WO2020052335A1 - 一种发送消息的方法、验证消息的方法、装置及通信系统 - Google Patents

一种发送消息的方法、验证消息的方法、装置及通信系统 Download PDF

Info

Publication number
WO2020052335A1
WO2020052335A1 PCT/CN2019/095086 CN2019095086W WO2020052335A1 WO 2020052335 A1 WO2020052335 A1 WO 2020052335A1 CN 2019095086 W CN2019095086 W CN 2019095086W WO 2020052335 A1 WO2020052335 A1 WO 2020052335A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
target data
message
sending
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/095086
Other languages
English (en)
French (fr)
Inventor
张裕海
杨艳江
王改良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to EP19860362.3A priority Critical patent/EP3843355B8/en
Publication of WO2020052335A1 publication Critical patent/WO2020052335A1/zh
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Definitions

  • the present application relates to the field of communications, and in particular, to a method for sending a message, a method and device for verifying a message, and a communication system.
  • intelligent devices such as smart phones, smart TVs, smart speakers, and smart refrigerators are constantly pouring into people's lives, and people are increasingly feeling the convenience brought by intelligence.
  • the intelligence of vehicles has attracted more and more attention.
  • the study of intelligence outside the vehicle is inseparable from the acquisition of environmental data outside the vehicle.
  • the vehicle can obtain the external environment data shared by other vehicles.
  • each vehicle can send the external environment data to the central server.
  • the central server receives the environment data outside the vehicle, and can draw a map, which includes receiving the environment data sent by each vehicle. In this way, for each vehicle, the vehicle can download the map from the central server, thereby obtaining the external environment data shared by each vehicle.
  • the environmental data outside the shared car depends on the central server.
  • the process of obtaining data from the central server by the vehicle is affected by the network status, and there is a certain network delay.
  • the embodiments of the present application provide a method for sending a message, a method and device for verifying the message, and a communication system.
  • the technical solution is as follows:
  • the present application provides a method for sending a message, in which the sending end obtains target data to be sent, where the target data is data to be sent after the first data is sent in the current sending cycle;
  • the sending sequence number of the target data in the current sending cycle obtains the nodes corresponding to the target data from the hash chain, and the number of nodes included in the hash chain is equal to the number of data allowed to be sent in the current sending cycle;
  • a node corresponding to the target data performs a hash operation to obtain a first verification code, where the first verification code is used by the receiving end to verify the target data; sending a first message, where the first message includes the target data, A node corresponding to the target data, the first verification code, and a sending sequence number of the target data.
  • the sending end can directly send the first message to the receiving end, the first message can be forwarded without passing through the server, which reduces the delay in transmitting the first message and improves the efficiency of message sending.
  • the sender performs a hash operation on the target data and the node corresponding to the target data, the hash calculation requires less computing resources, which reduces the cost of sending the message, and because the first message also includes the node corresponding to the target data, the receiver receives
  • the end can improve the security of message transmission by verifying the node corresponding to the target data. The speed of verifying the node is faster and the rate of verification at the receiving end is improved.
  • the node h i-1 in the hash chain is hashed to obtain the node h i in the hash chain, so that the hash chain has the characteristic of one-way mapping.
  • the head node of the hash chain is obtained as The node corresponding to the target data; when it is determined that the target data is data to be sent after the second data according to the sending sequence number of the target data, obtaining the hash chain located after the third node and A fourth node adjacent to the third node is used as a node corresponding to the target data, and the third node is a node in the hash chain that was sent last time.
  • the node corresponding to each data sent by the sender after sending the first data is a continuous node, and the receiver can verify the data continuity according to the node corresponding to each data to ensure the security of data transmission.
  • the first message further includes a first time stamp for sending the target data.
  • the receiving end can verify the timeliness of the received message by using the first timestamp, so as to further improve the security of message transmission.
  • the terminal verifies the first piece of data; sending a second message, the second message including verification information, the first piece of data, the second verification code, and a node corresponding to the first piece of data, the verification information It includes public key information that matches the private key information. Because the sender uses the private key information to sign the first data and the head node of the hash chain to obtain a second verification code, this improves the security of message transmission.
  • the second message further includes a second time stamp for sending the target data.
  • the receiving end can verify the timeliness of the received message through the second timestamp, so as to further improve the security of message transmission.
  • the verification information is a digital certificate, and the digital certificate includes the public key information; or the verification information is the public key information, and the public key information is Identification information of the sending end.
  • the present application provides a method for verifying a message.
  • a receiving end receives a first message, where the first message includes target data, a node in a hash chain corresponding to the target data, A first verification code and a sending sequence number of the target data in a target sending cycle, the target data is data sent after sending the first data in the target sending cycle, and the number of nodes included in the hash chain is equal to the number of nodes The number of data allowed to be sent in the target sending cycle; verifying the target data according to the node corresponding to the target data, the sending serial number corresponding to the target data, and the first verification code.
  • the message can be forwarded without passing through the server, which reduces the delay of message transmission and improves the efficiency of message transmission.
  • the message includes nodes in the hash chain corresponding to the target data, so that the receiving end can guarantee the security of the message transmission by verifying the node.
  • a node corresponding to the received first data is determined according to a sending sequence number of the target data, where the first data is data that the sender sent recently before sending the target data. Because the node corresponding to the target data is verified according to the node corresponding to the first data, the receiving end can ensure the security of message transmission by verifying the node corresponding to the target data, and the verification speed of the node is faster and improved. The efficiency of verification.
  • the first hash result is obtained by performing a hash operation on the target data and the node corresponding to the target data; between the first hash result and the first When the verification code matches, the target data is verified. In this way, the receiving end only needs to perform a hash operation on the target data and the node corresponding to the target data.
  • the hash calculation requires less computing resources and reduces the verification cost.
  • the first data is the first piece of data
  • the target data is The corresponding node is verified.
  • the verification operation is simple, the required computing resources are small, and the verification speed is fast.
  • the first data is data sent after the first data is sent in the target sending period, and the first data is obtained by performing a hash operation on a node corresponding to the target data.
  • Two hash results when the second hash result is equal to the node corresponding to the first data, the node corresponding to the target data is verified and the calculation required for the hash operation is less, which makes the verification operation It is simple, requires less computing resources, and has a fast verification speed.
  • the first message further includes a first timestamp for sending the target data; between obtaining the first timestamp and receiving a third timestamp for the target data
  • the target data is processed according to the node corresponding to the target data, the sending serial number corresponding to the target data, and the first verification code. verification.
  • the receiving end can verify the timeliness of the received message by using the first time stamp and the third time stamp to further improve the security of message transmission.
  • a second message is received, where the second message includes the first data, a head node of the hash chain corresponding to the first data, a second verification code, and Verification information, the verification information including public key information; and verifying the first piece of data according to the second verification code and the public key information. Since the first piece of data is verified according to the second verification code and the public key information, in this way, the sending end can cause the private key information to sign the first piece of data, thereby improving the security of the first piece of data transmission.
  • the first verification information is obtained by decrypting the second verification code using the public key information, and is generated according to the first data and a head node corresponding to the first data.
  • Second summary information when the first summary information matches the second summary information, the first piece of data is verified to pass. Because the receiving end uses the public key information to decrypt the second verification code, the sending end can use the private key information to encrypt when sending the first piece of data, thereby improving message security.
  • the verification information is a digital certificate
  • the digital certificate includes the public key information
  • the digital certificate's public key information is used to verify the digital certificate
  • the second verification code is decrypted using the public key information to obtain first digest information. Since the digital certificate includes public key information, the digital certificate is verified.
  • the public key information in the digital certificate is used to decrypt, which can further improve the security.
  • the second message is buffered in a message buffer area; when the length of time to receive a message reaches a second threshold, the digital certificates in the received Z messages are verified ,
  • the Z messages are messages including a digital certificate buffered in the message buffer, and Z is an integer greater than 0; when the digital certificate in the Z messages fails to pass verification, the digital certificate is used
  • the issuer public key information verifies the digital certificate. In this way, multiple digital certificates can be verified in batches, which improves the efficiency of verification.
  • each digital certificate requires more computing resources for verification, which is more than the computing resources required for batch verification, so it can reduce computing resources. Of occupation.
  • a hash operation is performed on the digital certificates in the Z messages to obtain a hash value of the digital certificates in the Z messages; and the digital certificates in the Z messages are calculated
  • the product of the hash value of the first value is obtained; the product of the digital signatures in the digital certificates in the Z messages is calculated to obtain the second value; when the e-th power of the second value is equal to the first value,
  • the verification of the digital certificates in the Z messages passes, thereby implementing batch verification of the M digital certificates.
  • the second message further includes a second timestamp of sending the first data; obtaining the second timestamp and receiving a fourth timestamp of the first data A second difference between them; when the second difference does not exceed a first threshold, verify the first piece of data according to the second verification code and the public key information.
  • the receiving end can verify the timeliness of the received message by using the second time stamp and the fourth time stamp, so as to further improve the security of message transmission.
  • the second message is buffered in a message buffer area; when the length of time to receive a message reaches a second threshold, verifying the Z second messages received at the same time,
  • the Z second messages are the second messages cached in the message buffer area; when the Z second messages are not verified at the same time, the second messages are verified according to the second verification code and the public key information.
  • the first data is described for verification. In this way, multiple messages can be verified in batches, which improves the efficiency of verification.
  • an embodiment of the present application provides an apparatus for sending a message, which is configured to execute the first aspect or a method in any possible implementation manner of the first aspect.
  • the apparatus includes a unit for performing the first aspect or the method of any possible implementation manner of the first aspect.
  • an embodiment of the present application provides a device for verifying a message, which is used to execute the second aspect or a method in any possible implementation manner of the second aspect.
  • the apparatus includes a unit for performing the second aspect or the method of any one of the possible implementation manners of the second aspect.
  • an embodiment of the present application provides a device for sending a message, where the device includes a transceiver, a processor, and a memory.
  • the transceiver, the processor, and the memory may be connected through a bus system.
  • the memory is configured to store a program, an instruction, or a code
  • the processor is configured to execute the program, an instruction, or a code in the memory, and implement the first aspect or a method in any possible implementation manner of the first aspect.
  • an embodiment of the present application provides a device for verifying a message, where the device includes a transceiver, a processor, and a memory.
  • the transceiver, the processor, and the memory may be connected through a bus system.
  • the memory is configured to store a program, an instruction, or a code
  • the processor is configured to execute the program, the instruction, or the code in the memory to complete the second aspect or a method in any possible implementation manner of the second aspect.
  • an embodiment of the present application provides a computer program product.
  • the computer program product includes a computer program stored in a computer-readable storage medium, and the computing program is loaded by a processor to implement the first aspect.
  • the second aspect any possible implementation of the first aspect, or a method of any possible implementation of the second aspect.
  • an embodiment of the present application provides a non-volatile computer-readable storage medium for storing a computer program, and the computer program is loaded by a processor to execute the first aspect, the second aspect, and the first aspect. Instructions for any possible implementation of the aspect or any possible implementation of the second aspect.
  • an embodiment of the present application provides a chip, where the chip includes a programmable logic circuit and / or a program instruction, and is used to implement the foregoing first aspect, the second aspect, and the first aspect when the chip is running. Any possible implementation or method of any possible implementation of the second aspect.
  • an embodiment of the present application provides a communication system, including the device described in the third or fifth aspect and the device described in the fourth or sixth aspect.
  • FIG. 1-1 is a schematic structural diagram of a communication system according to an embodiment of the present application.
  • FIG. 1-2 is a schematic structural diagram of another communication system according to an embodiment of the present application.
  • FIG. 2-1 is a flowchart of a method for sending a message according to an embodiment of the present application
  • FIG. 2-3 is a schematic structural diagram of identity information provided by an embodiment of the present application.
  • FIG. 2-4 is a schematic structural diagram of a device type information provided by an embodiment of the present application.
  • 2-5 is a schematic structural diagram of device identification information according to an embodiment of the present application.
  • FIG. 3 is a flowchart of a method for verifying a message according to an embodiment of the present application
  • FIG. 4 is a flowchart of another method for sending a message according to an embodiment of the present application.
  • FIG. 5 is a flowchart of another method for verifying a message according to an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of an apparatus for sending a message according to an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of an apparatus for verifying a message according to an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of another apparatus for sending messages according to an embodiment of the present application.
