by the trusted computing device and verifying the correctness of the trusted computing device's identity based on the identity information, send the system status data to the cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which is the data corresponding to various states of the controller during the startup phase. After receiving the information sent by the third-party auditing agency indicating the completeness of the system status data, the receiving module 101 sends its own identity information and encrypted information to the trusted computing device. It also receives a signature sent by the trusted computing device, which is the signature made by the trusted computing device using its own serial number after determining that the controller's identity information is correct, using the platform identity certificate. After verifying the signature is correct, the receiving module 101 sends its own signature to the trusted computing device.

[0109] Optionally, before sending its own identity information and encrypted information to the trusted computing device, the receiving module 101 is further configured to compare the hash value received from the third-party auditing agency with the hash value calculated by itself based on the system status data, wherein the hash value sent by the third-party auditing agency is the hash value calculated by the third-party auditing agency based on the system status data; and determine that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0110] Optionally, after sending its own signature to the trusted computing device, the receiving module 101 is further configured to receive the public key sent by the trusted computing device after the trusted computing device determines that the controller's signature is correct and sends the public key corresponding to the temporary key generated by the trusted computing device to the controller; generate a temporary key and send the public key corresponding to the temporary key to the trusted computing device.

[0111] Please see Figure 5 Based on the same inventive concept, this application also provides a communication device 200, which is applied to a trusted computing device. The device 200 includes a transmitting module 201 and a receiving module 202.

[0112] The sending module 201 is used to send transmission data to the controller, so that after receiving the transmission data, the controller sends the transmission data to the cloud server and issues a challenge request to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform integrity measurement on the transmission data. After receiving the information indicating the integrity of the transmission data sent by the third-party auditing agency, the controller sends information indicating successful communication to the trusted computing device.

[0113] The receiving module 202 is used to receive information sent by the controller indicating successful communication.

[0114] Optionally, before sending the transmission data to the controller, the sending module 201 is also used to send the system status data to the cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data. The system status data is the data corresponding to various states of the system where the trusted computing device is located during the startup phase. After receiving the information sent by the third-party auditing agency indicating the completeness of the system status data, the module sends its own identity information to the controller. The module receives the identity information sent by the controller and verifies the correctness of the controller's identity based on the identity information.

[0115] Optionally, before sending transmission data to the controller, the sending module 201 is further configured to send system status data to the cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data. The system status data refers to the data corresponding to various states of the system where the trusted computing device resides during the startup phase. After receiving the information sent by the third-party auditing agency indicating the completeness of the system status data, the sending module 201 sends its own identity information and encrypted information to the controller. The sending module 201 receives the identity information and encrypted information sent by the controller. After verifying that the identity information sent by the controller is correct, the sending module 201 sends its own signature to the controller. The signature is the signature made by the trusted computing device using the platform identity certificate to sign its own serial number after determining that the controller's identity information is correct. The sending module 201 receives the signature sent by the controller and verifies that the signature is correct.

[0116] Optionally, before sending its own identity information and encrypted information to the controller, the sending module 201 is also used to compare the hash value received from the third-party auditing agency with the hash value calculated by itself based on the system status data. The hash value sent by the third-party auditing agency is the hash value calculated by the cloud server based on the system status data; and to determine that the hash value sent by the third-party auditing agency is the same as the calculated hash value.

[0117] Optionally, after verifying the signature is correct, the sending module 201 is also used to generate a temporary key and send the public key corresponding to the temporary key to the controller; receive the public key corresponding to it sent by the controller, and transmit data that is encrypted with the private key corresponding to the temporary key generated by the trusted computing device.

[0118] Please see Figure 6 Based on the same inventive concept, this application provides a schematic structural block diagram of an electronic device 300. The electronic device includes a device body 301 and a controller 302 that implements the above-mentioned communication method. The controller 302 is disposed on the device body 301.

[0119] It should be understood that Figure 6 The structure shown is for illustrative purposes only. The electronic device 300 provided in this embodiment may also have a more advanced design. Figure 6 Fewer or more components, or having the same Figure 6 The different configurations shown. Furthermore... Figure 6 The components shown can be implemented through software, hardware, or a combination thereof.

[0120] Please see Figure 7 Based on the same inventive concept, this application provides a schematic structural block diagram of an electronic device 400. The electronic device includes a device body 401 and a trusted computing device 402 that implements the above-mentioned communication method. The trusted computing device 402 is disposed on the device body 401.

