Household appliance rental method and electronic device
By introducing a localized communication protocol into the home appliance rental system, and through communication between the energy storage power supply and the appliances, device authentication and session readiness mechanisms are achieved through handshake request frames, handshake response frames, and session ready frames. This enables the technical application between devices, solves the technical problems of device authentication and session key negotiation in existing technologies, improves the technical application, and achieves communication reliability and state synchronization between devices.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SHENZHEN POWEROAK NEWENER CO LTD
- Filing Date
- 2026-02-13
- Publication Date
- 2026-06-09
Smart Images

Figure CN121708685B_ABST
Abstract
Description
Technical Field
[0001] This application belongs to the field of home appliance rental technology, specifically relating to a home appliance rental method and electronic equipment. Background Technology
[0002] With the gradual promotion of home appliance rental service models, providing users with home appliances that can be billed on a per-use basis, enabling flexible electricity use and equipment resource sharing, has become an important way to meet temporary and phased usage needs. Existing home appliance rental systems typically adopt a centralized management architecture, using an external management system to uniformly authorize, control, and manage the operation of rental equipment, realizing functions such as equipment start / stop control, rental status management, and usage information collection, thereby completing the business operation during the rental process.
[0003] However, in the process of developing this application, the inventors discovered at least the following shortcomings in the prior art: Since the leasing control process mainly relies on the participation of an external management system (such as a leasing platform on a server), the leasing authorization process is prone to interruption when the communication environment is limited or the system interaction is unstable, making it difficult to continuously execute equipment operation control. Furthermore, the prior art generally lacks a stable and effective inter-device interaction management mechanism, which easily leads to problems such as delayed command response, untimely feedback of operating status, and insufficient control reliability.
[0004] Therefore, there is an urgent need to provide a home appliance rental solution that can achieve reliable communication connections, stable authorized control, and effective synchronous management of operating status between rental devices while reducing continuous dependence on external systems, so as to improve the continuity, reliability, and adaptability of the rental process in complex application environments. Summary of the Invention
[0005] To address the aforementioned issues, this application provides a home appliance rental method and electronic device to achieve stable communication connections, reliable authorization control, and effective synchronous management of operating status between rental devices, thereby improving the continuity, reliability, and adaptability of the rental process in complex application environments.
[0006] To address the aforementioned technical problems, one technical solution adopted in this application is as follows: A home appliance rental method is provided, applied to an energy storage power supply. The energy storage power supply and the appliance communicate via a preset localized communication protocol. The method includes: receiving a handshake request frame sent by the appliance and performing a first authentication on the handshake request frame to obtain a first authentication result; when the first authentication result meets a first preset condition, sending a handshake response frame to the appliance to enable the appliance to perform a second authentication on the handshake response frame to obtain a second authentication result; when the second authentication result meets a second preset condition, sending a session ready frame to the energy storage power supply; receiving the session ready frame sent by the appliance and performing key verification on the session ready frame to obtain a second authentication result. Key verification result; when the key verification result meets the third preset condition, a session confirmation frame is sent to the appliance so that the appliance can establish a communication connection with the energy storage power source based on the session confirmation frame; after the communication connection is established, a heartbeat frame is sent to the appliance so that the appliance can perform a liveness detection on the heartbeat frame, obtain a liveness detection result, and send a heartbeat reply frame to the energy storage power source based on the liveness detection result; at the same time, after the communication connection is established, an activation command frame sent by the appliance is received, and the activation command frame is activated and verified to obtain an activation verification result; based on the activation verification result, an execution result frame is sent to the appliance so that the appliance can verify the execution result frame, obtain a verification result, and send a result confirmation frame to the energy storage power source based on the verification result.
[0007] In some embodiments, the first authentication result includes a negotiation result. When the first authentication result meets a first preset condition, a handshake response frame is sent to the appliance, including: when the first authentication result meets the first preset condition, obtaining the appliance's preset public key, the power supply's preset private key, the power supply device identifier, the first private key, and the session identifier; calculating the first private key to obtain the power supply's public key; encrypting the session identifier based on the appliance's preset public key to obtain the power supply session identifier; digitally signing the power supply device identifier, the power supply's public key, the negotiation result, and the power supply session identifier based on the power supply's preset private key to obtain a power supply digital signature; constructing a protocol frame based on the power supply device identifier, the power supply's public key, the negotiation result, the power supply session identifier, and the power supply digital signature based on a localized communication protocol, generating a handshake response frame, and sending the handshake response frame to the appliance.
[0008] In some embodiments, the first authentication result includes the appliance's public key, and the method further includes: calculating a shared key by using the first private key and the appliance's public key; and hashing the shared key to obtain a target session key.
[0009] In some embodiments, after a communication connection is established, sending a heartbeat frame to an appliance includes: obtaining status data segment information; encrypting the status data segment information based on a target session key to obtain encrypted status data segment information; constructing a protocol frame based on a localized communication protocol using the session identifier and the encrypted status data segment information to generate a heartbeat frame, and sending the heartbeat frame to the appliance.
[0010] In some embodiments, the activation verification result includes an instruction code, a rental time, and a result code. Based on the activation verification result, an execution result frame is sent to the appliance, including: constructing a protocol stack based on the session identifier, instruction code, rental time, and result code according to a localized communication protocol, generating an execution result frame, and sending the execution result frame to the appliance.
[0011] To solve the above-mentioned technical problems, another technical solution adopted in this application is: providing a home appliance rental method, applied to home appliances, wherein the home appliances and energy storage power sources communicate and connect through a preset localized communication protocol. The method includes: sending a handshake request frame to the energy storage power source, so that the energy storage power source receives the handshake request frame sent by the home appliance and performs a first authentication on the handshake request frame to obtain a first authentication result; when the first authentication result meets a first preset condition, sending a handshake response frame to the home appliance; performing a second authentication on the handshake response frame to obtain a second authentication result; when the second authentication result meets a second preset condition, sending a session ready frame to the energy storage power source, so that the energy storage power source receives the session ready frame sent by the home appliance and performs a session ready on the handshake request frame to obtain a first authentication result; when the second authentication result meets a second preset condition, sending a session ready frame to the energy storage power source, so that the energy storage power source receives the session ready frame sent by the home appliance and performs a session ready on the handshake response frame to obtain a second authentication result; when the second authentication result meets a second preset condition, sending a session ready frame to the energy storage power source, so that the energy storage power source receives the session ready frame sent by the home appliance and performs a session ready on the handshake response frame to obtain a first authentication result; when the first authentication result meets a first preset condition, sending a session ready frame to the energy storage power source, so that the energy storage power source receives the session ready frame sent by the home appliance and performs a session ready on the handshake response frame to obtain a first authentication result; when the first authentication result meets a first preset condition, sending a session ready frame to the energy storage power source, so that the energy storage power source receives the session ready frame sent by the home appliance and performs a session ready on the handshake response frame to obtain a first authentication result; when the first authentication result meets a second ... The system performs key verification on the start frame and obtains the key verification result. When the key verification result meets the third preset condition, a session confirmation frame is sent to the appliance. A communication connection is established with the energy storage power source based on the session confirmation frame. After the communication connection is established, the system receives the heartbeat frame sent by the energy storage power source, performs a liveness detection on the heartbeat frame, obtains the liveness detection result, and sends a heartbeat reply frame to the energy storage power source based on the liveness detection result. At the same time, after the communication connection is established, an activation command frame is sent to the energy storage power source so that the energy storage power source performs activation verification on the activation command frame and obtains the activation verification result. Based on the activation verification result, an execution result frame is sent to the appliance. The execution result frame is verified to obtain the verification result, and a result confirmation frame is sent to the energy storage power source based on the verification result.
[0012] In some embodiments, sending a handshake request frame to the energy storage power source includes: obtaining the electrical device hardware identifier, negotiation parameter list information, a second private key, and a preset private key for the electrical device; calculating the second private key to obtain the electrical device public key; digitally signing the electrical device hardware identifier, negotiation parameter list information, and electrical device public key based on the preset private key to obtain an electrical device digital signature; and constructing a protocol frame based on the electrical device hardware identifier, negotiation parameter list information, electrical device public key, and electrical device digital signature according to a localized communication protocol to generate a handshake request frame and sending the handshake request frame to the energy storage power source.
[0013] In some embodiments, the second authentication result includes a target session key and a session identifier. When the second authentication result meets a second preset condition, a session ready frame is sent to the energy storage power source, including: encrypting the session identifier based on the target session key to obtain an encrypted session identifier; digitally signing the encrypted session identifier based on a second private key to obtain a session digital signature; constructing a protocol frame based on the encrypted session identifier and the session digital signature based on a localized communication protocol to generate a session ready frame, and sending the session ready frame to the energy storage power source.