  • FIG. 9 is a schematic structural diagram of another verification message device according to an embodiment of the present application.
  • FIG. 10 is a schematic structural diagram of another communication system according to an embodiment of the present application.
  • the communication system includes:
  • the sender and receiver can establish a communication connection with each other;
  • the sending end can obtain the data to be sent.
  • the sending end can directly broadcast the data to the receiving end, so that the data does not need to be forwarded to the receiving end via a central server located on the network side. Time delay to improve the efficiency of sending the data.
  • the sending end When the sending end broadcasts the data directly to the receiving end, the sending end defines a sending period, and the sending period is cyclic.
  • the sending end signs the first piece of data and the head node of the hash chain using the private key information to obtain a second verification code; then the sending end broadcasts the second message,
  • the second message includes a verification message, a second verification code, the first data, and a head node of the hash chain.
  • the verification message includes public key information that matches the private key information.
  • the sender obtains the node corresponding to the target data from the hash chain, and performs the target data and the node corresponding to the target data.
  • the first verification code is obtained by the operation, and the first message is broadcast.
  • the first message includes the first verification code, the target data, the node corresponding to the target data, and the sending sequence number of the target data.
  • the receiving end can receive the message broadcasted by the sending end (the message can be the first message or the second message), and when the message is the second message, the first data is verified according to the verification message and the second verification code.
  • the message is the first message
  • the target data is verified according to the node corresponding to the target data, the first verification code, and the sending serial number corresponding to the target data.
  • the number of nodes included in the hash chain is equal to the number of data allowed to be sent in a sending cycle.
  • the two adjacent nodes are called the first node and the second node, respectively.
  • the first node is close to the head node of the hash chain, and the first node is Calculated based on the second node.
  • one sending cycle can correspond to one hash chain, so that the sending end can generate a hash chain before sending the first data in each sending cycle; or, m sending cycles can correspond to one hash chain, where m is greater than An integer of 1, so that the sender generates a hash chain before sending the first data in a sending cycle, and does not need to generate a hash chain in the next consecutive m-1 sending cycles after generating the hash chain, until the mth Generate a hash chain before sending the first data in +1 sending cycles.
  • the above-mentioned communication system can be applied in scenarios such as an intelligent transportation system, and both the transmitting end and the receiving end in the intelligent transportation system can be vehicles.
  • the transmitting end or the receiving end may be a vehicle-mounted terminal installed or integrated in a vehicle.
  • the car can obtain data on the road.
  • the data can be the outside environment data, etc.
  • the outside environment data can be road conditions, etc.
  • the outside environment data can be entered by the driver of the car into the car Data, for example, the user enters a piece of data as "traffic accident at the intersection ahead", and this piece of data is the data outside the vehicle.
  • the car can broadcast data to other cars in the above manner to share the data with other cars.
  • the car can broadcast the obtained road condition information to other cars, so as to share the road condition data obtained by it with other cars.
  • the vehicle may be a bicycle, a balance vehicle, or a drone.
  • the sending end or the receiving end may be a wearable device, a smart home device, or a mobile terminal.
  • the transmitting end or the receiving end may be a bracelet, a watch, a headset, or glasses.
  • the sending end or the receiving end is a smart home device, the sending end or the receiving end may be a speaker, a TV, a refrigerator, a color TV, a washing machine, a toilet, a router, a lamp, or an air conditioner.
  • the sending end or the receiving end is a mobile terminal
  • the sending end or the receiving end may be a mobile phone, a tablet computer, or a notebook computer.
  • the communication system may further include a server, and the sending end and the receiving end may respectively establish communication connections with the server, and the sending end and / or the receiving end may obtain the public key of the digital certificate issuer from the server.
  • the sending end can use the obtained content to send a message
  • the receiving end can use the obtained content to receive the message.
  • an embodiment of the present application provides a method for sending a message.
  • the method can be applied to the communication system shown in FIG. 1-1.
  • the method is executed by the transmitting end of the communication system, including:
  • Step 201 The sending end obtains public key information and private key information matching the public key information, and obtains a digital certificate.
  • the sender can use a public key infrastructure (PKI) mechanism to obtain public key information and private key information that matches the public key information.
  • PKI public key infrastructure
  • the process of obtaining public key information and private key information during implementation may be: the sender randomly generates a string of information and uses the information as public key information, and then generates private key information that matches the public key information.
  • the digital certificate includes a digital signature and other content except the digital signature.
  • the other content may include the public key information and the identity information of the sending end.
  • the digital certificate includes multiple fields.
  • the digital signature, the public key information, and the identity information of the sender can be carried in different fields in the digital certificate.
  • the CA Digital Signature (CA Digital Signature) field carries the digital signature
  • the Subject Public Key Information (Subject Public Key Info) field carries the public key information
  • the subject ’s unique identifier (Subject) Unique ID) carries the identification information of the sending end.
  • the digital certificate can also include other fields, for example, see Figure 2-2. It can also include the Version field, the Serial Number field, the Signature Algorithm ID field, and the issuer (CA) X500 name ( Issuer (CA) X500Name), Validity Period field, Subject X500 Name field, Algorithm ID field, Public Key Value field, Issuer Unique ID ) Field and Extension field.
  • CA issuer
  • CA X500Name
  • Validity Period field Subject X500 Name field
  • Algorithm ID field Public Key Value field
  • Issuer Unique ID Issuer Unique ID
  • the sender may first generate other parts of the digital certificate other than the digital signature, hash the other parts to obtain a hash value, and use the private key information of the digital certificate issuer to encrypt the hash value to obtain a digital signature.
  • the digital signature and the other parts make up a digital certificate.
  • the sender may obtain the private key information of the certificate issuer from the server in advance, and then save the private key information of the certificate issuer locally, so the sender may directly use the private key information of the certificate issuer saved locally to the The hash value is encrypted.
  • the sender may obtain the private key information of the certificate issuer from the server, and use the private key information of the certificate issuer to encrypt the hash value.
  • the identification information of the sending end may include device type information of the sending end and device identification information for uniquely identifying the sending end.
  • the device type information of the sender may include a device category to which the sender belongs and a sender to belong to a sub-category included in the device category.
  • each device category is defined to include multiple sub-categories.
  • Table 1 below.
  • the device categories in Table 1 include vehicles, wearables, smart homes, and mobile terminals.
  • Vehicles include multiple sub-categories, including cars, bicycles, and balance bikes; wearable devices include multiple sub-categories, including bracelets, watches, headphones, and glasses; smart homes include multiple sub-categories of speakers, televisions, Refrigerators, color TVs, washing machines, toilets, routers, lamps and air conditioners, etc .;
  • mobile terminals include multiple sub-categories, such as mobile phones, tablets and laptops.
  • the device identification information may include device manufacturer identification information, a device production date, and a production serial number of the sending end.
  • the identity information of the sender may include a first part and a second part, the first part includes at least one byte, the first part is device type information of the sender, and the first part may be divided into two sub-parts, one of which includes multiple And the sub-portion belongs to the device category to which the sender belongs, and the other sub-portion includes multiple bits and the other portion belongs to the sub-category to which the sender belongs.
  • the second part includes at least one byte, the second part is the device identification information of the sending end, and the second part can be divided into a first sub-section, a second sub-section, and a third sub-section.
  • the first sub-section includes at least one byte and The first sub-section contains the device manufacturer's identification information on the sending end, the second sub-section contains at least one byte and the second sub-section contains the production date of the device on the sending end, the third sub-section contains at least one byte and the third sub-section contains Serial production number.
  • the identification information can include 12 bytes
  • the first part includes the first three bytes, that is, the first three bytes can be the device type information of the sender
  • the second part includes the last nine.
  • Bytes, that is, the last nine bytes can be device identification information.
  • the first part includes two sub-parts, see Figure 2-4.
  • one of the sub-parts includes the first twelve bits of the first part, that is, the first twelve bits can be the device category to which the sender belongs.
  • the other sub-section includes the last twelve bits of the first section, that is, the last twelve bits may be a sub-category of the device category that the transmitting end belongs to.
  • the second part includes the first subpart, the second subpart, and the third subpart.
  • the first subpart includes the first three bytes of the second part, that is, the first three bytes. It can be the equipment manufacturer identification information of the sending end.
  • the second sub-section includes the middle three bytes of the second part, that is, the middle three bytes can be the production date of the sending end, and the third sub-section includes the last three bytes of the second part.
  • the bytes, that is, the last three subsections can be the serial number of the sender, so the twelve bytes constitute the identity information of the sender.
  • Step 202 The sending end obtains the first piece of data to be sent in the current sending period.
  • the first piece of data may be data entered by the user to the sending end, so the sending end may receive the first piece of data entered by the user.
  • the sending cycle is periodically recurring in the transmitting end.
  • the sending end may define a period length, and a timer may be used to implement the sending period.
  • the sender can start a timer and set the timer to start counting from zero to indicate the start of a sending cycle. When the timer reaches the length of the period, reset the timer to start counting from zero to indicate that the timer One transmission cycle ends and the other transmission cycle starts, so the cycle is repeated to realize the periodic cycle of the transmission cycle.
  • the sending end can record the sending sequence number of the data that has been sent during the sending cycle. Therefore, in the current sending cycle, when the sending end receives the data input by the user, the sending end detects whether the sending sequence number of the data that has been sent in the current sending period is stored locally. If the detection result is not saved, the data is determined. Is the first piece of data in the current sending cycle. If the detection result is saved, it is determined that the data is not the first piece of data in the current sending cycle.
  • Step 203 The sender signs the first data and the head node of the hash chain by using the private key information to obtain a second verification code.
  • the sender can also obtain the current second timestamp.
  • the second timestamp is essentially the timestamp of the first data sent by the sender.
  • the second timestamp, the first data, and the Ukraine can be identified by the private key information.
  • the head node of the Greek chain signs the second verification code.
  • the number of nodes included in the hash chain is equal to the number of data allowed to be sent in one sending cycle.
  • the two adjacent nodes are called the first node and the second node, respectively.
  • the first node is close to the head node of the hash chain, and the first node is Calculated based on the second node.
  • one sending period may correspond to one hash chain, or m sending periods may correspond to one hash chain, and m is an integer greater than 1.
  • the sending end When a sending cycle corresponds to a hash chain, the sending end also generates a hash chain before signing the first data and the head node of the hash chain.
  • the sending end When m sending cycles correspond to one hash chain, if the sending cycle where the last time the hash chain was last generated and the current sending cycle interval are m-1 sending cycles, the sending end will Before the head node of the chain signs, it also generates a hash chain; if the interval between the last time when the hash chain was last generated and the current interval is less than m-1 transmission cycles, the sender is sending the first data Before signing with the head of the hash chain, get the most recently generated hash chain.
  • the preset first hash function may be a Message Digest Algorithm 5 (MD5) algorithm and the like.
  • the sending end may generate a first digest message according to the first data and the head node of the hash chain, and use the private key information to encrypt the first digest message to obtain a second verification code.
  • the sending end may generate the first digest message by using the MD5 algorithm according to the first data and the head node of the hash chain.
  • N 3, that is, four pieces of data are allowed to be sent in the current sending period, and assuming there are four pieces of data in the current sending period, which are m 0 , m 1 , m 2, and m 3 , m 0 , m 1 , m 2 and m 3 are the first data, the second data, the third data, and the fourth data to be sent in the current sending cycle, respectively.
  • the sender When the sender obtains the first piece of data m 0 in the current sending cycle, it can generate the first digest message as MD 0 according to the first piece of data m 0 , the current second time stamp t 0, and the head node h 3 .
  • the private key information is used to encrypt the first digest message MD 0 to obtain a second verification code e 0 .
  • the calculation resources required for encrypting the first digest message using the private key information to obtain the second verification code are relatively high, so the calculation cost required for the sender to send the first data is high.
  • Step 204 The sender broadcasts a second message, and the second message includes verification information, the first verification code, the first data, and the head node of the hash chain, and the verification information is the digital certificate.
  • the sending end may broadcast the second message.
  • the second message may further include a second time stamp and a sending sequence number of the first data in the current sending cycle.
  • the sending end can save the sending sequence number of the first piece of data.
  • the second message broadcasted by the sender may include the digital certificate cert, the first verification code e 0 , the first data m 0 , the head node h 3 of the hash chain, the second time stamp t 0 ,
  • the first data m 0 has a transmission sequence number 0 in the current transmission period, and the second message can be expressed as (cert, e 0 , m 0 , h 3 , t 0 , 0).