[0121] It should be understood that Figure 7 The structure shown is for illustrative purposes only. The electronic device 400 provided in this embodiment may also have a more advanced design. Figure 7 Fewer or more components, or having the same Figure 7 The different configurations shown. Furthermore... Figure 7 The components shown can be implemented through software, hardware, or a combination thereof.

[0122] It should be noted that, as those skilled in the art will clearly understand, for the sake of convenience and brevity, the specific working processes of the systems, devices and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0123] Based on the same inventive concept, embodiments of this application also provide a computer-readable storage medium storing a computer program thereon, which executes the methods provided in the above embodiments when the computer program is run.

[0124] The storage medium can be any available medium that a computer can access, or a data storage device such as a server or data center that integrates one or more available media. The available medium can be magnetic media (e.g., floppy disks, hard disks, magnetic tapes), optical media (e.g., DVDs), or semiconductor media (e.g., solid-state drives (SSDs)).

[0125] In the embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. The apparatus embodiments described above are merely illustrative. For example, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. Furthermore, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Additionally, the displayed or discussed mutual couplings, direct couplings, or communication connections may be through some communication interfaces; indirect couplings or communication connections between devices or units may be electrical, mechanical, or other forms.

[0126] Furthermore, the units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0127] Furthermore, the functional modules in the various embodiments of this application can be integrated together to form an independent part, or each module can exist independently, or two or more modules can be integrated to form an independent part.

[0128] The above description is merely an embodiment of this application and is not intended to limit the scope of protection of this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the scope of protection of this application.

Claims

1. A communication method, characterized in that, Applied to a controller, the method includes: Receive transmission data sent by a trusted computing device; In response to receiving the transmitted data, the transmitted data is sent to the cloud server, and a challenge request is sent to a third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the transmitted data, and the challenge request carries controller information, which is used by the third-party auditing agency to obtain the transmitted data from the cloud server. After receiving information from the third-party auditing agency indicating the integrity of the transmitted data, the system sends information to the trusted computing device indicating successful communication. This information indicates that the transmitted data has been received by the controller and that the transmitted data has not been tampered with during the communication process.

2. The method according to claim 1, characterized in that, Before receiving the transmission data sent by the trusted computing device, the method further includes: Upon receiving the identity information sent by the trusted computing device and verifying the correctness of the identity information sent by the trusted computing device, the system status data is sent to the cloud server, and a challenge request is sent to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which is the data corresponding to various states of the controller during the startup phase. After receiving information from the third-party auditing agency indicating the completeness of the system status data, it sends its own identity information to the trusted computing device.

3. The method according to claim 1, characterized in that, Before receiving the transmission data sent by the trusted computing device, the method further includes: After receiving the identity information and encryption information sent by the trusted computing device, and verifying the identity of the trusted computing device based on the identity information, the system status data is sent to the cloud server, and a challenge request is sent to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data, which is the data corresponding to various states of the controller during the startup phase. After receiving information from the third-party auditing agency indicating the completeness of the system status data, it sends its own identity information and encrypted information to the trusted computing device. The trusted computing device receives a signature sent by the trusted computing device, wherein the signature is a signature made by the trusted computing device using its own serial number after determining that the identity information of the controller is correct, using the platform identity certificate. After verifying that the signature is correct, it sends its own signature to the trusted computing device.

4. The method according to claim 3, characterized in that, Before sending its own identity information and encrypted information to the trusted computing device, the method further includes: The hash value received from the third-party auditing agency is compared with the hash value calculated by the third-party auditing agency based on the system status data. The hash value sent by the third-party auditing agency is the hash value calculated by the third-party auditing agency based on the system status data. It was determined that the hash value sent by the third-party auditing firm was the same as the calculated hash value.

5. The method according to claim 3 or 4, characterized in that, After sending its own signature to the trusted computing device, the method further includes: After the trusted computing device determines that the controller's signature is correct and sends the public key corresponding to the temporary key generated by the trusted computing device to the controller, the controller receives the public key sent by the trusted computing device. A temporary key is generated, and the public key corresponding to the temporary key is sent to the trusted computing device.