[0014] In some embodiments, sending an activation instruction frame to the energy storage power source includes: obtaining an activation code, a session identifier, an instruction code, and a leasing platform private key; digitally signing the activation code based on the leasing platform private key to obtain an activation code digital signature; constructing a protocol frame based on a localized communication protocol using the session identifier, instruction code, activation code, and activation code digital signature to generate an activation instruction frame, and sending the activation instruction frame to the energy storage power source.
[0015] To solve the above-mentioned technical problems, another technical solution adopted in the embodiments of this application is: to provide an electronic device, including: at least one processor; and a memory communicatively connected to the at least one processor; wherein the memory stores instructions that can be executed by the at least one processor, and the instructions are executed by the at least one processor to enable the at least one processor to perform the above-mentioned method.
[0016] Unlike related technologies, this application provides a home appliance rental method and electronic device. The energy storage power supply completes device authentication and session key negotiation through handshake request frames, handshake response frames, session ready frames, and session confirmation frames, establishing a trusted communication connection. It performs bidirectional status synchronization through heartbeat frames and heartbeat reply frames, transmitting power level, remaining rental time, and fault codes to achieve real-time monitoring and anomaly handling of device status, improving operational reliability. It manages rental time and authorization status in a closed loop through activation command frames and execution result frames, ensuring controllable execution of rental operations and preventing time tampering, avoiding reliance on external system verification. Based on this, this application achieves continuity of the rental process, reliable authorization management, and device status synchronization through reliable interaction between the energy storage power supply and electrical equipment based on a preset localized communication protocol, thereby improving the adaptability, continuity, and stability of the home appliance rental service. Attached Figure Description
[0017] One or more embodiments are illustrated by way of example with reference to the accompanying drawings. These illustrations do not constitute a limitation on the embodiments. Elements having the same reference numerals in the drawings are denoted as similar elements. Unless otherwise stated, the figures in the drawings are not to be limited by scale.
[0018] Figure 1 This is a schematic diagram of the structure of a home appliance rental system provided in an embodiment of this application;
[0019] Figure 2 This is a flowchart of a home appliance rental method provided in an embodiment of this application;
[0020] Figure 3 This is a flowchart of a home appliance rental method provided in another embodiment of this application;
[0021] Figure 4 This is a schematic diagram of the hardware structure of an electronic device provided in an embodiment of this application. Detailed Implementation
[0022] To make the objectives, technical solutions, and advantages of the embodiments of this application clearer, the technical solutions of the embodiments of this application will be clearly and thoroughly described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, not all embodiments. It should be understood that the specific embodiments described herein are only used to explain this application and are not intended to limit this application.
[0023] It should be noted that, unless otherwise specified, the various features in the embodiments of this application can be combined with each other, all of which are within the protection scope of this application. When an element is described as "connected" to another element, it can be directly connected to the other element, or there may be one or more intervening elements between them.
[0024] The terms "first," "second," "third," etc., used in the specification and claims of this application are used to distinguish similar objects and are not used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that embodiments of this application can be implemented in orders other than those illustrated or described herein, and the objects distinguished by "first," "second," "third," etc., are generally of the same class and are not limited in number; for example, a first object can be one or more.
[0025] Unless otherwise defined, all technical and scientific terms used in this specification have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used in this specification is for the purpose of describing particular embodiments only and is not intended to limit the scope of this application.
[0026] With the popularization of the sharing economy and circular economy concepts, the home appliance rental market has developed rapidly in recent years, effectively reducing users' one-time purchase costs and meeting diverse usage needs such as urban migrant populations, short-term needs, and outdoor scenarios. Current mainstream home appliance rental solutions mainly rely on IoT technology, communicating with cloud platforms through built-in cellular networks or Wi-Fi modules in appliances to achieve remote unlocking, status monitoring, and billing management. However, these solutions are highly dependent on a stable power grid and network coverage, and suffer from problems such as rental process interruptions, equipment unusability, and unmonitored status in power outages, weak network conditions, or off-grid environments. Furthermore, they are costly to hardware, complex to maintain, and restrict user privacy and autonomy, making them unsuitable for outdoor or mobile rental scenarios.
[0027] Therefore, this application provides a home appliance rental method and electronic device, proposing a home appliance rental solution that combines energy storage power supply with electrical appliances using a new localized communication protocol, creating a self-contained home appliance rental solution that does not completely rely on the power grid and wide area network.
[0028] Specifically, in scenarios without a power grid (such as outdoor camping and temporary disaster relief sites), energy storage power supplies can serve as "mobile power grids" to meet users' basic electricity needs, such as camping lights and mini electric cookers, without relying on mains power. Moreover, most existing mainstream home appliance rental programs rent fixed appliances and require long-term rentals. In contrast, this application uses "appliance + energy storage power supply" as a whole rental unit, which can achieve multiple advantages such as "lightweight equipment combination (users can choose and match power supplies and appliances as needed)" and "flexible rental duration (supports rental by day / hour, and renewal can be flexibly extended through activation codes)".
[0029] In addition, existing mainstream rental solutions require devices to be connected to the internet to complete identity authentication (such as binding user accounts in the cloud), rental renewal (cloud-based deduction and authorization), status detection (cloud-based synchronization of device failures), and the rental process is interrupted when the network is down. The solution to the above problems in this application is as follows:
[0030] (1) Localized identity authentication: Through handshake request frame and handshake response frame, two-way authentication between energy storage power supply and electrical appliances is realized without cloud verification;
[0031] (2) Localized renewal verification: The dynamic activation code includes "power equipment identification number + activation code validity period + rental duration", and the energy storage power is verified locally (no need to connect to the cloud database). After the verification is successful, the rental time is directly updated.
[0032] (3) Localized status monitoring: Through heartbeat frames and heartbeat response frames, information such as the remaining power of the energy storage power supply, the remaining rental time, fault codes and the working status of the electrical appliances can be synchronized. Users can immediately view the status of the equipment on the electrical appliance screen locally. One communication completes dual functions and reduces the bandwidth occupation of the serial port.
[0033] (4) Rental time is saved locally: The remaining rental time is stored locally. Even if the network is disconnected, the user can still use the device normally during the rental period and will not be prohibited from using the device due to the network disconnection.
[0034] The above-mentioned technical concepts can ensure that the rental equipment can continue to execute the rental process, reliably manage authorization and synchronize status even in complex scenarios. At the same time, it supports on-demand renewal, instant access and combination of energy storage power and electrical appliances, which significantly improves the adaptability, continuity and stability of home appliance rental services.
[0035] Please see Figure 1 , Figure 1 This is a schematic diagram of the structure of a home appliance rental system provided in an embodiment of this application. Figure 1As shown, the home appliance rental system 100 includes: an energy storage power source 10, appliances 20, a server 30 (providing an online rental platform), and a user terminal 40. During the rental process, users access the server 30 through the user terminal 40 to reserve the required energy storage power source 10 and appliances 20, and select the expected rental time. The system supports users to obtain the equipment through in-store pickup or instant delivery. After delivery, appliances 20 can be used immediately on the energy storage power source 10. Initial activation is achieved by sending an activation command frame and the energy storage power source 10 locally verifying the activation code. If the user needs to extend the rental time, they can obtain a new activation code from the server 30 and send it to the energy storage power source 10, which will then locally verify and update the remaining rental time without relying on remote communication. Simultaneously, the energy storage power source 10 and appliances 20 maintain bidirectional status synchronization through heartbeat frames and heartbeat reply frames, transmitting power levels, remaining rental time, and fault information, enabling real-time monitoring of equipment status and handling of anomalies, thereby ensuring the continuity and reliability of the rental process under various environments. Through this rental model, the home appliance rental system 100 can achieve flexible equipment combinations, expandable rental time, convenient operation, and stable operation even in complex environments.
[0036] In addition, the home appliance rental system provided in this application adopts a localized communication protocol to ensure the reliability and real-time performance of data interaction between the energy storage power supply 10 and the appliance 20. The overall architecture of the protocol includes: a handshake mechanism, a heartbeat mechanism, an information sending mechanism, and a basic security layer. Each module is interdependent and works collaboratively to ensure the continuity and security of the rental process in a localized environment.
[0037] The foundational layer forms the underlying support for the entire protocol. All protocol frames are mandated to include a CRC checksum to verify data integrity and reliability during transmission. Before the handshake, both communicating parties negotiate serial port parameters, including baud rate, data bits, and stop bits, to ensure transmission compatibility and data integrity across different devices. This layer also handles abnormal transmission situations; for example, in the event of frame verification failure, it notifies the sender to retransmit via a frame error message to prevent data loss or misoperation.
[0038] The handshake mechanism, serving as the communication entry point, is responsible for device authentication and session key negotiation. The handshake process includes a handshake request frame, a handshake response frame, a session ready frame, and a session confirmation frame. Only after a successful handshake can the energy storage power supply and electrical appliances exchange heartbeat and information frames, thus ensuring the security and reliability of the communication link. The handshake mechanism also provides replay and tamper-proof security, ensuring that leasing operation commands are executed only between legitimate devices.