  • the sending end may send the target data to be sent except the first piece of data in the current sending cycle according to the following procedure, and the procedure may be:
  • Step 205 The sending end obtains target data to be sent after sending the first data in the current sending cycle.
  • the sending end stores the sending serial number of the data in the current sending cycle of the last sending, when the sending end obtains the target data, it can determine the sending serial number of the data in the current sending cycle of the last sending last.
  • the target data is which piece of data to be sent in the current sending cycle, and a sending sequence number that determines the target data in the current sending cycle.
  • Step 206 The sending end obtains the node corresponding to the target data from the hash chain according to the sending sequence number of the target data in the current sending cycle.
  • the sender acquires the head node of the hash chain as the corresponding node of the target data; when determining the target data according to the sending sequence number of the target data
  • the sender obtains the fourth node in the hash chain that is located after the third node and is adjacent to the third node as the target data.
  • the third node is the most recent one. Nodes in the hash chain sent at once.
  • the target data is the second piece of data m 1 to be sent in the current sending period
  • the sending end obtains the head node h 3 in the hash chain as the node corresponding to the second piece of data m 1 .
  • Step 207 The sending end performs a hash operation on the target data and a node corresponding to the target data to obtain a first verification code.
  • the sending end performs a hash operation on the target data and a node corresponding to the target data by using a preset second hash function.
  • the sending end may also obtain a current first time stamp, where the first time stamp is a time stamp for sending target data.
  • the sending end may perform a hash operation on the target data, the node corresponding to the target data, and the first time stamp to obtain a first verification code.
  • the target data is the second piece of data m 1 to be sent in the current sending period
  • MAC () is a preset second hash function, and the preset second hash function may be an MD5 algorithm and the like.
  • Step 208 The sending end sends a first message, where the first message includes the target data, a node corresponding to the target data, a first verification code, and a sending sequence number of the target data.
  • the sending end may broadcast the first message.
  • the first message may further include a first time stamp and / or identity information of the sending end.
  • the identification information of the sending end may be represented by an ID
  • the first message broadcasted by the sending end may include the second piece of data m 1 , the node h 3 corresponding to the second piece of data m 1 , the first verification code e 1 , and the second piece
  • the sending sequence number 1 of the data m 1 , the first time stamp is t 1 and the identification information ID of the sending end, and the first message may be expressed as (m 1 , h 3 , e 1 , 1, t 1 , ID).
  • the transmitting side starts to transmit third data m 2
  • a first transmitting side obtains the current timestamp t 2
  • h 3 head node acquires phase
  • a first broadcast message a first message may be represented as ( m 2 , h 2 , e 2 , 2, t 2 , ID), where 2 is the sending sequence number of the third piece of data m 2 .
  • the sender starts to send the fourth piece of data m 3.
  • the sender obtains the current first time stamp as t 3 , and the node in the hash chain that was sent last time is the second node h 2 .
  • h 2 nodes positioned adjacent to the second node and a third node h after 2 h 1, h 1 the third node 3 as the fourth node data corresponding to m, so that a first end of the transmission time stamp of t 3.
  • the first message may be expressed as (m 3 , h 1 , e 3 , 3, t 3 , ID), where 3 is a sending sequence number of the fourth piece of data m 3 .
  • the computing resource required for the operation of the hash operation is less than the computing resource required for the operation using the private key encryption, so the sending end performs a hash operation on the target data and the node corresponding to the target data to obtain the first verification code.
  • the sender needs lower calculation cost to send the target data other than the first data, but the data is not as secure as the private key encryption method.
  • the sender also sends The node corresponding to the target data, so that the receiving end verifies the node and increases the security of the target data transmission.
  • the sending end may directly broadcast the first message or the second message to the receiving end, so that the first message and the second message may not be forwarded by the server, which reduces the delay in transmitting the first message and the second message.
  • the private key information of the digital certificate issuer used by the sender can be obtained from the server in advance and stored locally, so the sender can complete the broadcast of the message even in an offline scenario or a poor network environment.
  • the node corresponding to the target data is determined according to the sending sequence number of the target data. In this way, when the sender sends multiple first messages continuously in the current sending cycle, the receiver can verify each first message according to the node in each first message. Continuity and improve the security of message transmission.
  • an embodiment of the present application provides a method for verifying a message.
  • This method may be applied to the communication system shown in FIG. 1-1, and an execution body thereof may be a receiving end for receiving the message shown in FIG. 2-1.
  • the message sent by the embodiment, the method includes:
  • Step 301 The receiving end receives a message and determines that the message is a second message.
  • the second message includes the first data, a head node in a hash chain corresponding to the first data, a second verification code, and verification information.
  • the verification information is A digital certificate that includes public key information.
  • the second message may further include a second time stamp for sending the first data and a sending sequence number of the first data in the target sending cycle.
  • the message broadcasted by the sender may be a second message including the first data, or may be a first message including target data other than the first data.
  • the receiving end receives the message, and determines whether the received message is the second message or the first message according to the sending sequence number in the message.
  • the receiving end receives a message, assuming that the message is (cert, e 0 , m 0 , h 3 , t 0 , 0), and determines that the message is the second message according to the sending sequence number 0 in the message.
  • cert is a digital certificate
  • e 0 is the second verification code
  • m 0 is the first data
  • h 3 is the head node of the hash chain
  • t 0 is the second time stamp
  • the serial number of the first data is sent. Is 0.
  • Step 302 The receiving end uses the public key information of the digital certificate issuer to verify the digital certificate.
  • step 303 is performed.
  • the process of the receiving end verifying the digital certificate may be: the receiving end obtains a digital signature from the digital certificate, decrypts the digital signature using the public key information of the digital certificate issuer to obtain a third hash value; The other part of the certificate except the digital signature is hashed to obtain a fourth hash value. If the third hash value is equal to the fourth hash value, the digital certificate is verified to pass. If the third hash value is not equal to The fourth hash value fails the verification of the digital certificate.
  • the receiver can obtain the public key information of the certificate issuer from the server in advance, and then save the public key information of the certificate issuer locally, so the receiver can directly use the public key information of the certificate issuer stored locally to the digital
  • the signature is decrypted.
  • the receiving end may obtain the public key information of the certificate issuer from the server, and use the public key information of the certificate issuer to decrypt the digital signature.
  • the receiving end includes a message buffer area.
  • the receiving end may not immediately perform the operation of step 302, but instead buffer the message in the message buffer area; the length of time for receiving the message reaches the second
  • the digital certificates in the received Z messages are verified.
  • the Z messages are the messages including the digital certificates cached in the message buffer area.
  • the digital certificates in the Z messages pass the verification, Perform the operation of subsequent step 303 for each of the Z messages.
  • the digital certificate in the Z messages fails to pass the verification, perform step 302 for each of the Z messages.
  • Operation Z is an integer greater than 0, so that batch verification of the digital certificates in the Z messages is implemented, and the verification efficiency is improved.
  • the second threshold may be equal to a period length of a target transmission period.
  • the operation of verifying the digital certificate in the received Z messages by the receiving end may be:
  • h (cert) ⁇ e
  • h () is a preset hash function
  • cert is the digital certificate
  • is the digital signature in the digital certificate.
  • the digital certificates in the Z messages obtained by the receiving end are cert 1 , cert 2 , ..., cert Z , respectively, and the Z digits are obtained from the digital certificates cert 1 , cert 2 , ..., cert Z.
  • the signatures are ⁇ 1 , ⁇ 2 ,..., ⁇ Z. If the Z digital certificates and the Z digital signatures satisfy the following second relation, the digital certificates in the Z messages are verified. If the If the Z digital certificates and the Z digital signatures do not satisfy the following second relationship, then the verification of the digital certificates in the Z messages fails.
  • each message that does not include a digital certificate in the message buffer perform the following steps 303 and 304, respectively.
  • the receiving end may also obtain a fourth timestamp for receiving the second message, obtain a second difference between the second timestamp and the fourth timestamp, and the second difference does not exceed When the first threshold is reached, the operation in this step is performed.
  • the receiving end may use the current timestamp as a fourth timestamp for receiving the second message.
  • the receiver can quickly receive the second message.
  • the difference between the second timestamp of sending the second message and the fourth timestamp of receiving the second message is small, usually less than First threshold.
  • the other device may repeatedly send the second message to the receiver, so that the receiver repeatedly processes the second message to implement attack reception. end. Therefore, in order to prevent other devices from constantly attacking the receiving end, the receiving end judges whether the difference between the second timestamp and the fourth timestamp exceeds the first threshold. When the first threshold is exceeded, the second message is discarded to avoid repeated processing of Two messages to avoid being constantly attacked by other devices; when the first threshold is not exceeded, perform the operation of this step.
  • the first threshold may be a value such as 1 second or 2 seconds.
  • Step 303 The receiving end decrypts the second verification code according to the public key information in the digital certificate to obtain the first summary information, and generates the second summary information according to the first data and the head node corresponding to the first data.
  • the receiving end may perform a hash operation on the first data and a head node corresponding to the first data to obtain the second summary information.
  • the receiving end may use the MD5 algorithm to perform hash operations on the first data and the head node corresponding to the first data to obtain the second summary information.
  • the receiving end may perform a hash operation on the second timestamp, the first data, and the head node corresponding to the first data to obtain the second summary information.
  • the second message received by the receiver is (cert, e 0 , m 0 , h 3 , t 0 , 0).
  • the receiver uses the public key information in the digital certificate cert to correspond to the second message.
  • the verification code e 0 is decrypted to obtain the first digest message as MD 0 .
  • the MD5 algorithm is used to hash the first piece of data m 0 , the second time stamp t 0 , and the head node h 3 corresponding to the first piece of data to obtain the second digest information MD 1 .
  • Step 304 When the first summary information and the second summary information are equal, the first piece of data is verified to pass.
  • the receiving end can also save the head node corresponding to the first piece of data.
  • the receiving end continues to receive the first messages sent by the sending end within the target sending period.
  • the detailed implementation process is as follows:
  • Step 305 The receiving end receives the message, and determines that the message is the first message.
  • the first message includes the target data, a node in the hash chain corresponding to the target data, a sending sequence number of the target data in the target sending cycle, and a first verification code.
  • the target data is the data sent after the first data is sent in the target transmission cycle.
  • the first message may further include a first time stamp for sending the target data and / or identity information of the sending end, and the like.
  • the message broadcasted by the sender may be a second message including the first data, or may be a first message including target data other than the first data.
  • the receiving end receives the message, and determines whether the received message is the second message or the first message according to the sending sequence number in the message.
  • the receiving end receives a message, assuming that the message is (m 1 , h 3 , e 1 , 1, t 1 , ID), and determines that the message is the first message according to the sending sequence number 1 in the message.
  • m 1 is the second piece of data in the target transmission period
  • t 1 is the first time stamp for sending the second piece of data
  • e 1 is the first verification code
  • the serial number of the second piece of data is 1
  • h 3 is the node corresponding to the second piece of data
  • ID is the identification information of the sending end.
  • the message received by the receiving end is (m 2 , h 2 , e 2 , 2, t 2 , ID), and according to the sending sequence number 2 in the message, it is determined that the message is the first message.
  • m 2 is the third piece of data in the target transmission period
  • t 2 is the first time stamp of sending the third piece of data
  • e 2 is the first verification code
  • the serial number of the third piece of data is 2
  • h 2 is the node corresponding to the third piece of data.
  • the message received by the receiving end is (m 3 , h 1 , e 3 , 3, t 3 , ID), and according to the sending sequence number 3 in the message, it is determined that the message is the first message.
  • m 3 is the fourth piece of data in the target transmission period
  • t 3 is the first time stamp for sending the fourth piece of data
  • e 3 is the first verification code
  • the fourth piece of data is sent with the serial number 3.
  • h 1 is the node corresponding to the fourth piece of data.
  • Step 306 The receiving end determines the node corresponding to the received first data according to the sending sequence number of the target data.
  • the first data is the data that the sending end sent recently before sending the target data.
  • the first data is the first piece of data in the target sending cycle.
  • the target data is data after sending the second piece of data in the target sending cycle
  • the first data is data after sending the first piece of data in the target sending cycle.