6. A communication method, characterized in that, Applied to a trusted computing device, the method includes: The controller sends transmission data to the controller, so that upon receiving the transmission data, the controller, in response to receiving the transmission data, sends the transmission data to the cloud server and issues a challenge request to a third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the transmission data, and the challenge request carries controller information, which is used by the third-party auditing agency to obtain the transmission data from the cloud server. After receiving information from the third-party auditing agency indicating the integrity of the transmission data, the controller sends information indicating successful communication to the trusted computing device. This information indicates that the transmission data has been received by the controller and that the transmission data has not been tampered with during the communication process. Receive a message from the controller indicating successful communication.

7. The method according to claim 6, characterized in that, Before sending the transmission data to the controller, the method further includes: The system status data is sent to the cloud server, and a challenge request is sent to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data. The system status data is the data corresponding to various states of the system where the trusted computing device is located during the startup phase. After receiving information from the third-party auditing agency indicating the completeness of the system status data, the system sends its own identity information to the controller. Receive the identity information sent by the controller, and verify the identity of the controller based on the identity information.

8. The method according to claim 6, characterized in that, Before sending the transmission data to the controller, the method further includes: The system status data is sent to the cloud server, and a challenge request is sent to the third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the system status data. The system status data is the data corresponding to various states of the system where the trusted computing device is located during the startup phase. After receiving information from the third-party auditing agency indicating the completeness of the system status data, the system sends its own identity information and encrypted information to the controller. Receive identity information and encryption information sent by the controller; After verifying that the identity information sent by the controller is correct, the trusted computing device sends its own signature to the controller. The signature is the signature of its own serial number made by the trusted computing device using the platform identity certificate after determining that the identity information of the controller is correct. Receive the signature sent by the controller and verify that the signature is correct.

9. The method according to claim 8, characterized in that, Before sending its own identity information and encrypted information to the controller, the method further includes: The hash value received from the third-party auditing agency is compared with the hash value calculated by the third-party auditing agency based on the system status data. The hash value sent by the third-party auditing agency is the hash value calculated by the third-party auditing agency based on the system status data. It was determined that the hash value sent by the third-party auditing firm was the same as the calculated hash value.

10. The method according to claim 8 or 9, characterized in that, After verifying the signature is correct, the method further includes: Generate a temporary key and send the public key corresponding to the temporary key to the controller; The system receives the public key corresponding to the controller, and the transmitted data is data encrypted using the private key corresponding to the temporary key generated by the trusted computing device.

11. A communication device, characterized in that, Applied to a controller, the device includes: The receiving module is used to receive transmitted data sent by the trusted computing device; The communication module is configured to, in response to receiving the transmitted data, send the transmitted data to a cloud server and issue a challenge request to a third-party auditing agency. This challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the transmitted data. The challenge request carries controller information, which is used by the third-party auditing agency to retrieve the transmitted data from the cloud server. Upon receiving information from the third-party auditing agency indicating the integrity of the transmitted data, the module sends information indicating successful communication to the trusted computing device. This information indicates that the transmitted data has been received by the controller and that the transmitted data has not been tampered with during the communication process.

12. A communication device, characterized in that, Applied to a trusted computing device, the device comprising: A sending module is configured to send transmission data to a controller, so that upon receiving the transmission data, the controller, in response to receiving the transmission data, sends the transmission data to a cloud server and issues a challenge request to a third-party auditing agency. The challenge request is used to enable the third-party auditing agency to perform an integrity measurement on the transmission data, and the challenge request carries controller information, which is used by the third-party auditing agency to obtain the transmission data from the cloud server. Furthermore, upon receiving information from the third-party auditing agency indicating the integrity of the transmission data, the controller sends information indicating successful communication to the trusted computing device. This information indicates that the transmission data has been received by the controller and has not been tampered with during the communication process. The receiving module is used to receive information sent by the controller indicating successful communication.

13. An electronic device, characterized in that, include: The device body and the controller that performs the communication method as described in any one of claims 1-5, wherein the controller is disposed on the device body.

14. An electronic device, characterized in that, include: The device body and a trusted computing device for performing the communication method as described in any one of claims 6-10, wherein the trusted computing device is disposed on the device body.

15. A computer-readable storage medium, characterized in that, It stores a computer program that, when run by a computer, performs the method as described in any one of claims 1-5, or the method as described in any one of claims 6-10.