[0039] The heartbeat mechanism is used for bidirectional status synchronization and link health monitoring between the energy storage power supply and electrical appliances. The energy storage power supply actively sends heartbeat frames, and the electrical appliances reply with heartbeat response frames, which are used to transmit information such as power supply capacity, remaining lease time, fault codes, and appliance operating status. When the device status reaches a preset threshold, the heartbeat mechanism can trigger a local warning or link interruption protection to ensure the safe operation of the device under abnormal conditions.
[0040] The information transmission mechanism enables electrical appliances to send activation codes for renewal, status queries, and other control commands to the energy storage power source, supporting rental time management and equipment operation. This mechanism works closely with the handshake and heartbeat mechanisms to ensure that all commands are executed only after local verification and supports exception handling, such as retransmission mechanisms for frame loss or parsing errors.
[0041] In terms of protocol frame design, the localized communication protocol adopts a standardized frame header structure to ensure efficient and accurate communication parsing. As shown in Table 1, each protocol frame contains a fixed-length frame header identifier (2 bytes), frame type code (2 bytes), data length (2 bytes), a variable-length valid data segment (≤1024 bytes), a checksum bit (CRC-32, 4 bytes), and a frame trailer (2 bytes). Frame type codes are allocated according to protocol modules: handshake-related frames 0x0001~0x000F, heartbeat-related frames 0x0010~0x001F, and information transmission-related frames 0x0020~0x002F. Special frames such as 0x0030 can also be set for frame error indication and retransmission requests. The receiver can route frames to the corresponding processing template by parsing the frame header, achieving modular processing and efficient response.
[0042] Table 1 - Standardized Frame Header Structure
[0043]
[0044] Through this architecture, the localized communication protocol can achieve secure and reliable communication, rental time management, status synchronization and anomaly protection between energy storage power sources and electrical appliances without relying on remote networks, thereby ensuring the stable operation and continuous service of the home appliance rental system in complex or off-grid environments.
[0045] The implementation process of the home appliance rental method provided in this application will be described in detail below with reference to specific embodiments.
[0046] Please see Figure 2 , Figure 2 This is a flowchart illustrating a home appliance rental method provided in an embodiment of this application. Figure 2 As shown, this method is applied to energy storage power supplies. The energy storage power supply and electrical appliances communicate with each other through a preset localized communication protocol. The method includes S11-S14:
[0047] S11: Receive the handshake request frame sent by the appliance, and perform first authentication on the handshake request frame to obtain the first authentication result; when the first authentication result meets the first preset condition, send the handshake response frame to the appliance so that the appliance performs second authentication on the handshake response frame to obtain the second authentication result; when the second authentication result meets the second preset condition, send the session ready frame to the energy storage power supply.
[0048] The first authentication result includes a negotiation result. When the first authentication result meets the first preset condition, a handshake response frame is sent to the appliance, including: when the first authentication result meets the first preset condition, obtaining the appliance's preset public key, the power supply's preset private key, the power supply device identifier, the first private key, and the session identifier; calculating the first private key to obtain the power supply's public key; encrypting the session identifier based on the appliance's preset public key to obtain the power supply session identifier; digitally signing the power supply device identifier, the power supply's public key, the negotiation result, and the power supply session identifier based on the power supply's preset private key to obtain the power supply digital signature; and constructing a protocol frame based on the power supply device identifier, the power supply's public key, the negotiation result, the power supply session identifier, and the power supply digital signature based on a localized communication protocol to generate a handshake response frame and send the handshake response frame to the appliance.
[0049] The first authentication result includes the appliance's public key, and the method also includes: calculating the first private key and the appliance's public key to obtain a shared key; and hashing the shared key to obtain the target session key.
[0050] Specifically, the energy storage power supply receives the handshake request frame sent by the appliance and performs the first authentication; after successful authentication, it generates and sends a handshake response frame to the appliance, completing the second authentication; finally, after the appliance confirms, it generates a target session key to provide security for subsequent heartbeat and information transmission mechanisms. The specific implementation process is as follows:
[0051] (1) Receiving Handshake Request Frames and Basic Verification: First, the energy storage power supply receives handshake request frames sent by electrical appliances via a serial port (the handshake request frame contains the electrical appliance hardware identifier, negotiation parameter list, electrical appliance public key, and electrical appliance digital signature). Then, the handshake request frame is subjected to basic frame integrity verification, which checks whether the frame header and frame trailer match. If they do not match, the frame is discarded and no response is given; if they match, the CRC-32 check value is calculated for the "frame header ~ electrical appliance digital signature" field and compared with the CRC-32 field in the frame. If they do not match, the frame is discarded and no response is given.
[0052] Secondly, the first authentication operation (appliance verification) is performed. This involves using the pre-installed public key (i.e., the applicator's RSA public key) within the energy storage power supply to decrypt the app's digital signature in the handshake request frame, obtaining a hash value. The SHA-256 hash value of "appliance device hardware identifier + negotiation parameter list + applicator public key" is then recalculated. This hash value is compared with the decrypted hash value. If they match, the app is confirmed as a legitimate device, and the applicator's public key and negotiation parameter list are recorded; otherwise, no response is given. Finally, the first authentication result includes the applicator's public key and the negotiation result (supported encryption algorithms, serial port baud rate, etc.). Additionally, for the recorded negotiation parameter list, it's necessary to determine compatibility between the energy storage power supply and the applicator. For example, the app might only support AES-256 encryption algorithms, while the energy storage power supply only supports SM4. In this case, no response can be given as incompatibility.
[0053] (2) Generate handshake response frame: When the first authentication result meets the first preset condition (i.e., the electrical appliance is valid and the negotiation parameters match), the energy storage power supply performs the following steps to generate a handshake response frame:
[0054] 1) Generate temporary key and target session key for energy storage power supply: Randomly generate a 256-bit temporary private key locally. ( satisfy (where n is the order of the ECC curve), and denoted as the first private key. It should be noted that this private key needs to be destroyed immediately after the handshake is complete. Subsequently, the energy storage power source uses a pre-defined elliptic curve generator G as a base point, and connects the generator G with the temporary private key... Perform elliptic curve dot product to obtain the corresponding temporary public key. , denoted as the power supply public key, is calculated using the following formula:
[0055] ;
[0056] in, It is in the form of point coordinates on an elliptic curve, specifically including a 256-bit x-coordinate component and a 256-bit y-coordinate component, which are concatenated according to a preset byte order to form 64 bytes of public key data.
[0057] Obtain the power public key Subsequently, the energy storage power source further reads the electrical public key carried in the handshake request frame by the electrical equipment side. (Also represented in elliptic curve coordinates), through the public key of the electrical appliance With the first private key Perform elliptic curve dot product to calculate the shared key point. The calculation formula is as follows:
[0058] ;
[0059] Among them, shared key points Includes the corresponding x-coordinate (32 bytes) and y-coordinate (32 bytes).
[0060] Subsequently, the shared key point was extracted. The x-coordinate is used as the shared key K, and a SHA-256 hash operation is performed on the shared key K. The first 32 bytes of the result are taken as the target session key S, which is used for encryption and integrity verification in subsequent heartbeat communication and information exchange processes.
[0061] 2) Generating a Power Supply Session Identifier (to prevent replay attacks): The energy storage power supply randomly generates a 16-byte random number as the session ID for this session, denoted as the session identifier. It should be noted that this session ID needs to be bound to the target session key S after the handshake is complete, and each new handshake should have a new session ID. Subsequently, the session ID is encrypted using the pre-set public key of the electrical appliance (i.e., the electrical appliance's RSA public key) within the energy storage power supply (to prevent interception and forgery by third parties; only the corresponding electrical appliance can decrypt it), and the encrypted session ID is recorded as the power supply session identifier, with a length of 256 bytes.
[0062] 3) Generate power supply digital signature: Based on the power supply's built-in preset private key (i.e., the power supply RSA private key), perform RSA signature (SHA-256 hash) on "power supply device identifier (i.e. power supply SN code) + power supply public key + negotiation result (encryption algorithm, baud rate, etc.) + power supply session identifier" to obtain the power supply digital signature.
[0063] 4) Protocol Frame Construction: As shown in Table 2, according to the localized communication protocol, the following contents are framed according to the standard frame header structure: frame header, frame type encoding (handshake response frame 0x0002), data length, power device identifier, power public key, negotiation result, power session identifier, power digital signature, CRC-32 check bit, and frame trailer.
[0064] Table 2 - Handshake Response Frame Structure
[0065]
[0066] (3) Sending a handshake response frame: Send a handshake response frame to the appliance according to the negotiated baud rate, and start a timeout timer (e.g., 5 seconds) to wait for the appliance to return a session ready frame. If no confirmation is received within the timeout period, it can be retransmitted a certain number of times (e.g., 2 times) according to the protocol. If no response is received after the number of times exceeds the limit, it is considered a communication interruption, and the handshake fails and ends. It can be understood that when the appliance receives the handshake response frame sent by the energy storage power source, it will perform a second authentication on the handshake response frame to obtain a second authentication result; when the second authentication result meets the second preset condition, it will send a session ready frame to the energy storage power source. It should be noted that the implementation process of the second authentication and session ready frame generation in this embodiment will be described in detail in the section on the appliance side below, and will not be described in detail here.