  • the received first message is (m 1 , h 3 , e 1 , 1, t 1 , ID)
  • determine the first data as the first data m 0 according to the sending sequence number 1 corresponding to the target data m 1 , and determine the first data m 0
  • the node corresponding to a data is the head node h 3 .
  • the received first message is (m 2 , h 2 , e 2 , 2, t 2 , ID)
  • it is determined that the first data is the second in the target sending period according to the sending sequence number 2 corresponding to the target data m 2
  • the piece of data m 1 and the node corresponding to the first data are determined as the head node h 3 .
  • the received first message is (m 3 , h 1 , e 3 , 3, t 3 , ID)
  • determine that the first data is the third in the target transmission period according to the sending sequence number 3 corresponding to the target data m 3 Piece of data m 2
  • determining that the node corresponding to the first data is the second node h 2 of the hash chain.
  • Step 307 The receiving end verifies the node corresponding to the target data according to the node corresponding to the first data.
  • the node corresponding to the target data is verified to pass.
  • the target data is m 1, where m 1 data corresponding to the target node h 3 h 3 equal to the head node data corresponding to the first article, the node for the target data corresponding to m 1 h 3 passed the verification.
  • a node corresponding to the target data is hashed to obtain a second hash result.
  • the second hash result is related to the first data
  • the node corresponding to the target data is verified.
  • the target data is m 2
  • a second hash result H (h) obtained by hashing the node h 2 corresponding to the target data m 2 2)
  • the second hash result H (h 2) is equal to the second data node corresponding to m 1 h 3 equal
  • the authentication node h 2 m 2 corresponding to the target data through.
  • the target data is m 3
  • the second hash result H obtained by hashing the node h 1 corresponding to the target data m 3 ( h 1 )
  • the second hash result H (h 1 ) is equal to the node h 2 corresponding to the third piece of data m 3 , so the node h 1 corresponding to the target data m 3 is verified to pass.
  • the receiving end verifies the node corresponding to the target data by using the node in the hash chain that was received last time, so that it can verify whether the messages continuously received by the receiving end are continuous, thereby improving security.
  • Step 308 When the node corresponding to the target data is verified, the receiving end performs a hash operation on the target data and the node corresponding to the target data to obtain a first hash result.
  • the receiving end may perform a hash operation on the target data and a node corresponding to the target data by using a preset second hash function to obtain a first hash result.
  • the receiving end may perform a hash operation on the first time stamp, the target data, and the node corresponding to the target data to obtain the first hash result.
  • Step 309 When the first hash result is equal to the first verification code, the target data is verified to pass.
  • the security of the message transmission can be guaranteed by verifying the node corresponding to the target data.
  • the receiver verifies the node corresponding to the target data faster and requires less computing resources.
  • the hash operation obtains the first hash.
  • the required computing resources are less than the computing resources required for decryption, and the speed of the hash operation is faster than the decryption speed, so not only the security of message transmission is guaranteed, but also the speed of verification is improved.
  • the target data is the second piece of data m 1 in the target transmission period, and the receiving end responds to the first time stamp t 1.
  • the first verification code e 1 is the same, the second piece of data m 1 is verified.
  • the target data is the third piece of data m 2 in the target sending cycle.
  • the verification of the third piece of data m 2 is passed.
  • the target data is the fourth piece of data m 3 in the target sending cycle
  • the fourth piece of data m 3 is verified to pass.
  • the receiving end can process the first piece of data after passing the first piece of data verification, and can process the target data after passing the target piece of data.
  • the way in which the receiving end processes the first or target data may be to play the first or target data, or display the first or target data.
  • the receiving end can directly extract the information from the identification information of the sending end, and can display or play the information, so that the receiving end does not need to query the information from the network.
  • the receiving end may directly receive a message broadcasted by the sending end, so that the message may not be forwarded by the server, which reduces the delay in transmitting the message and improves the efficiency of message transmission.
  • the public key information of the digital certificate issuer used by the receiving end can be obtained from the server in advance and stored locally, so the receiving end can complete the message parsing even in an offline scenario or a poor network environment.
  • the node corresponding to the target data is determined according to the sending sequence number of the target data. In this way, when the sender sends multiple messages continuously in the current sending cycle, the receiver verifies the continuity of each message according to the nodes in each message, which improves the message transmission. Security.
  • an embodiment of the present application provides a method for sending a message.
  • the method can be applied to the communication system shown in FIG. 1-1.
  • the method is executed by the transmitting end of the communication system, and includes:
  • Step 401 The sending end determines its identity information as public key information, and generates private key information that matches the public key information.
  • the sending end may obtain the public key information and the private key information by using an identity-based signature mechanism (IBS).
  • IBS identity-based signature mechanism
  • the IBS method is: the sender obtains its own identity information, uses the identity information as public key information, and generates private key information based on the identity information.
  • the private key information generated by this implementation manner includes a first private key and a second private key.
  • the implementation can be:
  • the sending end may receive the generator g of the multiplication group broadcasted by the server, the prime number q and the first random number x of the multiplication group in advance, and then save it locally.
  • Sender ’s identity information ID, first private key R, first random value x, and second random value r to generate a second private key Q, where the second private key Q r + x * h1 (ID, R) , Where h1 () is a preset third hash function. So the generated private key information can be expressed as (first private key R, second private key Q).
  • a multiplication group is preset in the server, and the server can obtain the generator g and prime number q of the multiplication group, and the prime number q is the number of elements included in the multiplication group, and generate a first random number x smaller than the prime number q; then the server broadcasts
  • the generator g, the prime number q, and the first random number x, and the sending end can receive and save the generator g, the prime number q, and the first random number x.
  • the sending end when generating the private key information, the sending end can obtain the generator g, the prime number q, and the first random number x stored locally, and then generate the private key information.
  • the sending end may also temporarily obtain the generator g, the prime number q, and the first random number x from the server, and then generate the private key information.
  • the identity information of the sender can be set in the sender when the sender leaves the factory. So the sender can get its identity information from its local.
  • step 201 of the embodiment shown in FIG. 2-1 For the structure of the identity information of the sending end, refer to related content in step 201 of the embodiment shown in FIG. 2-1, which will not be described in detail here.
  • Step 402 The sending end obtains the first piece of data to be sent in the current sending period.
  • the first piece of data may be data entered by the user to the sending end, so the sending end may receive the first piece of data entered by the user.
  • the sending cycle is periodically recurring in the transmitting end.
  • the sending end may define a period length, and a timer may be used to implement the sending period.
  • the sender can start a timer and set the timer to start counting from zero to indicate the start of a sending cycle. When the timer reaches the length of the period, reset the timer to start counting from zero to indicate that the timer One transmission cycle ends and the other transmission cycle starts, so the cycle is repeated to realize the periodic cycle of the transmission cycle.
  • the sending end can record the sending sequence number of the data that has been sent during the sending cycle. Therefore, in the current sending cycle, when the sending end receives the data input by the user, the sending end detects whether the sending sequence number of the data that has been sent in the current sending period is stored locally. If the detection result is not saved, the data is determined. Is the first piece of data in the current sending cycle. If the detection result is saved, it is determined that the data is not the first piece of data in the current sending cycle.
  • Step 403 The sender signs the first data and the head node of the hash chain by using the private key information to obtain a second verification code.
  • the sender can also obtain the current second timestamp.
  • the second timestamp is essentially the timestamp of the first data sent by the sender.
  • the second timestamp, the first data, and the Ukraine can be identified by the private key information.
  • the head node of the Greek chain signs the second verification code.
  • the number of nodes included in the hash chain is equal to the number of data allowed to be sent in one sending cycle.
  • Any two adjacent nodes in the hash chain are called the first node and the second node.
  • the first node is close to the head node of the hash chain.
  • the first node is based on Derived from the second node.
  • one sending period may correspond to one hash chain, or m sending periods may correspond to one hash chain, and m is an integer greater than 1.
  • the sending end When a sending cycle corresponds to a hash chain, the sending end also generates a hash chain before signing the first data and the head node of the hash chain.
  • the sender When m sending cycles correspond to one hash chain, if the sending cycle in which the last time the hash chain was last generated and the current sending cycle interval are m-1 sending cycles, the sender will compare the first data and the hash chain. The head node also generates a hash chain before signing; if the sending cycle of the last time the hash chain was generated last and the current sending cycle interval is less than m-1 sending cycles, the sending end will Before the head node of the Greek chain signs, get the most recently generated hash chain.
  • the sending end may generate a first digest message according to the first data and the head node of the hash chain, and use the private key information to encrypt the first digest message to obtain a second verification code.
  • the second verification code includes the first verification code. A signature, a second signature, and a first private key.
  • Step 404 The sender sends a second message, and the second message includes the public key information, the second verification code, the first data, and the head node of the hash chain.
  • the sending end may broadcast the second message.
  • the second message may further include a second time stamp and a sending sequence number of the first data in the current sending cycle.
  • the sending process of the sending end is as follows:
  • Step 405 to step 408 Steps 205 to 208 are the same, respectively, and will not be described in detail here.
  • the sending end may directly broadcast the first message or the second message to the receiving end, so that the first message and the second message may not be forwarded by the server, which reduces the delay in transmitting the first message and the second message.
  • the first message sent by the sender includes nodes in the hash chain corresponding to the target data
  • the nodes in the hash chain are one-way mapping relationships, and the nodes corresponding to the target data are determined according to the sending sequence number of the target data.
  • the receiver can verify the continuity of each first message according to the node in each first message, and the discontinuous first message may be forged by other devices.
  • the message from the sender enables the receiver to verify the fake first message in time, which improves the security of message transmission.
  • an embodiment of the present application provides a method for verifying a message.
  • This method can be applied to the communication system shown in FIG. 1-1, and an execution body thereof may be a receiving end for receiving the embodiment shown in FIG. 4
  • the message sent by the method includes:
  • Step 501 The receiving end receives a message and determines that the message is a second message.
  • the second message includes the first data, a head node in a hash chain corresponding to the first data, a second verification code, and public key information.
  • the public key information may be identity information of the sending end.
  • the second message may further include a second time stamp for sending the first data and a sending sequence number of the first data in the target sending cycle.
  • the message sent by the sender may be a second message including the first data, or may be a first message including other target data in addition to the first data.
  • the receiving end receives the message, and determines whether the received message is the second message or the first message according to the sending sequence number in the message.
  • the receiving end includes a message buffer area.
  • the receiving end receives the message, whether the message is the first message or the second message, the message may be buffered in the message buffer area first; at the time of receiving the message, When the length reaches the first threshold, the received Z second messages are verified at the same time, and the Z messages are the second messages buffered in the message buffer area.
  • the Z second messages are verified at the same time, they can be directly Process the first data in the Z second messages.
  • the Z second messages are not verified at the same time, perform the operation of subsequent step 502 on each of the Z second messages.
  • Z is An integer greater than 0, so that batch verification of the second verification codes in the Z second messages is implemented, thereby improving verification efficiency.
  • the operation of verifying the Z second messages received by the receiver at the same time may include the following operations 521 to 523, respectively:
  • the receiving end obtains the third value of the Z second messages according to the generator of the preset multiplication group and the second verification code in the Z second messages.
  • the generator of the multiplication group can be preset on the server or preset in the receiving end.
  • the receiving end obtains a fourth value of each second message according to each second message and a second verification code in each second message.
  • the fourth values corresponding to each second message are obtained in the above manner, which are v 1 , v 2 ,..., V Z , respectively.
  • Step 502 The receiving end decrypts the second verification code according to the public key information to obtain the first digest information, and generates the second digest information according to the first data and a head node corresponding to the first data.
  • the receiving end may also obtain a fourth timestamp of receiving the second message, and obtain a second difference between the second timestamp and the fourth timestamp in the second message. When the difference does not exceed the first threshold, perform the operation in this step.
  • the receiving end may use the current timestamp as a fourth timestamp for receiving the second message.
  • the receiver can quickly receive the second message.
  • the difference between the second timestamp of sending the second message and the fourth timestamp of receiving the second message is small, usually smaller than the first. A threshold.
  • the other device may repeatedly send the second message to the receiver, so that the receiver repeatedly processes the second message to implement attack reception. end. Therefore, in order to prevent other devices from constantly attacking the receiving end, the receiving end judges whether the second difference between the second timestamp and the fourth timestamp exceeds the first threshold. When the first threshold is exceeded, the second message is discarded to avoid repeated processing. The second message to avoid being continuously attacked by other devices; when the first threshold is not exceeded, the operation in this step is performed.
  • Step 503 When the first summary information and the second summary information are equal, the first data in the second message is verified to pass.
  • the receiving end continues to receive the first messages sent by the sending end within the target sending period.
  • the detailed implementation process is as follows:
  • Steps 504 to 508 are the same as steps 305 to 309, respectively, and will not be described in detail here.
  • the receiving end may directly receive a message broadcasted by the sending end, so that the message may not be forwarded by the server, which reduces the delay in transmitting the message and improves the efficiency of message transmission.
  • the message sent by the sender includes the nodes in the hash chain corresponding to the target data, the nodes in the hash chain are unidirectionally mapped, and the nodes corresponding to the target data are determined according to the sending sequence number of the target data.
  • the receiving end verifies the continuity of each message according to the nodes in each message, which improves the security of message transmission.
  • an embodiment of the present application provides a device 600 for sending a message.
  • the device 600 may be a sending end or a part of a sending end in any of the foregoing embodiments, and includes:
  • the processing unit 601 is configured to obtain target data to be sent, where the target data is data to be sent after the first data is sent in the current sending cycle; and to obtain the corresponding target data from the hash chain according to the sending sequence number of the target data in the current sending cycle.
  • the number of nodes included in the hash chain is equal to the number of data allowed to be sent in the current sending cycle.
  • the target data and the node corresponding to the target data are hashed to obtain a first verification code, and the first verification code is used by the receiving end to verify the target. data;
  • the sending unit 602 is configured to send a first message, where the first message includes target data, a node corresponding to the target data, a first verification code, and a sending sequence number of the target data.
  • processing unit 601 is further configured to:
  • processing unit 601 is configured to:
  • the target data is the second piece of data to be sent in the current sending cycle according to the sending sequence number of the target data, obtaining the head node of the hash chain as the node corresponding to the target data;
  • a fourth node in the hash chain that is located after the third node and is adjacent to the third node is used as the node corresponding to the target data
  • the third node is the node in the hash chain that was sent last time.
  • the first message further includes a first time stamp for sending the target data.
  • the processing unit 601 is further configured to sign the first data and the head node of the hash chain by using the private key information to obtain a second verification code, and the second verification code is used by the receiving end to verify the first data;
  • the sending unit 602 is further configured to send a second message.
  • the second message includes verification information, a first piece of data, a second verification code, and a node corresponding to the first piece of data.
  • the verification information includes public key information that matches the private key information.
  • processing unit 601 is configured to:
  • the second message further includes a second time stamp for sending the target data.
  • the verification information is a digital certificate, and the digital certificate includes public key information; or, the verification information is public key information, and the public key information is identity information of the sending end.
  • the sending unit may directly send the first message or the second message to the receiving end, so that the first message and the second message may not be forwarded by the server, which reduces the delay in transmitting the first message and the second message.
  • the sent message includes the nodes in the hash chain corresponding to the target data
  • the nodes in the hash chain are unidirectionally mapped, and the nodes corresponding to the target data are determined according to the sending sequence number of the target data.
  • the receiver can verify the continuity of each message according to the nodes in each message.
  • other devices may fake the messages of the sender, so that the receiver can verify the faked messages in time. Message, which improves the security of message transmission.
  • an embodiment of the present application provides a device 700 for verifying a message.
  • the device 700 may be a receiving end or a part of a receiving end in any of the foregoing embodiments, and includes:
  • the receiving unit 701 is configured to receive a first message.
  • the first message includes target data, a node in a hash chain corresponding to the target data, a first verification code, and a sending sequence number of the target data in a target sending cycle.
  • the target data is the target.
  • the number of nodes included in the hash chain is equal to the number of data allowed to be sent in the target sending cycle;
  • the processing unit 702 is configured to verify the target data according to the node corresponding to the target data, the sending serial number corresponding to the target data, and the first verification code.
  • processing unit 702 is configured to:
  • the target data is verified to pass.
  • the first data is the first piece of data
  • the node corresponding to the first piece of data is the head node of the hash chain.
  • the processing unit 702 is configured to: The node corresponding to the data is verified.
  • the first data is data sent after the first data is sent within the target sending period
  • the processing unit 702 is configured to:
  • the node corresponding to the target data is verified to pass.
  • the first message further includes a first time stamp for sending the target data
  • the processing unit 702 is configured to:
  • the target data is verified according to the node corresponding to the target data, the sending serial number corresponding to the target data, and the first verification code.
  • the receiving unit 701 is further configured to receive a second message.
  • the second message includes the first data, a head node of a hash chain corresponding to the first data, a second verification code, and verification information.
  • the verification information includes public key information. ;
  • the processing unit 702 is further configured to verify the first piece of data according to the second verification code and the public key information.
  • processing unit 702 is configured to:
  • the first piece of data is verified.
  • the verification information is a digital certificate
  • the digital certificate includes the public key information
  • the processing unit 702 is configured to:
  • the second verification code is decrypted using the public key information to obtain the first digest information.
  • processing unit 702 is configured to:
  • the digital certificate's public key information is used to verify the digital certificate.
  • processing unit 702 is configured to:
  • the digital certificates in the Z messages are verified and passed.
  • the second message further includes a second timestamp of the first data sent
  • the processing unit 702 is configured to:
  • the first piece of data is verified according to the second verification code and the public key information.
  • processing unit 702 is configured to:
  • the received Z second messages are verified at the same time, and the Z second messages are the second messages buffered in the message buffer area;
  • the verification of the Z second messages fails at the same time, the first piece of data is verified according to the second verification code and the public key information.
  • the receiving unit can directly receive the message sent by the sending end, so that the message can be forwarded without passing through the server, which reduces the delay of message transmission and improves the efficiency of message transmission.
  • the message sent by the sender includes the nodes in the hash chain corresponding to the target data, the nodes in the hash chain are unidirectionally mapped, and the nodes corresponding to the target data are determined according to the sending sequence number of the target data.
  • the processing unit verifies the continuity of each message according to the nodes in each message, improving the security of message transmission.
  • FIG. 8 is a schematic diagram of an apparatus 800 for sending a message according to an embodiment of the present application.
  • the device 800 includes at least one processor 801, a bus system 802, a memory 803, and at least one transceiver 804.
  • the device 800 is a device with a hardware structure and can be used to implement the functional modules in the device 600 described in FIG. 6.
  • the processing unit 601 in the device 600 shown in FIG. 6 may be implemented by calling the code in the memory 803 by the at least one processor 801, and the sending unit 602 in the device 600 shown in FIG. 6 may This is implemented by the transceiver 804.
  • the device 800 may also be used to implement the function of the transmitting end in any of the foregoing embodiments.
  • the processor 801 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more for controlling the Integrated circuit for application program execution.
  • CPU central processing unit
  • ASIC application-specific integrated circuit
  • the bus system 802 may include a channel for transmitting information between the components.
  • the transceiver 804 is configured to communicate with other devices or a communication network.
  • the above-mentioned memory 803 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory, RAM), or other information that can store information and instructions.
  • Type of dynamic storage device can also be electrically erasable programmable read-only memory (electrically erasable programmable read-only memory (EEPROM)), read-only compact disc (compact disc-read-only memory (CD-ROM) or other optical disc storage, optical disc Storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store the desired program code in the form of instructions or data structures and can be implemented by Any other media that the computer accesses, but is not limited to.
  • the memory may exist independently and be connected to the processor through a bus. The memory can also be integrated with the processor.
  • the memory 803 is configured to store application program code that executes the solution of the present application, and is controlled and executed by the processor 801.
  • the processor 801 is configured to execute application program code stored in the memory 803, so as to implement functions in the method of the present patent.
  • the processor 801 may include one or more CPUs, such as CPU0 and CPU1 in FIG. 8.
  • the apparatus 800 may include multiple processors, such as the processor 801 and the processor 807 in FIG. 8. Each of these processors may be a single-CPU processor or a multi-CPU processor.
  • a processor herein may refer to one or more devices, circuits, and / or processing cores for processing data (such as computer program instructions).
  • the apparatus 800 may further include an output device 805 and an input device 806.
  • the output device 805 communicates with the processor 801 and can display information in a variety of ways.
  • the output device 805 may be a liquid crystal display (LCD) or the like.
  • the input device 806 is in communication with the processor 801 and can accept user input in a variety of ways.
  • the input device 806 may be a touch screen device or a sensing device.
  • FIG. 9 is a schematic diagram of an apparatus 900 for verifying a message according to an embodiment of the present application.
  • the device 900 includes at least one processor 901, a bus system 902, a memory 903, and at least one transceiver 904.
  • the device 900 is a device with a hardware structure and can be used to implement the functional modules in the device 700 described in FIG. 7.
  • the processing unit 702 in the apparatus 700 shown in FIG. 7 may be implemented by calling the code in the memory 903 by the at least one processor 901, and the receiving unit 701 in the apparatus 700 shown in FIG. 7 may This is implemented by the transceiver 904.
  • the device 900 may also be used to implement the function of the transmitting end in any of the foregoing embodiments.
  • the above-mentioned processor 901 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more for controlling the computer. Integrated circuit for application program execution.
  • CPU central processing unit
  • ASIC application-specific integrated circuit
  • the bus system 902 may include a channel for transmitting information between the components.
  • the transceiver 904 is configured to communicate with other devices or a communication network.
  • the foregoing memory 903 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory, RAM), or other information that can store information and instructions.
  • Type of dynamic storage device can also be electrically erasable programmable read-only memory (electrically erasable programmable read-only memory (EEPROM)), read-only compact disc (compact disc-read-only memory (CD-ROM) or other optical disc storage, optical disc Storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), disk storage media or other magnetic storage devices, or can be used to carry or store the desired program code in the form of instructions or data structures and can be written Any other media that the computer accesses, but is not limited to.
  • the memory may exist independently and be connected to the processor through a bus. The memory can also be integrated with the processor.
  • the memory 903 is configured to store application program code that executes the solution of the present application, and is controlled and executed by the processor 801.
  • the processor 901 is configured to execute application program code stored in the memory 903, so as to implement functions in the method of the present patent.
  • the processor 901 may include one or more CPUs, such as CPU0 and CPU1 in FIG. 9.
  • the apparatus 900 may include multiple processors, such as the processor 801 and the processor 907 in FIG. 9. Each of these processors may be a single-CPU processor or a multi-CPU processor.
  • a processor herein may refer to one or more devices, circuits, and / or processing cores for processing data (such as computer program instructions).
  • the apparatus 900 may further include an output device 905 and an input device 906.
  • the output device 905 communicates with the processor 901 and can display information in a variety of ways.
  • the output device 905 may be a liquid crystal display (LCD) or the like.
  • the input device 906 communicates with the processor 901 and can accept user input in a variety of ways.
  • the input device 806 may be a touch screen device or a sensing device.
  • an embodiment of the present application provides a communication system 1000.
  • the communication system 1000 includes the device shown in FIG. 6 and the device shown in FIG. 7, or the device shown in FIG. 8 and FIG. 9 installation.
  • the device shown in FIG. 6 or the device described in FIG. 8 may be a transmitting end
  • the device described in FIG. 7 or the device described in FIG. 9 may be a receiving end.
  • the program may be stored in a computer-readable storage medium.