[0067] By performing frame header and trailer matching verification and CRC-32 integrity verification on the handshake request frame, noise interference frames and maliciously constructed frames can be promptly eliminated at the communication entry stage, ensuring the reliability of the data upon which subsequent authentication is based. Based on this, a verification mechanism combining the appliance hardware identifier and the appliance RSA public key is implemented to achieve strong and reliable authentication of the appliance's identity, preventing counterfeit terminals or unauthorized devices from impersonating and accessing the system. Furthermore, after successful authentication, the energy storage power supply calculates and generates a target session key using a temporary key and a shared key, and introduces a session identifier and RSA encryption encapsulation mechanism, ensuring that each communication session has an independent key and a unique identifier, effectively preventing replay attacks caused by historical key leaks and the risk of long-term key cracking. Simultaneously, by negotiating the encryption algorithm type and serial communication parameters during the handshake stage, the system can adapt to devices of different performance levels while ensuring security, achieving a balance between communication reliability and resource utilization efficiency. Therefore, by introducing a two-way identity authentication mechanism based on standardized protocol frame verification, unique device identifier binding, and dynamic session key negotiation mechanism, the energy storage power supply and electrical appliances can complete data integrity verification, device legitimacy confirmation, and secure communication parameter negotiation at the initial stage of establishing a communication connection, thereby eliminating the risks of unauthorized device access, data tampering, and link hijacking from the protocol layer.
[0068] S12: Receive the session ready frame sent by the appliance, and perform key verification on the session ready frame to obtain the key verification result; when the key verification result meets the third preset condition, send the session confirmation frame to the appliance so that the appliance can establish a communication connection with the energy storage power source according to the session confirmation frame.
[0069] First, the energy storage power supply receives a session ready frame (containing an encrypted session identifier and a session digital signature) sent by the appliance via a serial port. Then, it performs a basic frame integrity check on the session ready frame, examining the frame header / tail and CRC-32; if a mismatch is found, the frame is discarded and a handshake response frame is retransmitted.
[0070] Secondly, key verification is performed on the session ready frame to obtain the key verification result. This means that the encrypted session identifier in the session ready frame is decrypted using the target session key S obtained above, and the decrypted session identifier is compared with the session identifier obtained in step S11. If the session identifiers do not match, it is determined that "key negotiation failed," the handshake fails, and the process ends; if the session identifiers match, the session digital signature verification continues. It is understood that the appliance's public key is used. The process involves verifying the session digital signature, decrypting the signature to obtain its hash value, recalculating the SHA-256 hash value of the encrypted session identifier, and comparing them to ensure the data remains tamper-proof. Finally, the key verification results include whether the session identifier and the session digital signature match. Additionally, the "session identifier + target session key + negotiation parameters" are stored in a temporary cache (effective after the handshake ends and cleared if communication is interrupted).
[0071] When the key verification result meets the third preset condition (session identifier and session digital signature match), a session confirmation frame is constructed. It can be understood that after confirming the session ready frame is correct, the energy storage power supply generates a corresponding session ready confirmation command and encrypts this command using the target session key S to obtain the confirmation command (plaintext 0x00000001, encrypted as 32 bytes). As shown in Table 3, according to the localized communication protocol, the following content is framed according to the standard frame header structure: frame header, frame type encoding (session confirmation frame 0x0004), data length, confirmation command, CRC-32 checksum, and frame trailer.
[0072] Table 3 - Session Acknowledgment Frame Structure
[0073]
[0074] Finally, a session confirmation frame is sent to the appliance so that upon receiving it, the appliance performs a basic frame check, inspecting the frame header / tail and CRC-32. If a mismatch is found, the session ready frame is retransmitted (up to two times). The appliance uses the target session key S to decrypt the confirmation command, obtaining a plaintext instruction, confirming that the energy storage power supply is ready. At this point, the appliance and the energy storage power supply formally establish a communication connection, ending the handshake phase and proceeding to the heartbeat and information exchange phase (all subsequent data (heartbeat frames, activation codes, etc.) are encrypted and transmitted using the target session key S).
[0075] S13: After the communication connection is established, a heartbeat frame is sent to the appliance so that the appliance can detect the survival status of the heartbeat frame, obtain the survival status detection result, and send a heartbeat reply frame to the energy storage power source based on the survival status detection result.
[0076] The process of sending a heartbeat frame to an appliance after the communication connection is established includes: obtaining status data segment information; encrypting the status data segment information based on the target session key to obtain encrypted status data segment information; constructing a protocol frame based on the session identifier and the encrypted status data segment information according to the localized communication protocol, generating a heartbeat frame, and sending the heartbeat frame to the appliance.
[0077] After the communication connection between the energy storage power supply and the electrical appliances is established, the energy storage power supply performs a heartbeat frame transmission operation, the specific implementation process of which is as follows:
[0078] (1) Status data acquisition and frame data preparation: The energy storage power supply first acquires the current status information locally. The status data segment information includes, but is not limited to: remaining power (1 byte, percentage, 0~100), remaining lease time (4 bytes, in minutes, expandable as needed), fault code (2 bytes, such as 0x0002 indicating power overcurrent), and other expandable information (such as temperature, current, electrical operating mode, etc.). Subsequently, the energy storage power supply packages the above status data segment information according to the predefined byte order to form a complete status data segment (32 bytes).
[0079] (2) Status Data Encryption: To ensure the security of the heartbeat frame transmission process, the energy storage power supply uses the target session key S to encrypt the status data segment information. The encryption algorithm is determined by negotiation during the handshake phase (e.g., AES-256 or SM4), and the ciphertext obtained after encryption is the encrypted status data segment information of the heartbeat frame. This process can prevent the status information from being intercepted or tampered with during transmission.
[0080] (3) Heartbeat Frame Construction: As shown in Table 4, after encryption is completed, the energy storage power supply assembles the heartbeat frame according to the localized communication protocol to construct a complete protocol frame, including the following fields: Frame Header (2 bytes): Fixed value, used to quickly identify the beginning of the frame; Frame Type Encoding (2 bytes): 0x0010, identified as the heartbeat frame type; Data Length (2 bytes): Number of valid data segments; Session Identifier (16 bytes): Unique identifier ID of this session, bound to the target session key S, used to distinguish different sessions and prevent replay attacks; Status Data Segment Information (32 bytes): Encrypted status data segment, including the remaining power of the power supply, remaining lease time, fault code and other status information; CRC-32 Check Bit (4 bytes): CRC-32 calculation is performed on the "Frame Header ~ Status Data Segment Information" field to detect whether an error occurs during frame transmission; Frame Tail (2 bytes): Fixed value, used to quickly locate the frame tail.
[0081] Table 4 - Heartbeat Frame Structure
[0082]
[0083] (4) Heartbeat Frame Transmission: The energy storage power supply transmits heartbeat frames according to the heartbeat cycle determined by the current scenario: Normal scenario (battery level ≥ 20%, remaining rental time ≥ 10 minutes): 30 seconds / time; Critical scenario (battery level < 20%, remaining rental time < 10 minutes): 5 seconds / time; Fault scenario (fault code ≠ 0x0000): 2 seconds / time. During transmission, the energy storage power supply sends the constructed heartbeat frame to the appliance through a serial port or other physical communication interface, and simultaneously starts a multi-level timeout timer to ensure reliable arrival of the heartbeat frame. If no heartbeat reply frame is received from the appliance within a specified time (e.g., 5 seconds), a retransmission mechanism will be triggered; if three retransmission failures are accumulated, communication is judged to be interrupted, and a "soft lockout" mechanism is initiated (the energy storage power supply stops outputting and retains a minimum of 5% battery level for subsequent reconnection); if communication is continuously interrupted for more than 10 minutes, a "hard lockout" is triggered, the power is completely cut off, and the user is required to restart. Finally, after receiving the heartbeat frame, the appliance performs a survival status check on the heartbeat frame, obtains the survival status check result, and sends a heartbeat reply frame to the energy storage power source based on the survival status check result. The heartbeat reply frame includes the appliance's operating status information.
[0084] It should be noted that, as shown in Table 5, the above fault codes include, but are not limited to: no fault, energy storage power supply overheating, energy storage power supply overcurrent, electrical overload, etc., and can be further expanded according to the actual situation.