  • the storage medium mentioned may be a read-only memory, a magnetic disk or an optical disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本申请公开了一种发送消息的方法、验证消息的方法、装置及通信系统,属于通信领域。所述方法包括:发送端获取待发送的目标数据,所述目标数据是当前发送周期内在发送首条数据之后待发送的数据;所述发送端根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点,所述哈希链包括的节点数目等于当前发送周期内允许发送的数据数目;所述发送端对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一验证码,所述第一验证码用于接收端验证所述目标数据;所述发送端发送第一消息,所述第一消息包括所述目标数据、所述目标数据对应的节点、所述第一验证码和所述目标数据的发送序号。本申请能够提高传输消息的效率。

Description

一种发送消息的方法、验证消息的方法、装置及通信系统
本申请要求于2018年9月12日提交的申请号为201811063947.1、发明名称为“一种发送消息的方法、验证消息的方法、装置及通信系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及通信领域,特别涉及一种发送消息的方法、验证消息的方法、装置及通信系统。
背景技术
随着信息技术的不断发展,诸如智能手机、智能电视、智能音箱、智能冰箱等智能化设备不断涌入人们的生活,人们越来越多的感受到智能化所带来的便利。与此同时,车辆的智能化,越来越被人们所关注,研究车外情景智能化离不开对车外环境数据的获取。
对于任一车辆,该车辆可以获取其他车辆共享的车外环境数据,在实现时,各车辆在采集到车外环境数据时,可以将该车外环境数据发送给中央服务器。中央服务器接收该车外环境数据,可以绘制一个地图,该地图包括接收各车辆发送的车外环境数据。这样对于各车辆,该车辆可以从中央服务器中下载该地图,从而获取到各车辆共享的车外环境数据。
在实现本申请的过程中,发明人发现现有技术至少存在以下问题:
目前共享车外环境数据依赖中央服务器,车辆从中央服务器中获取数据的过程受到网络状态的影响,存在一定的网络延时。
发明内容
为了提高传输消息的效率,本申请实施例提供了一种发送消息的方法、验证消息的方法、装置及通信系统。所述技术方案如下:
第一方面,本申请提供了一种发送消息的方法,在所述方法中发送端获取待发送的目标数据,所述目标数据是当前发送周期内在发送首条数据之后待发送的数据;根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点,所述哈希链包括的节点数目等于当前发送周期内允许发送的数据数目;对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一验证码,所述第一验证码用于接收端验证所述目标数据;发送第一消息,所述第一消息包括所述目标数据、所述目标数据对应的节点、所述第一验证码和所述目标数据的发送序号。由于发送端可以直接向接收端发送第一消息,这样第一消息可以不经过服务器转发,减小了第一消息传输的延时,提高消息发送的效率。另外,由于发送端对目标数据和目标数据对应的节点进行哈希运算,哈希运算所需要的计算资源少,降低发送消息的成本,又由于第一消息还包括目标数据对应的节点,使得接收端可以通过验证目标数据对应的节点,提高消息传输的安全性,验证节点的速度较快,提高接收端验证的速率。
在第一方面的一种可能实现方式中,随机生成所述哈希链的尾节点;对所述哈希链中的节点h i-1进行哈希运算得到所述哈希链中的节点h i,i=1、2、……、N,N+1为当前发送周期内允许发送的数据数目,节点h 0为所述尾节点,节点h N为所述哈希链的头节点。由于对所述哈希链中的节点h i-1进行哈希运算得到所述哈希链中的节点h i,这样使得哈希链具有单向映射的特性。
在第一方面的一种可能实现方式中,在根据所述目标数据的发送序号确定所述目标数据是当前发送周期内待发送的第二条数据时,获取所述哈希链的头节点作为所述目标数据对应的节点;在根据所述目标数据的发送序号确定所述目标数据是位于所述第二条数据之后待发送的数据时,获取所述哈希链中位于第三节点之后且与所述第三节点相邻的第四节点作为所述目标数据对应的节点,所述第三节点是最近上一次发送的所述哈希链中的节点。这样可以使发送端在发送首条数据之后发送的各数据对应的节点都是连续的节点,接收端可以根据各数据对应的节点验证数据连续性,来保证数据传输的安全性。
在第一方面的一种可能实现方式中,所述第一消息还包括发送所述目标数据的第一时间戳。这样可以使接收端通过第一时间戳验证接收的消息的时效性,以进一步提高消息传输的安全性。
在第一方面的一种可能实现方式中,通过私钥信息对所述首条数据和所述哈希链的头节点进行签名得到第二验证码,所述第二验证码用于所述接收端对所述首条数据进行验证;发送第二消息,所述第二消息包括验证信息、所述首条数据、所述第二验证码和所述首条数据对应的节点,所述验证信息包括与所述私钥信息相匹配的公钥信息。由于发送端使用私钥信息对首条数据和哈希链的头节点进行签名得到第二验证码,这样提高消息传输的安全性。
在第一方面的一种可能实现方式中,先根据所述首条数据和所述哈希链的头节点生成第一摘要信息;然后使用私钥信息对所述第一摘要信息进行签名得到第二验证码。对第一摘要信息进行签名,可以减小签名所需要的计算量。
在第一方面的一种可能实现方式中,所述第二消息还包括发送所述目标数据的第二时间戳。这样可以使接收端通过第二时间戳验证接收的消息的时效性,以进一步提高消息传输的安全性。
在第一方面的一种可能实现方式中,所述验证信息为数字证书,所述数字证书包括所述公钥信息;或者,所述验证信息为所述公钥信息,所述公钥信息为所述发送端的身份标识信息。
第二方面,本申请提供了一种验证消息的方法,在所述方法中接收端接收第一消息,所述第一消息包括目标数据、所述目标数据对应的哈希链中的一个节点、第一验证码和所述目标数据在目标发送周期中的发送序号,所述目标数据是所述目标发送周期内在发送首条数据 之后发送的数据,所述哈希链包括的节点数目等于所述目标发送周期内允许发送的数据数目;根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。由于接收端可以直接接收发送端发送的消息,这样该消息可以不经过服务器转发,减小了该消息传输的延时,提高消息发送的效率。另外,该消息包括目标数据对应的哈希链中的节点,这样接收端通过对该节点进行验证可以保障该消息传输的安全性。
在第二方面的一种可能实现方式中,根据所述目标数据的发送序号确定已接收的第一数据对应的节点,所述第一数据是发送端在发送所述目标数据之前最近发送的数据;由于根据所述第一数据对应的节点对所述目标数据对应的节点进行验证,这样接收端通过验证目标数据对应的节点来保证消息传输的安全性,对节点的验证速度较快,又提高了验证的效率。在验证所述目标数据对应的节点通过时,由于对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一哈希结果;在所述第一哈希结果与所述第一验证码匹配时,对所述目标数据验证通过,这样接收端只需要对目标数据和目标数据对应的节点进行哈希运算,哈希运算所需要的计算资源少,减小了验证成本。
在第二方面的一种可能实现方式中,所述第一数据为所述首条数据,当所述目标数据对应的节点与所述首条数据对应的头节点相等时,对所述目标数据对应的节点验证通过。这样在目标数据为第二条数据时,只需验证目标数据的节点和首条数据对应的头节点是否相等,验证操作简单,所需要的计算资源少,验证的速度快。
在第二方面的一种可能实现方式中,所述第一数据为所述目标发送周期内在发送所述首条数据之后发送的数据,由于对所述目标数据对应的节点进行哈希运算得到第二哈希结果;在所述第二哈希结果与所述第一数据对应的节点相等时,对所述目标数据对应的节点验证通过,哈希运算所需要计算量较少,这样使得验证操作简单,所需要的计算资源少,验证的速度快。
在第二方面的一种可能实现方式中,所述第一消息还包括发送所述目标数据的第一时间戳;获取所述第一时间戳和接收所述目标数据的第三时间戳之间的第一差值;在所述第一差值不超过第一阈值时,根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。这样接收端可以通过第一时间戳和第三时间戳验证接收的消息的时效性,以进一步提高消息传输的安全性。
在第二方面的一种可能实现方式中,接收第二消息,所述第二消息包括所述首条数据、所述首条数据对应的所述哈希链的头节点、第二验证码和验证信息,所述验证信息包括公钥信息;根据所述第二验证码和所述公钥信息对所述首条数据进行验证。由于根据所述第二验证码和所述公钥信息对所述首条数据进行验证,这样发送端可以使私钥信息对首条数据进行签名,提高首条数据传输的安全性。
在第二方面的一种可能实现方式中,使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息;根据所述首条数据和所述首条数据对应的头节点生成第二摘要信息;在所述 第一摘要信息与所述第二摘要信息匹配时,对所述首条数据验证通过。由于接收端使用公钥信息对第二验证码进行解密,这样发送端在发送首条数据时就可以采用私钥信息加密,从而提高了消息安全性。
在第二方面的一种可能实现方式中,所述验证信息为数字证书,所述数字证书包括所述公钥信息,使用所述数字证书的颁发者公钥信息验证所述数字证书;在验证所述数字证书通过后,使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息。由于数字证书中包括公钥信息,对数字证书进行验证,在验证数字证书安全时,使用数字证书中的公钥信息解密,可以进一步提高安全性。
在第二方面的一种可能实现方式中,将所述第二消息缓存在消息缓存区中;在接收消息的时间长度达到第二阈值时,对接收到的Z个消息中的数字证书进行验证,所述Z个消息是所述消息缓存区中缓存的包括数字证书的消息,Z为大于0的整数;在对所述Z个消息中的数字证书进行验证未通过时,使用所述数字证书的颁发者公钥信息验证所述数字证书。这样可以实现对多个数字证书批量验证,提高验证效率,另外对每个数字证书一一验证所需要的计算资源也较多,多于批量验证所需的计算资源,所以又可以减小计算资源的占用。
在第二方面的一种可能实现方式中,对Z个消息中的数字证书进行哈希运算,得到所述Z个消息中的数字证书的哈希值;计算所述Z个消息中的数字证书的哈希值的乘积得到第一数值;计算所述Z个消息中的数字证书中的数字签名的乘积得到第二数值;在所述第二数值的e次方等于所述第一数值时,对所述Z个消息中的数字证书进行验证通过,从而实现了对M个数字证书进行批量验证。
在第二方面的一种可能实现方式中,所述第二消息还包括发送所述首条数据的第二时间戳;获取所述第二时间戳和接收所述首条数据的第四时间戳之间的第二差值;在所述第二差值不超过第一阈值时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。这样接收端可以通过第二时间戳和第四时间戳验证接收的消息的时效性,以进一步提高消息传输的安全性。
在第二方面的一种可能实现方式中,将所述第二消息缓存在消息缓存区中;在接收消息的时间长度达到第二阈值时,同时对接收到的Z个第二消息进行验证,所述Z个第二消息是所述消息缓存区中缓存的第二消息;在同时对所述Z个第二消息验证不通过时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。这样可以实现对多个消息批量验证,提高验证效率。
第三方面,本申请实施例提供了一种发送消息的装置,用于执行第一方面或第一方面的任意一种可能实现方式中的方法。具体地,所述装置包括用于执行第一方面或第一方面的任意一种可能实现方式的方法的单元。
第四方面,本申请实施例提供了一种验证消息的装置,用于执行第二方面或第二方面的 任意一种可能实现方式中的方法。具体地,所述装置包括用于执行第二方面或第二方面的任意一种可能实现方式的方法的单元。
第五方面,本申请实施例提供了一种发送消息的装置,所述装置包括:收发器、处理器和存储器。其中,所述收发器、所述处理器以及所述存储器之间可以通过总线系统相连。所述存储器用于存储程序、指令或代码,所述处理器用于执行所述存储器中的程序、指令或代码,完成第一方面或第一方面的任意可能实现方式中的方法。
第六方面,本申请实施例提供了一种验证消息的装置,所述装置包括:收发器、处理器和存储器。其中,所述收发器、所述处理器以及所述存储器之间可以通过总线系统相连。所述存储器用于存储程序、指令或代码,所述处理器用于执行所述存储器中的程序、指令或代码,完成第二方面或第二方面的任意可能实现方式中的方法。
第七方面,本申请实施例提供了一种计算机程序产品,所述计算机程序产品包括在计算机可读存储介质中存储的计算机程序,并且所述计算程序通过处理器进行加载来实现上述第一方面、第二方面、第一方面的任意可能实现方式或第二方面的任意可能实现方式的方法。
第八方面,本申请实施例提供了一种非易失性计算机可读存储介质,用于存储计算机程序,所述计算机程序通过处理器进行加载来执行上述第一方面、第二方面、第一方面的任意可能实现方式或第二方面的任意可能实现方式的指令。
第九方面,本申请实施例提供了一种芯片,所述芯片包括可编程逻辑电路和/或程序指令,当所述芯片运行时用于实现上述第一方面、第二方面、第一方面的任意可能实现方式或第二方面的任意可能实现方式的方法。
第十方面,本申请实施例提供了一种通信系统,包括第三方面或第五方面所述的装置和第四方面或第六方面所述的装置。
附图说明
图1-1是本申请实施例提供的一种通信系统的结构示意图;
图1-2是本申请实施例提供的另一种通信系统的结构示意图;
图2-1是本申请实施例提供的一种发送消息的方法流程图;
图2-2是本申请实施例提供的一种数字证书的结构示意图;
图2-3是本申请实施例提供的一种身份标识信息的结构示意图;
图2-4是本申请实施例提供的一种设备类型信息的结构示意图;
图2-5是本申请实施例提供的一种设备标识信息的结构示意图;
图3是本申请实施例提供的一种验证消息的方法流程图;
图4是本申请实施例提供的另一种发送消息的方法流程图;
图5是本申请实施例提供的另一种验证消息的方法流程图;
图6是本申请实施例提供的一种发送消息的装置结构示意图;
图7是本申请实施例提供的一种验证消息的装置结构示意图;
图8是本申请实施例提供的另一种发送消息的装置结构示意图;
图9是本申请实施例提供的另一种验证消息的装置结构示意图;
图10是本申请实施例提供的另一种通信系统的结构示意图。
具体实施方式
下面将结合附图对本申请实施方式作进一步地详细描述。
参见图1-1,本申请实施例提供了一种通信系统,该通信系统包括:
发送端和接收端,发送端和接收端可以建立有通信连接;
发送端可以获取待发送的数据,为了提高发送数据的效率,发送端可以直接向接收端广播该数据,这样该数据不需要经过位于网络侧的中央服务器转发给接收端,减小该数据传输的时延,提高该数据的发送效率。
发送端采用直接向接收端广播该数据的方式时,发送端定义了发送周期,该发送周期周期性循环。在该数据为当前发送周期内待发送的首条数据时,发送端通过私钥信息对该首条数据和哈希链的头节点进行签名得到第二验证码;然后发送端广播第二消息,第二消息包括验证消息、第二验证码、该首条数据和该哈希链的头节点,该验证消息包括与该私钥信息相匹配的公钥信息。或者,在该数据为当前发送周期内除该首条数据以外的其他待发送的目标数据时,发送端从哈希链中获取目标数据对应的节点,对目标数据和目标数据对应的节点进行哈希运算得到第一验证码,广播第一消息,第一消息包括第一验证码、目标数据、目标数据对应的节点和目标数据的发送序号。
这样接收端可以接收发送端广播的消息(该消息可以为第一消息或第二消息),在该消息为第二消息时,根据该验证消息和第二验证码对首条数据进行验证。在该消息为第一消息时,根据目标数据对应的节点、第一验证码和目标数据对应的发送序号,对目标数据进行验证。
哈希链中包括的节点数目等于一个发送周期内允许发送的数据数目。对于哈希链中任意相邻的两个节点,为了便于说明称该任意相邻的两个节点分别为第一节点和第二节点,第一节点靠近哈希链的头节点,第一节点是基于第二节点推算出来的。
可选的,一个发送周期可以对应一个哈希链,这样发送端可以在每个发送周期内发送首条数据之前生成哈希链;或者,m个发送周期可以对应一个哈希链,m为大于1的整数,这样发送端在一个发送周期内发送首条数据之前生成哈希链,在生成哈希链后接下来的连续m-1个发送周期内不用再生成哈希链,直至在第m+1个发送周期内在发送首条数据之前生成哈希链。
上述通信系统可以应用在智能交通系统等场景,在智能交通系统中发送端和接收端可以均为交通工具。可选的,发送端或接收端可以为安装或集成在交通工具中的车载终端等。
假设,交通工具为汽车时,汽车在道路上可以获取数据,该数据可以是车外环境数据等,车外环境数据可以是路况信息等,车外环境数据可以是汽车的司机输入到汽车中的数据,例如,用户输入一段数据为“前方路口发生交通事故”,该一段数据就是车外环境数据。该汽车可以按上述方式向其他汽车广播数据,以将该数据共享给其他汽车,例如汽车可以将获取的路况信息广播到其他汽车,以实现将其获取的路况数据共享给其他汽车。
可选的,交通工具除了是汽车外,还可以是自行车、平衡车或无人机等。上述发送端或 接收端除了是交通工具,还可以是可穿戴设备、智能家居设备或移动终端等。例如,当发送端或接收端为可穿戴设备时,发送端或接收端可以为手环、手表、耳机或眼镜等。当发送端或接收端为智能家居设备时,发送端或接收端可以为音箱、电视、冰箱、彩电、洗衣机、马桶、路由器、灯具或空调等。当发送端或接收端为移动终端时,发送端或接收端可以为手机、平板电脑或笔记本电脑等。
可选的,参见图1-2,该通信系统还可以包括服务器,发送端和接收端可以分别与服务器建立有通信连接,发送端和/或接收端可以从服务器获取数字证书颁发者的公钥信息和私钥信息等内容,发送端可以利用获取的内容发送消息,接收端可以利用获取的内容接收该消息,详细描述过程可以参见如下实施例中的相关内容,在此先不描述。
参见图2-1,本申请实施例提供了一种发送消息的方法,该方法可以应用于图1-1所示的通信系统,该方法的执行主体为该通信系统的发送端,包括:
步骤201:发送端获取公钥信息和与该公钥信息相匹配的私钥信息,以及获取数字证书。
发送端可以采用公钥基础设施体系(public key infrastructure,PKI)机制获取公钥信息和与该公钥信息相匹配的私钥信息。可选的,在实现时获取公钥信息和私钥信息的过程可以为:发送端随机生成一串信息并将该信息作为公钥信息,然后生成与该公钥信息相匹配的私钥信息。
数字证书包括数字签名和除该数字签名以外的其他部分内容,该其他部分内容可以包括该公钥信息和发送端的身份标识信息等内容。
参见图2-2,数字证书包括多个字段,数字签名、该公钥信息和发送端的身份标识信息可以通过数字证书中的不同字段来携带。例如,在图2-2所示的数字证书中,CA数字签名(CA Digital Signature)字段携带该数字签名,主公钥信息(Subject Public Key Info)字段携带该公钥信息,主体唯一标识(Subject Unique ID)携带发送端的身份标识信息。
数字证书还可以包括其他字段,例如参见图2-2,还可以包括版本(Version)字段、序列号(Serial Number)字段、签名算法标识(Signature Algorithm ID)字段、发布者(CA)X500名字(Issuer(CA)X500Name)、有效周期(Validity Period)字段、主体X500名字(Subject X500Name)字段、算法标识(Algorithm ID)字段、公钥值(Public Key Value)字段、发布者唯一标识(Issuer Unique ID)字段和扩展部分(Extension)字段。
发送端可以先生成数字证书中除数字签名以外的其他部分,对该其他部分进行哈希运算得到哈希值,使用数字证书颁发者的私钥信息对该哈希值进行加密得到数字签名,将该数字签名和该其他部分组成数字证书。
可选的,发送端可以事先从服务器中获取证书颁发者的私钥信息,然后在本地保存证书颁发者的私钥信息,所以发送端可以直接使用本地保存的证书颁发者的私钥信息对该哈希值进行加密。或者,发送端可以从服务器中获取证书颁发者的私钥信息,使用证书颁发者的私钥信息对该哈希值进行加密。
可选的,发送端的身份标识信息可以包括发送端的设备类型信息和用于唯一标识发送端的设备标识信息。
可选的,发送端的设备类型信息可以包括发送端属于的设备类别和发送端属于该设备类别包括的某个子类别。
其中,可以定义多个设备类别,以及定义每个设备类别包括多个子类别。例如,参见下 表1,下表1中的设备类别包括交通工具、可穿戴设备、智能家居和移动终端等。交通工具包括多个子类别,分别为汽车、自行车和平衡车等;可穿戴设备包括多个子类别,分别为手环、手表、耳机和眼镜等;智能家居包括多个子类别,分别为音箱、电视、冰箱、彩电、洗衣机、马桶、路由器、灯具和空调等;移动终端包括多个子类别,分别为手机、平板电脑和笔记本电脑等。
表1
Figure PCTCN2019095086-appb-000001
可选的,设备标识信息可以包括发送端的设备生产商标识信息、设备生产日期和生产序号等。
可选的,发送端的身份标识信息可以包括第一部分和第二部分,第一部分包括至少一个字节,第一部分为发送端的设备类型信息,第一部分又可以分成两个子部分,其中一子部分包括多个比特且该子部分为发送端属于的设备类别,另一子部分包括多个比特且该另一部分为发送端属于的子类别。第二部分包括至少一个字节,第二部分为发送端的设备标识信息,第二部分又可以分成第一子部分、第二子部分和第三子部分,第一子部分包括至少一个字节 且第一子部分为发送端的设备生产商标识信息,第二子部分包括至少一个字节且第二子部分为发送端的设备生产日期,第三子部分包括至少一个字节且第三子部分为发送端的生产序号。
例如,如图2-3所示,假设身份标识信息可以包括12字节,第一部分包括前三个节字,即前三个字节可以为发送端的设备类型信息,第二部分包括后九个字节,即后九个字节可以为设备标识信息。第一部分包括两个子部分,参见图2-4,在该例子中,假设其中一个子部分包括第一部分的前十二个比特,即该前十二个比特可以为发送端所属于的设备类别,另一个子部分包括第一部分的后十二个比特,即该后十二个比特可以为发送端属于该设备类别中的子类别。以及,参见图2-5,第二部分包括第一子部分、第二子部分和第三子部分,假设第一子部分包括第二部分的前三个字节,即该前三个字节可以为发送端的设备生产商标识信息,第二子部分包括第二部分的中间三个字节,即该中间三个字节可以为发送端的生产日期,第三子部分包括第二部分的后三个字节,即该后三个子节可以为发送端的生产序号,从而由该十二个字节组成了发送端的身份标识信息。
步骤202:发送端获取当前发送周期内待发送的首条数据。
可选的,首条数据可以是用户输入到发送端的数据,所以发送端可以接收用户输入的首条数据。
在发送端中发送周期周期性循环。可选的,发送端可以定义一个周期长度,可以使用计时器来实现该发送周期。例如,发送端可以启动一个计时器,设置该计时器从零开始计时,表示一个发送周期开始;当该计时器计时的时间达到该周期长度时,重新设置该计时器从零开始计时,表示该一个发送周期结束且另一个发送周期开始,如此循环往复,实现发送周期周期性循环。
对于每个发送周期,发送端可以记录在该发送周期内已发送的数据的发送序号。所以在当前发送周期内,当发送端接收到用户输入的数据时,发送端检测到本地有没有保存在当前发送周期内已发送的数据的发送序号,如果检测结果是没有保存,则确定该数据是当前发送周期的首条数据,如果检测结果是有保存,则确定该数据不是当前发送周期内的首条数据。
步骤203:发送端通过该私钥信息对该首条数据和哈希链的头节点进行签名得到第二验证码。
可选的,发送端还可以获取当前的第二时间戳,第二时间戳实质是发送端发送首条数据的时间戳,可以通过该私钥信息对第二时间戳、该首条数据和哈希链的头节点进行签名得到第二验证码。
可选的,哈希链包括的节点数目等于一个发送周期内允许发送的数据数目。对于哈希链中任意相邻的两个节点,为了便于说明称该任意相邻的两个节点分别为第一节点和第二节点,第一节点靠近哈希链的头节点,第一节点是基于第二节点推算出来的。
可选的,一个发送周期可以对应一个哈希链,或者,m个发送周期可以对应一个哈希链,m为大于1的整数。
当一个发送周期对应一个哈希链时,发送端在对该首条数据和哈希链的头节点进行签名之前,还生成哈希链。