[0085] Table 5 - Definitions of Common Fault Codes
[0086]
[0087] After the communication connection is established, the energy storage power supply encrypts and encapsulates status data segments containing remaining power, remaining lease time, fault codes, and operating status based on the target session key, and periodically sends heartbeat frames. This allows the heartbeat mechanism to synchronize key operating statuses while performing equipment liveness detection, thus avoiding the waste of communication resources caused by traditional empty heartbeats used only for link keep-alive and significantly improving the real-time performance of status awareness. Simultaneously, by incorporating the session identifier and encrypted status data segment information into the protocol frame structure and using CRC-32 integrity verification, not only are replay attacks and data tampering effectively prevented, but the reliability of heartbeat communication transmission is also ensured in complex electromagnetic environments. Furthermore, the heartbeat sending cycle is dynamically adjusted based on the power supply's remaining power, remaining lease time, and fault codes, reducing communication load under normal operating conditions and increasing monitoring frequency under critical or abnormal conditions, thereby achieving synergistic optimization of resource utilization efficiency and risk response speed. Combined with multi-level timeout retransmission and soft / hard locking protection strategies, the output can be promptly interrupted and a safe state can be entered when communication anomalies or equipment failures occur, avoiding the risks of timeout operation, unauthorized use, or equipment damage. Thus, through the collaborative design of encrypted state fusion heartbeat, dynamic periodic control and multi-level protection mechanisms, the reliability of communication, the security of operation and the accuracy of rental management are improved simultaneously, providing key technical support for the stable operation of the home appliance rental system in complex usage scenarios.
[0088] S14: Simultaneously, after the communication connection is established, the system receives the activation command frame sent by the appliance, performs activation verification on the activation command frame, and obtains the activation verification result; based on the activation verification result, the system sends the execution result frame to the appliance so that the appliance can verify the execution result frame, obtain the verification result, and send the result confirmation frame to the energy storage power source based on the verification result.
[0089] The activation verification result includes the instruction code, rental time, and result code. Based on the activation verification result, an execution result frame is sent to the appliance. This includes: constructing a protocol frame based on the session identifier, instruction code, rental time, and result code using a localized communication protocol, generating an execution result frame, and sending the execution result frame to the appliance.
[0090] After the communication connection is established, the energy storage power supply enters the command interaction state to receive activation command frames sent by the appliance side and execute lease authorization control. Specifically, when the appliance needs to activate the equipment or renew the lease period, it constructs an activation command frame based on the localized communication protocol. This frame includes, in sequence, a standard frame header, a command type frame encoding, a data length, a session identifier, a command code, and an activation code encrypted with the target session key. It also includes a digital signature of the activation code generated by the leasing platform's private key and a CRC-32 checksum to ensure the legitimacy of the command source and the integrity of the data. The instruction code is used to identify the current operation type. Different instructions correspond to different permission levels. For example, ordinary permission (user): activation renewal instruction (0x10), operation and maintenance permission (staff): fault reset instruction (0x12) or power query instruction (0x13), administrator permission (leasing platform) key reset instruction (0x14). The activation code is a dynamic authorization data string with power equipment binding and time limit. It includes at least the activation code validity period (e.g., 5 minutes, expires after time limit), power equipment identification number (i.e., energy storage power SN code), renewal duration (e.g., 0x003C=60 minutes) and platform digital signature (signed using the leasing platform's private key to ensure the legality of the activation code), which is used to realize authorization time limit control and device binding anti-reuse protection.
[0091] After receiving the activation command frame, the energy storage power supply first performs basic verification processing on the protocol frame, including frame header / tail matching verification and CRC-32 verification, to confirm that the communication data has not been corrupted. Then, it parses the session identifier and compares it with the currently valid session to prevent cross-session or replay attacks. After the basic verification passes, the energy storage power supply uses the target session key to decrypt the activation code, obtaining the original activation code content, and then executes the activation verification process sequentially, including:
[0092] (1) Verify the validity period of the activation code and its binding relationship with the power device identification number (power SN code): verify the digital signature of the activation code to confirm the legality of the activation code source; verify the validity period of the activation code to prevent expired authorization; and verify the matching between the power device identification number carried in the activation code and the local power SN code to prevent cross-device reuse.
[0093] After verifying the validity of the activation code, the energy storage power source first sends a command reception confirmation frame to the electrical appliance to inform it that the activation command frame has been successfully parsed and has entered the execution process. This command reception confirmation frame is constructed based on a localized communication protocol and includes at least a frame header, frame type code (0x0021), data length, session identifier, command code, reception confirmation command (0x00 indicates successful reception), CRC-32 (checksum), and frame trailer. The reception confirmation command indicates whether the activation command frame has been normally received and processed by the energy storage power source; for example, setting it to a success flag (0x00) indicates entry into the execution phase.
[0094] (2) Update the lease time and generate the execution result frame: Based on the renewal duration contained in the activation code (e.g., 0x003C=60 minutes) and the remaining lease time of the energy storage power supply's local storage, calculate the renewed lease time and update the lease time of the local storage according to the calculated lease time. Each time the lease time is updated, the following requirements must be met: 1) The digital signature verification of the activation code is successful; 2) Ensure that the lease time does not exceed the system's preset upper limit (e.g., 72 hours); 3) The time difference before and after the update does not exceed the renewal duration specified in the activation code. 1 second. If the above requirements are not met, the update will be rejected and the result code "Invalid activation code (0x01)" will be returned.
[0095] It is understood that the above verification processes together constitute the activation verification process, and the final activation verification result includes at least the instruction code, the calculated rental time, and the result code. The result code is used to characterize whether the verification was successful or failed, and the specific reason for failure. As shown in Table 6, common result codes in this embodiment are as follows:
[0096] Table 6 - Definitions of Result Codes Returned After Using Common Activation Codes
[0097]
[0098] Based on the above processing results, the energy storage power supply constructs an execution result frame and sends it to the appliance. The execution result frame includes, in sequence, a frame header, a frame type code (0x0022), data length, session identifier, instruction code, lease time, result code, CRC-32 (checksum), and a frame trailer. The lease time is used to synchronize the updated lease duration with the appliance, and the result code clearly indicates the execution status, such as successful activation, expired activation code, device mismatch, signature verification failure, or authorization time exceeding the limit.
[0099] After receiving the execution result frame, the appliance performs CRC verification and session identifier verification, and parses the lease time and result code. Once the result is confirmed as valid, it constructs and sends a result confirmation frame to the energy storage power source. This result confirmation frame includes a frame header, frame type code, data length, session identifier, instruction code, and result confirmation flag (e.g., 0x00 indicates a valid result), clearly informing the energy storage power source that the execution result has been correctly received and is effective. Upon receiving the result confirmation frame, the energy storage power source completes the full closed-loop processing flow for this activation or renewal instruction.
[0100] By introducing activation command frames encrypted with the target session key, activation code digital signature verification, and energy storage power supply identifier binding verification mechanisms after the communication connection is established, the leasing authorization is transferred from cloud control to the local trusted execution environment of the energy storage power supply. This ensures secure and reliable leasing activation and renewal control even in weak network or off-grid scenarios. Simultaneously, by performing multiple verifications on the activation code validity period, power supply SN code matching relationship, and upper limit of leasing duration, the risks of activation code reuse, cross-device abuse, and time tampering are effectively prevented, ensuring that authorization behavior is controllable and traceable. Furthermore, through a closed-loop interaction mechanism consisting of command reception confirmation frames, execution result frames, and result confirmation frames, each authorization operation has a clear reception, execution, and effectiveness feedback status, avoiding command loss or erroneous execution. Thus, while ensuring secure management of leasing time, highly reliable command interaction and dynamic authorization control are achieved, significantly improving the stability, controllability, and business continuity of the home appliance leasing system in complex communication environments.
[0101] Please see Figure 3 , Figure 3 This is a flowchart illustrating a home appliance rental method according to another embodiment of this application. Figure 3 As shown, this method is applied to electrical appliances, which communicate with the energy storage power source through a preset localized communication protocol. The method includes steps S21-S25:
[0102] S21: Send a handshake request frame to the energy storage power source so that the energy storage power source receives the handshake request frame sent by the appliance and performs a first authentication on the handshake request frame to obtain a first authentication result; when the first authentication result meets the first preset condition, send a handshake response frame to the appliance.
[0103] The process of sending a handshake request frame to the energy storage power source includes: obtaining the electrical equipment hardware identifier, negotiation parameter list information, second private key, and electrical preset private key; calculating the second private key to obtain the electrical public key; digitally signing the electrical equipment hardware identifier, negotiation parameter list information, and electrical public key based on the electrical preset private key to obtain an electrical digital signature; and constructing a protocol frame based on the electrical equipment hardware identifier, negotiation parameter list information, electrical public key, and electrical digital signature based on a localized communication protocol to generate a handshake request frame and sending the handshake request frame to the energy storage power source.
[0104] Before initiating communication, the appliance first randomly generates a temporary elliptic curve cryptography (ECC) key pair locally, which includes a 256-bit temporary private key. (i.e., the second private key) and based on that temporary private key The temporary public key obtained by performing a dot product operation with the preset elliptic curve base point G (Electrical Appliance Public Key). This temporary public key consists of two parts, a horizontal axis and a vertical axis, each occupying 32 bytes of data space, thus forming a total of 64 bytes of ECC public key data, which is used in the subsequent session key negotiation process to ensure forward security of the communication process.
[0105] After the temporary key is generated, the appliance obtains its own unique hardware identifier, which is used to represent the physical unique identity of the appliance. At the same time, it constructs a negotiation parameter list to declare the communication and security capability parameters currently supported by the appliance. This includes at least the supported encryption algorithm types and the adaptable serial communication baud rate configuration. If necessary, it can also expand to include communication control parameters such as data bit length and stop bit format, thereby providing a basis for the adaptive configuration of parameters of the subsequent communication link.
[0106] Subsequently, to prevent the handshake request frame from being forged or tampered with, the appliance calls its pre-set private key (i.e., the appliance's RSA private key) to perform a hash operation on the appliance's hardware identifier, the negotiation parameter list information, and the appliance's public key, generating an appliance digital signature. This appliance digital signature is used to verify that the aforementioned key information was indeed sent by a legitimate appliance and has not been illegally modified during transmission, thus achieving dual protection for the appliance's identity authenticity and data integrity.
[0107] After the signature generation is completed, as shown in Table 7, the appliance encapsulates the frame header, frame type encoding, data length, appliance hardware identifier, negotiation parameter list information, appliance public key, and appliance digital signature into a standardized handshake request frame structure according to the preset localized communication protocol frame format. A cyclic redundancy check code is appended to the end of the frame to verify the integrity of the entire frame data, thereby improving the data reliability under low-bandwidth local communication links.
[0108] Table 7 - Handshake Request Frame Structure
[0109]
[0110] After the protocol frame is constructed, the electrical appliance sends the handshake request frame to the energy storage power supply through the local communication interface (such as serial communication link) established with the energy storage power supply. At the same time, the timeout timing mechanism and retransmission control strategy are activated. If the request response frame is not received within a preset time (such as 5 seconds), the retransmission process is automatically performed (such as 2 times), thereby avoiding the impact of transient link interference on the system reliability.
[0111] After receiving a handshake request frame, the energy storage power supply performs a first authentication on the handshake request frame to obtain a first authentication result. When the first authentication result meets a first preset condition, it returns a handshake response frame to the appliance for entering the subsequent key negotiation and secure session establishment phase. It should be noted that in the implementation process of steps S21 to S25 of this embodiment, the implementation details of communication-related operations performed by the energy storage power supply (e.g., handshake response frame, session confirmation frame, heartbeat frame, instruction reception confirmation frame, and execution result frame) have been described in the above embodiments and will not be repeated below.
[0112] By having the appliance actively generate a temporary key and send a handshake request frame containing the appliance's hardware identifier, negotiation parameter list information, and a digital signature of the appliance authenticated by its private key to the energy storage power source, the energy storage power source can synchronously verify the authenticity of the appliance's identity and the integrity of its data under the local communication link. This effectively prevents unauthorized device access, data forgery, and man-in-the-middle attacks without relying on the cloud network. At the same time, the parameter negotiation mechanism enables adaptive matching between the communication algorithm and the link configuration, and the temporary key mechanism provides forward security for the establishment of subsequent sessions. Overall, this improves the security, reliability, communication stability, and device access control capabilities of the home appliance rental system in offline scenarios, fundamentally solving the problems of traditional rental equipment relying on network authentication, insufficient security, and susceptibility to counterfeiting and cracking.
[0113] S22: Perform a second authentication on the handshake response frame to obtain a second authentication result; when the second authentication result meets the second preset condition, send a session ready frame to the energy storage power supply so that the energy storage power supply can receive the session ready frame sent by the appliance and perform key verification on the session ready frame to obtain a key verification result; when the key verification result meets the third preset condition, send a session confirmation frame to the appliance.
[0114] The second authentication result includes a target session key and a session identifier. When the second authentication result meets the second preset condition, a session ready frame is sent to the energy storage power source. This includes: encrypting the session identifier based on the target session key to obtain an encrypted session identifier; digitally signing the encrypted session identifier based on the second private key to obtain a session digital signature; and constructing a protocol frame based on the encrypted session identifier and the session digital signature using a localized communication protocol to generate a session ready frame and send the session ready frame to the energy storage power source.
[0115] After the electrical appliance receives the handshake response frame sent by the energy storage power source, it first performs basic integrity verification processing on the handshake response frame. By parsing the fixed identifiers of the frame header and frame trailer and performing CRC-32 cyclic redundancy check calculation on all data in the frame except for the check field, it determines whether the data has been erroneous or tampered with during transmission on the local communication link. If the verification fails, the handshake response frame is discarded directly and the handshake request process is retried (up to 2 times) to avoid abnormal connection establishment.
[0116] After the basic verification is passed, the second authentication stage begins. The appliance calls the pre-stored power supply public key (such as the power supply RSA public key) to decrypt the power supply digital signature carried in the handshake response frame to restore the hash value corresponding to the signature. At the same time, based on the power supply device identifier, power supply public key, negotiation result and power supply session identifier contained in the handshake response frame, the SHA-256 hash value is recalculated and the two are compared for consistency. When the comparison results are consistent, it is confirmed that the handshake response frame does indeed come from a legitimate energy storage power supply and the data has not been tampered with.
[0117] Subsequently, the appliance uses its own preset private key (i.e., the appliance's RSA private key) to decrypt the power session identifier in the handshake response frame to recover the session identifier. This session identifier serves as the unique logical channel number for this communication connection, distinguishing different session instances, and is cached and bound locally. Simultaneously, based on the elliptic curve key negotiation protocol, the appliance uses its second private key generated in step S21 and the power public key published by the energy storage power source in the handshake response frame to perform an elliptic curve dot product operation, and extracts the x-coordinate of the calculation result to obtain the shared key. (Theoretically, this shared key) (Completely identical to the shared key K mentioned above), and regarding this shared key Perform a SHA-256 hash operation and truncate the data to a preset length (e.g., the first 32 bytes) as the target session key. (session key) Theoretically, it is completely consistent with the target session key S mentioned above (for ease of understanding, the target session key S will be used in the following text). This target session key serves as the symmetric encryption key for all subsequent business instructions and control data, and is used to ensure the confidentiality of the communication content.
[0118] When the second authentication result is confirmed to meet the second preset condition (the power supply device is legitimate and the target session key is consistent), the appliance enters the session ready frame construction stage. First, the target session key S is used to encrypt the session identifier using a preset symmetric encryption algorithm to form an encrypted session identifier, thereby verifying whether the communication peer holds the same session key. Then, the aforementioned second private key is used to generate a session digital signature for the encrypted session identifier, achieving dual protection for the authenticity of the data source and the integrity of the content. Finally, as shown in Table 8, the frame header, frame type code, data length, encrypted session identifier, session digital signature, CRC-32 (checksum), and frame trailer are sequentially encapsulated according to the protocol format specified by the localized communication protocol to construct a standardized session ready frame, which is then sent to the energy storage power supply via a serial link.
[0119] Table 8 - Session Ready Frame Structure
[0120]
[0121] The energy storage power supply receives the session ready frame sent by the appliance and performs key verification on the session ready frame to obtain the key verification result. When the key verification result meets the third preset condition, it sends a session confirmation frame to the appliance, thus completing the formal establishment of the secure communication session.
[0122] By performing strict second authentication on the handshake response frame, bidirectional identity verification and key synchronization between the electrical appliance and the energy storage power supply are achieved, ensuring that both communicating parties are legitimate devices and that the data has not been tampered with. At the same time, a one-time target session key S is generated through negotiation via the ECDH protocol for the encrypted transmission of all subsequent business data, thereby effectively preventing man-in-the-middle attacks, key leakage, and data forgery, and improving the security and reliability of the entire communication connection.
[0123] S23: Establish a communication connection with the energy storage power source based on the session confirmation frame, and after the communication connection is established, receive the heartbeat frame sent by the energy storage power source, perform a survival status detection on the heartbeat frame, obtain the survival status detection result, and send a heartbeat reply frame to the energy storage power source based on the survival status detection result.
[0124] Upon receiving a heartbeat frame from the energy storage power source, the appliance first verifies the integrity of the heartbeat frame. This includes checking whether the frame header and trailer match the fixed values specified in the protocol, and calculating the CRC-32 checksum and comparing it with the CRC field within the heartbeat frame to ensure that the data has not been tampered with or lost during transmission. Simultaneously, the appliance uses the target session key S to decrypt the status data segment information in the heartbeat frame to obtain the real-time status information of the energy storage power source, including remaining power, remaining lease time, fault codes, and other status information.
[0125] Based on the decrypted status data segment information, the appliance performs a survival status detection to obtain the survival status detection result: determining whether the energy storage power supply is in normal working condition, and whether there are any faults or critical conditions, such as the power level being below a threshold or a non-zero fault code. If an abnormal state is detected, the appliance can proactively take measures, such as stopping communication, notifying the user of insufficient rental time, or indicating equipment failure.
[0126] After completing the liveness detection, the appliance generates a heartbeat response frame. The heartbeat response frame contains appliance status information (appliance operating status information and other necessary information), and this information is encrypted using the target session key S to ensure data security and integrity. As shown in Table 9, the heartbeat response frame is constructed according to the same localized communication protocol frame structure as the heartbeat frame, including a frame header, frame type encoding, data length, session identifier, encrypted appliance status information, CRC-32 checksum field, and frame trailer.
[0127] Table 9 - Heartbeat Response Frame Structure
[0128]
[0129] Finally, the appliance sends a heartbeat response frame to the energy storage power supply via a serial port or a preset communication interface, and starts a timeout timer to trigger retransmission or exception handling in a timely manner if the next heartbeat is not received. This process can dynamically adjust the heartbeat cycle according to the power supply status and supports multi-level timeout protection mechanisms to ensure communication stability, real-time performance, and system security.
[0130] By interacting with the heartbeat frames and heartbeat response frames between the energy storage power supply and the electrical appliances, a single communication can achieve the dual function of obtaining information such as the remaining power of the energy storage power supply, the remaining lease time, fault codes, and the status information of the electrical appliances, thereby reducing the bandwidth usage of the serial port.
[0131] S24: Simultaneously, after the communication connection is established, an activation command frame is sent to the energy storage power supply so that the energy storage power supply can perform activation verification on the activation command frame and obtain the activation verification result; based on the activation verification result, an execution result frame is sent to the appliance.
[0132] The process of sending an activation command frame to the energy storage power source includes: obtaining the activation code, session identifier, command code, and leasing platform private key; digitally signing the activation code based on the leasing platform private key to obtain the activation code digital signature; and constructing a protocol frame based on the session identifier, command code, activation code, and activation code digital signature using a localized communication protocol to generate an activation command frame and send the activation command frame to the energy storage power source.
[0133] After establishing a secure communication connection between the appliance and the energy storage power supply, the appliance first generates an activation command frame according to business requirements. This process involves obtaining the activation code, session identifier, command code, and leasing platform private key required for this activation operation. The activation code is a dynamically generated string from the leasing platform containing "triple binding information" including the activation code's validity period, the power supply equipment identifier, and the renewal duration. This ensures that the activation operation is within its validity period, applies only to the specified power supply, and that the leasing time cannot be tampered with. The session identifier is a unique identifier for this communication, used to bind to the target session key to ensure data correspondence. The command code identifies the type of activation operation, such as activation renewal, fault reset, or key reset. The leasing platform private key is used to digitally sign the activation code to ensure its legality and integrity.
[0134] Subsequently, the appliance uses the rental platform's private key to digitally sign the activation code, obtaining a digital signature for the activation code. This signing process ensures that the energy storage power supply can verify the authenticity of the activation code's origin when receiving instructions, preventing third parties from forging instructions or tampering with the activation code's content.
[0135] Next, the appliance constructs an activation command frame by combining information such as the session identifier, command code, activation code, and activation code digital signature according to the localized communication protocol. This frame, according to the preset frame structure, includes: a frame header (a fixed value used to identify the start of the frame), a frame type code (0x0020, used to identify the activation command frame), a data length, a session identifier, a command code, an activation code (encrypted with the target session key), an activation code digital signature, a CRC-32 checksum, and a frame trailer (a fixed value used to identify the end of the frame).
[0136] After generating the activation command frame, the appliance sends it to the energy storage power source via a serial port or a preset communication interface, and starts a timeout timer to wait for the energy storage power source's response. The energy storage power source performs activation verification on the received activation command frame and obtains the activation verification result; based on the activation verification result, it sends an execution result frame to the appliance.
[0137] By sending activation command frames and performing multiple verifications, secure and reliable information exchange between electrical appliances and energy storage power sources is achieved. Utilizing dynamic activation codes with activation expiration dates, device binding, and renewal durations, combined with digital signatures and session key encryption, ensures that the activation command frames are legitimate, tamper-proof, and effective only for the specified devices. This effectively prevents activation code forgery, unauthorized operations, and lease time tampering, enhancing system security, reliability, and operational traceability.
[0138] S25: Verify the execution result frame, obtain the verification result, and send a result confirmation frame to the energy storage power source based on the verification result.
[0139] After receiving the execution result frame from the energy storage power source, the appliance first performs integrity and validity checks on the frame. Understandably, the appliance parses the execution result frame according to the localized communication protocol, first checking whether the frame header and trailer conform to preset fixed values to ensure correct frame boundaries; then, it performs a CRC-32 check to verify that the data has not been tampered with during transmission. After confirming data integrity through CRC-32 verification, the appliance further decrypts or parses the lease time, instruction code, and result code contained in the valid data segment, and compares the lease time with the locally stored lease time to determine whether the activation operation was successful, thus obtaining the verification result.
[0140] When the verification result confirms the execution result is valid (i.e., the rental time is updated correctly and the result code is 0x00, indicating successful operation), the appliance constructs a result confirmation frame according to the localized communication protocol. The result confirmation frame includes a frame header, frame type code (0x0023), data length, session identifier, instruction code, result confirmation identifier (0x00 indicates a valid result), CRC-32 checksum, and frame trailer. After construction, the appliance sends the result confirmation frame to the energy storage power source via a serial port or other agreed communication channel.
[0141] After receiving the result confirmation frame, the energy storage power supply verifies that the session identifier and instruction code correspond to the previously sent execution result frame, and checks that the confirmation identifier is 0x00, thereby confirming that the activation operation is complete and the communication loop ends.
[0142] This process ensures the reliability of activation command execution and data consistency between electrical appliances and energy storage power sources, avoids incorrect rental times or abnormal activation situations, and achieves operational traceability and system security.
[0143] This application provides a home appliance rental method that achieves a complete communication process from handshake establishment, session key negotiation, heartbeat monitoring to activation command execution through bidirectional secure interaction between the appliance and the energy storage power supply based on a preset localized communication protocol. First, during the handshake phase, the appliance and the energy storage power supply complete mutual recognition through a multi-stage authentication mechanism, using a temporary key and a one-time target session key to achieve dynamic key negotiation, ensuring the legitimacy of both parties' identities while avoiding the risk of long-term key leakage. During the handshake process, they can also collaboratively negotiate encryption algorithms and serial port parameters to achieve high compatibility and communication reliability between devices with different performance levels. Second, after the session is established, both parties achieve dual-mode monitoring of "liveness status + status synchronization" through a heartbeat mechanism to obtain device liveness indicators and transmit information such as the remaining power of the energy storage power supply, rental time, fault codes, and appliance status information, enabling dual functions in a single communication. Combined with a dynamic heartbeat cycle and multi-level timeout protection strategy, the heartbeat interval can be automatically adjusted according to the device's operating status, and soft or hard locking can be triggered in the event of communication interruption or abnormality, effectively ensuring device security and the continuity of rental renewal management. Furthermore, during the information exchange phase, the appliance can send a dynamic activation code containing the activation code's validity period, device binding information, and digital signature. Through hierarchical access control and a rental time anti-tampering mechanism, secure verification and execution of activation renewal and other commands are achieved. Upon receiving the command, the energy storage power supply can verify the activation code's legitimacy and update the rental time. Simultaneously, it completes a closed-loop confirmation with the appliance through the execution result frame, ensuring traceability and data consistency. In summary, this application, through two-way authentication, dynamic session keys, heartbeat status fusion, and multi-command interaction and confirmation mechanisms, achieves comprehensive advantages in communication security, reliable device identity, timely status monitoring, and precise operation control, significantly improving the interoperability, security, and management efficiency of the energy storage power supply and the appliance during the appliance rental process.
[0144] This application also provides an electronic device 200, which can be the energy storage power supply 10 in the above embodiments, or it can be an electrical appliance 20. Please refer to... Figure 4 This diagram illustrates the hardware structure of an electronic device 200 capable of performing the methods described in the embodiments above. The electronic device 200 includes: at least one processor 210; and a memory 220 communicatively connected to the at least one processor 210. Figure 4 Taking a processor 210 as an example, the memory 220 stores instructions executable by at least one processor 210. These instructions, when executed by at least one processor 210, enable the at least one processor 210 to perform the appliance rental method described in the above embodiment. The processor 210 and the memory 220 can be connected via a bus or other means. Figure 4 Taking the example of a connection between China and Israel via a bus.
[0145] The memory 220, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules, such as the program instructions / modules corresponding to the home appliance rental method in the embodiments of this application. The processor 210 executes various functional applications and data processing of the server by running the non-volatile software programs, instructions, and modules stored in the memory 220, thereby implementing the home appliance rental method of the above embodiments.
[0146] Memory 220 may include a stored program area and a stored data area, wherein the stored program area may store the operating system and applications required for at least one function; the stored data area may store data created based on the use of the computing device, etc. Furthermore, memory 220 may include high-speed random access memory and may also include non-volatile memory, such as at least one disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, memory 220 may optionally include memory remotely located relative to processor 210, and these remote memories may be connected to the computing device via a network. Examples of such networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.
[0147] One or more modules are stored in memory 220 and, when executed by one or more processors 210, perform the home appliance rental method of the above embodiments.
[0148] The above-described product can execute the method provided in the embodiments of this application, and has the corresponding functional modules and beneficial effects for executing the method. Technical details not described in detail in this embodiment can be found in the home appliance rental method of the embodiments of this application.
[0149] This application provides a non-volatile computer-readable storage medium storing computer-executable instructions that are executed by one or more processors to enable at least one processor to perform the home appliance rental method described above. For example, the non-volatile computer-readable storage medium may be a read-only memory (ROM), a random access memory (RAM), a compact disc read-only memory (CDROM), magnetic tape, floppy disk, or optical data storage device, etc.
[0150] This application provides a computer program product, which includes a computer program stored on a non-volatile computer-readable storage medium. The computer program includes program instructions, which, when executed by an electronic device, enable the electronic device to perform the home appliance rental method in any of the above method embodiments.
[0151] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk) and includes several instructions to cause a terminal (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the various embodiments of this application.
[0152] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of this application, and not to limit them; under the concept of this application, the technical features of the above embodiments or different embodiments can also be combined, the steps can be implemented in any order, and there are many other variations of different aspects of this application as described above, which are not provided in detail for the sake of brevity; although this application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still modify the technical solutions described in the foregoing embodiments, or make equivalent substitutions for some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the scope of the technical solutions of the embodiments of this application.
Claims
1. A method for renting home appliances, applied to an energy storage power source, wherein the energy storage power source and the appliances communicate via a preset localized communication protocol, characterized in that, The method includes: The method receives a handshake request frame sent by the appliance and performs a first authentication on the handshake request frame to obtain a first authentication result; when the first authentication result meets a first preset condition, a handshake response frame is sent to the appliance to enable the appliance to perform a second authentication on the handshake response frame to obtain a second authentication result; when the second authentication result meets a second preset condition, a session ready frame is sent to the energy storage power supply; wherein, the first authentication result includes the appliance's public key, and the method further includes: calculating a shared key by performing a first private key and the appliance's public key; and hashing the shared key to obtain a target session key; The system receives the session ready frame sent by the appliance and performs key verification on the session ready frame to obtain a key verification result. When the key verification result meets a third preset condition, the system sends a session confirmation frame to the appliance so that the appliance can establish a communication connection with the energy storage power source based on the session confirmation frame. After the communication connection is established, status data segment information is acquired; based on the target session key, the status data segment information is encrypted to obtain encrypted status data segment information; based on the localized communication protocol, a protocol frame is constructed from the session identifier and the encrypted status data segment information to generate a heartbeat frame, and the heartbeat frame is sent to the appliance so that the appliance can perform a liveness detection on the heartbeat frame, obtain a liveness detection result, and send a heartbeat reply frame to the energy storage power supply according to the liveness detection result; Simultaneously, after the communication connection is established, an activation command frame sent by the appliance is received, and the activation command frame is activated and verified to obtain an activation verification result. The activation verification includes: verifying the digital signature of the activation code in the activation command frame, verifying the validity period of the activation code, and verifying that the power device identification number carried in the activation code matches the local power device identification number. Based on the activation verification result, an execution result frame is sent to the appliance so that the appliance can verify the execution result frame, obtain a verification result, and send a result confirmation frame to the energy storage power source based on the verification result.
2. The home appliance rental method according to claim 1, characterized in that, The first authentication result includes a negotiation result. The step of sending a handshake response frame to the appliance when the first authentication result meets a first preset condition includes: When the first authentication result meets the first preset condition, obtain the appliance preset public key, the power supply preset private key, the power supply device identifier, the first private key, and the session identifier; The power supply public key is obtained by calculating the first private key; Based on the preset public key of the electrical appliance, the session identifier is encrypted to obtain the power supply session identifier; Based on the power supply preset private key, the power supply device identifier, the power supply public key, the negotiation result, and the power supply session identifier are digitally signed to obtain the power supply digital signature; Based on the localized communication protocol, a protocol frame is constructed from the power device identifier, the power public key, the negotiation result, the power session identifier, and the power digital signature to generate the handshake response frame, and the handshake response frame is sent to the appliance.
3. The home appliance rental method according to claim 1, characterized in that, The activation verification result includes an instruction code, rental time, and a result code. Sending an execution result frame to the appliance based on the activation verification result includes: Based on the localized communication protocol, a protocol frame is constructed from the session identifier, the instruction code, the rental time, and the result code to generate the execution result frame, and the execution result frame is sent to the appliance.
4. A method for renting home appliances, applied to electrical appliances, wherein the electrical appliances and energy storage power sources are connected via a preset localized communication protocol, characterized in that... The method includes: A handshake request frame is sent to the energy storage power source, so that the energy storage power source receives the handshake request frame sent by the appliance and performs a first authentication on the handshake request frame to obtain a first authentication result; wherein, the first authentication result includes the appliance's public key, the energy storage power source calculates a shared key by using a first private key and the appliance's public key; the shared key is hashed to obtain a target session key; when the first authentication result meets a first preset condition, a handshake response frame is sent to the appliance; The handshake response frame is subjected to a second authentication to obtain a second authentication result; when the second authentication result meets a second preset condition, a session ready frame is sent to the energy storage power supply so that the energy storage power supply receives the session ready frame sent by the appliance and performs key verification on the session ready frame to obtain a key verification result; when the key verification result meets a third preset condition, a session confirmation frame is sent to the appliance. A communication connection is established with the energy storage power source based on the session confirmation frame. After the communication connection is established, a heartbeat frame sent by the energy storage power source is received, and a liveness status detection is performed on the heartbeat frame to obtain a liveness status detection result. Based on the liveness status detection result, a heartbeat response frame is sent to the energy storage power source. The heartbeat frame is generated by the energy storage power source in the following way: acquiring status data segment information; encrypting the status data segment information based on the target session key to obtain encrypted status data segment information; and constructing a protocol frame based on the localized communication protocol using the session identifier and the encrypted status data segment information. Simultaneously, after the communication connection is established, an activation command frame is sent to the energy storage power supply, so that the energy storage power supply performs activation verification on the activation command frame and obtains the activation verification result; according to the activation verification result, an execution result frame is sent to the appliance; wherein, the activation verification includes: verifying the digital signature of the activation code in the activation command frame, verifying the validity period of the activation code, and verifying that the power device identification number carried in the activation code matches the local power device identification number; The execution result frame is verified to obtain a verification result, and a result confirmation frame is sent to the energy storage power source based on the verification result.
5. The home appliance rental method according to claim 4, characterized in that, Sending the handshake request frame to the energy storage power source includes: Obtain the electrical device's hardware identifier, negotiation parameter list information, second private key, and the electrical device's preset private key; The public key of the appliance is obtained by calculating the second private key; Based on the appliance's preset private key, the appliance's hardware identifier, the negotiation parameter list information, and the appliance's public key are digitally signed to obtain the appliance's digital signature; Based on the localized communication protocol, a protocol frame is constructed from the electrical device hardware identifier, the negotiation parameter list information, the electrical device public key, and the electrical device digital signature to generate the handshake request frame, and the handshake request frame is sent to the energy storage power source.
6. The home appliance rental method according to claim 5, characterized in that, The second authentication result includes a target session key and a session identifier. When the second authentication result meets a second preset condition, sending a session ready frame to the energy storage power source includes: Based on the target session key, the session identifier is encrypted to obtain the encrypted session identifier; Based on the second private key, the encrypted session identifier is digitally signed to obtain the session digital signature; Based on the localized communication protocol, a protocol frame is constructed from the encrypted session identifier and the session digital signature to generate the session ready frame, and the session ready frame is sent to the energy storage power source.
7. The home appliance rental method according to claim 6, characterized in that, Sending the activation command frame to the energy storage power source includes: Obtain the activation code, the session identifier, the instruction code, and the rental platform's private key; Based on the private key of the rental platform, the activation code is digitally signed to obtain the activation code digital signature; Based on the localized communication protocol, a protocol frame is constructed from the session identifier, the instruction code, the activation code, and the digital signature of the activation code to generate the activation instruction frame, and the activation instruction frame is sent to the energy storage power source.
8. An electronic device, characterized in that, include: At least one processor; And a memory communicatively connected to the at least one processor; wherein the memory stores instructions executable by the at least one processor, the instructions being executed by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-3 or to perform the method of any one of claims 4-7.