当m个发送周期对应一个哈希链时,如果最近上次生成哈希链的时间所在的发送周期和当前发送周期间隔m-1个发送周期,则发送端在对该首条数据和哈希链的头节点进行签名之前,还生成哈希链;如果最近上次生成哈希链的时间所在的发送周期和当前发送周期间隔少于m-1个发送周期,发送端在对该首条数据和哈希链的头节点进行签名之前,获取最近上一 次生成的哈希链。
发送端生成哈希链的操作可以为:假设N+1为发送周期内允许发送的数据数目,发送端随机生成一个随机值,将该随机值作为哈希链的尾节点,为了便于说明用h 0表示该尾节点;对于该哈希链的其他节点,为了便于说明用h i表示其他节点,i=1、2、……、N,对节点h i-1进行哈希运算得到节点h i,即h i=H(h i-1),H()为预设第一哈希函数,h N为该哈希链的头节点。
可选的,预设第一哈希函数可以为消息摘要算法第五版(message digest algorithm 5,MD5)算法等。
在本步骤中,发送端可以根据该首条数据和哈希链的头节点生成第一摘要消息,使用该私钥信息对第一摘要消息进行加密得到第二验证码。
可选的,发送端可以根据该首条数据和哈希链的头节点,通过MD5算法生成第一摘要消息。
接下来举一个详细的例子,假设N=3,即在当前发送周期内允许发送四条数据,假设当前发送周期存在四条数据,分别为m 0、m 1、m 2和m 3,m 0、m 1、m 2和m 3分别为当前发送周期内待发送的首条数据、第二条数据、第三条数据和第四条数据。发送端生成的哈希链包括头节点h 3,第二个节点h 2,第三个节点h 1和尾节点h 0,其中,尾节点h 0是一个随机值,第三个节点h 1=H(h 0),第二个节点h 2=H(h 1),头节点h 3=H(h 2)。
发送端在获取到当前发送周期内的首条数据m 0时,可以根据首条数据m 0、当前的第二时间戳t 0和头节点h 3,生成第一摘要消息为MD 0,使用该私钥信息对第一摘要消息MD 0进行加密得到第二验证码e 0
其中,需要说明的是:使用私钥信息对第一摘要消息进行加密得到第二验证码所需要的计算资源较高,所以发送端在发送首条数据所需要的计算成本较高。
步骤204:发送端广播第二消息,第二消息包括验证信息、第一验证码、首条数据和哈希链的头节点,该验证信息为该数字证书。
可选的,发送端可以广播第二消息。
可选的,第二消息还可以包括第二时间戳和首条数据在当前发送周期内的发送序号。
可选的,发送端可以保存首条数据的发送序号。
假设该数字证书为cert,则发送端广播的第二消息可以包括数字证书cert、第一验证码e 0、首条数据m 0、哈希链的头节点h 3、第二时间戳t 0、首条数据m 0在当前发送周期内的发送序号0,第二消息可以表示为(cert、e 0、m 0、h 3、t 0、0)。
可选的,发送完首条数据后,发送端可以按如下流程发送当前发送周期内除首条数据以外的待发送的目标数据,该流程可以为。
步骤205:发送端获取当前发送周期内在发送首条数据之后待发送的目标数据。
由于发送端保存有最近上一次发送的当前发送周期内的数据的发送序号,所以发送端在获取到目标数据时,根据保存的最近上一次发送的当前发送周期内的数据的发送序号,可以确定该目标数据是当前发送周期的待发送的哪条数据,以及确定目标数据在当前发送周期内的发送序号。
步骤206:发送端根据目标数据在当前发送周期内的发送序号从哈希链中获取目标数据对应的节点。
当根据目标数据的发送序号确定目标数据是当前发送周期内待发送的第二条数据时,发 送端获取哈希链的头节点作为目标数据对应的节点;当根据目标数据的发送序号确定目标数据是位于该第二条数据之后待发送的数据时,发送端获取哈希链中位于第三节点之后且与第三节点相邻的第四节点作为目标数据对应的节点,第三节点是最近上一次发送的哈希链中的节点。
例如,假设目标数据为当前发送期内待发送的第二条数据m 1,发送端获取哈希链中的头节点h 3作为第二条数据m 1对应的节点。
步骤207:发送端对目标数据和目标数据对应的节点进行哈希运算得到第一验证码。
可选的,发送端通过预设第二哈希函数对目标数据和目标数据对应的节点进行哈希运算。
可选的,发送端还可以获取当前的第一时间戳,第一时间戳为发送目标数据的时间戳。发送端可以对目标数据、目标数据对应的节点和第一时间戳进行哈希运算得到第一验证码。
例如,假设,目标数据为当前发送期内待发送的第二条数据m 1,发送端获取当前的第一时间戳t 1作为发送第二条数据m 1的时间戳。所以发送端对第二条数据m 1、第一时间戳t 1和第二条数据m 1对应的节点h 3进行哈希运算得到的第一验证码e 1=MAC(m 1,t 1,h 3)。MAC()为预设第二哈希函数,预设第二哈希函数可以为MD5算法等。
步骤208:发送端发送第一消息,第一消息包括目标数据、目标数据对应的节点、第一验证码和目标数据的发送序号。
可选的,发送端可以广播第一消息。
可选的,第一消息还可以包括第一时间戳和/或发送端的身份标识信息。
例如,发送端的身份标识信息可以用ID表示,发送端广播的第一消息可以包括第二条数据m 1、第二条数据m 1对应的节点h 3、第一验证码e 1、第二条数据m 1的发送序号1、第一时间戳为t 1和发送端的身份标识信息ID,第一消息可以表示为(m 1、h 3、e 1、1、t 1、ID)。
接下来发送端开始发送第三条数据m 2,发送端获取当前的第一时间戳为t 2,最近上一次发送的哈希链中的节点为头节点h 3,获取与头节点h 3相邻且位于头节点h 3之后的第二个节点h 2,将第二个节点h 2作为第三条数据m 2对应的节点,所以发送端对第一时间戳t 2、第三条数据m 2和第三条数据m 2对应的节点h 2进行哈希运算得到的第一验证码e 2=MAC(m 2,t 2,h 2),广播第一消息,第一消息可以表示为(m 2、h 2、e 2、2、t 2、ID),其中2为第三条数据m 2的发送序号。
再接下来发送端开始发送第四条数据m 3,发送端获取当前的第一时间戳为t 3,最近上一次发送的哈希链中的节点为第二个节点h 2,获取与第二个节点h 2相邻且位于第二个节点h 2之后的第三个节点h 1,将第三个节点h 1作为第四条数据m 3对应的节点,所以发送端对第一时间戳t 3、第四条数据m 3和第四条数据m 3对应的节点h 1进行哈希运算得到的第一验证码e 3=MAC(m 3,t 3,h 1),广播第一消息,第一消息可以表示为(m 3、h 1、e 3、3、t 3、ID),其中3为第四条数据m 3的发送序号。
其中,哈希运算的操作所需要计算资源少于使用私钥加密的操作所需要的计算资源,所以发送端对目标数据和目标数据对应的节点进行哈希运算得到第一验证码所需要的计算资源较少,这样发送端在发送除首条数据以外的目标数据所需要的计算成本较低,但数据的安全性不如使用私钥加密的方式,为了保证目标数据的安全性,发送端还发送目标数据对应的节点,以使接收端对该节点进行验证,增加目标数据传输的安全性。
在本申请实施例中,发送端可以直接向接收端广播第一消息或第二消息,这样第一消息和第二消息可以不经过服务器转发,减小了第一消息和第二消息传输的延时,提高消息发送 的效率。另外,发送端所使用到的数字证书颁发者的私钥信息可以事先从服务器中获取并保存在本地,因此发送端即使在离线场景或网络环境较差的情况下也可以完成消息的广播。由于发送端发送的第一消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,即哈希链中的节点h i=H(h i-1),只能由节点h i-1推算出节点h i,不能由节点h i推算出节点h i-1。目标数据对应的节点是根据目标数据的发送序号确定的,这样发送端在当前发送周期内连续发送多条第一消息时,可以使接收端根据每条第一消息中节点验证每条第一消息的连续性,提高消息传输的安全性。
参见图3,本申请实施例提供了一种验证消息的方法,该方法可以应用于图1-1所示的通信系统,其执行主体可以为接收端,用于接收图2-1所示的实施例发送的消息,该方法包括:
步骤301:接收端接收消息,确定该消息为第二消息,第二消息包括首条数据、该首条数据对应的哈希链中的头节点、第二验证码和验证信息,该验证信息为数字证书,该数字证书包括公钥信息。
可选的,第二消息还可以包括发送首条数据的第二时间戳和首条数据在目标发送周期中的发送序号。
可选的,发送端广播的消息可能是包括首条数据的第二消息,也可能是包括除首条数据以外的其他目标数据的第一消息。接收端在接收到该消息,根据该消息中的发送序号确定接收的消息是第二消息或为第一消息。
例如,接收端接收消息,假设该消息为(cert、e 0、m 0、h 3、t 0、0),根据该消息中的发送序号0,确定该消息为第二消息。其中,在第二消息中cert为数字证书,e 0为第二验证码,m 0为首条数据,h 3为哈希链的头节点,t 0为第二时间戳,首条数据的发送序号为0。
步骤302:接收端使用数字证书颁发者的公钥信息验证该数字证书,在验证数字证书通过时,执行步骤303。
可选的,接收端验证数字证书的过程可以为:接收端从该数字证书中获取数字签名,使用数字证书颁发者的公钥信息对该数字签名进行解密得到第三哈希值;对该数字证书中除该数字签名以外的其他部分进行哈希运算得到第四哈希值,如果第三哈希值等于第四哈希值,则对该数字证书验证通过,如果第三哈希值不等于第四哈希值,则对该数字证书验证不通过。
可选的,接收端可以事先从服务器中获取证书颁发者的公钥信息,然后在本地保存证书颁发者的公钥信息,所以接收端可以直接使用本地保存的证书颁发者的公钥信息对数字签名进行解密。或者,接收端可以从服务器中获取证书颁发者的公钥信息,使用证书颁发者的公钥信息对该数字签名进行解密。
可选的,接收端中包括消息缓存区,接收端在接收到消息时,可以不立即执行步骤302的操作,而是将该消息缓存在消息缓存区中;在接收消息的时间长度达到第二阈值时,对接收到的Z个消息中的数字证书进行验证,该Z个消息是该消息缓存区中缓存的包括数字证书的消息,在对该Z个消息中的数字证书进行验证通过时,执行对该Z个消息中的每个消息执行后续步骤303的操作,在对该Z个消息中的数字证书进行验证不通过时,执行对该Z个消息中的每个消息分别执行上述步骤302的操作,Z为大于0的整数,这样实现对该Z个消息中的数字证书进行批量验证,提高了验证效率。
可选的,第二阈值可以等于目标发送周期的周期长度。
可选的,接收端对接收到的Z个消息中的数字证书进行验证的操作,可以为:
对该Z个消息中的数字证书进行哈希运算,得到该Z个消息中的数字证书的哈希值,计算该Z个消息中的数字证书的哈希值的乘积得到第一数值;计算该Z个消息中的数字证书中的数字签名的乘积得到第二数值;在第二数值的e次方等于第一数值时,对Z个消息中的数字证书进行验证通过,e为预设常数。
其中,对于每个消息中的数字证书,该消息中的数字证书和该数字证书中的数字签名满足第一关系式:h(cert)=σ e,h()为预设的哈希函数,cert为该数字证书,σ为该数字证书中的数字签名。
在本步骤中,接收端获取的Z个消息中的数字证书,分别为cert 1、cert 2、……、cert Z,从数字证书cert 1、cert 2、……、cert Z中获取Z个数字签名,分别为σ 1、σ 2、……、σ Z,如果该Z个数字证书和该Z个数字签名满足如下第二关系式,则对该Z个消息中的数字证书验证通过,如果该Z个数字证书和该Z个数字签名不满足如下第二关系式,则对该Z个消息中的数字证书验证不通过。
第二关系式为:h(cert 1)*h(cert 2)…h(cert Z)=(σ 12…σ Z) e,*为乘法运算。
可选的,对于该消息缓存区中不包括数字证书的每条消息,分别执行如下步骤303和304的操作。
可选的,接收端在执行本步骤之前,还可以获取接收第二消息的第四时间戳,获取第二时间戳与第四时间戳之间的第二差值,在第二差值不超过第一阈值时,执行本步骤的操作。
可选的,接收端可以将当前的时间戳作为接收第二消息的第四时间戳。
发送端发送完第二消息后,接收端很快就可以接收到第二消息,发送第二消息的第二时间戳和接收第二消息的第四时间戳之间的差值较小,通常小于第一阈值。
如果发送端发送第二消息后,第二消息被除接收端以外的其他设备截获,该其他设备可能重复地向接收端发送第二消息,这样接收端重复地处理第二消息,以实现攻击接收端。因此为了避免其他设备不断地攻击接收端,接收端判断第二时间戳与第四时间戳之间的差值是否超过第一阈值,在超过第一阈值时,丢弃第二消息,避免重复处理第二消息,以避免被其他设备不断地攻击;在未超过第一阈值时,执行本步骤的操作。第一阈值可以为1秒或2秒等数值。
步骤303:接收端根据该数字证书中的公钥信息对第二验证码进行解密得到第一摘要信息,根据首条数据和首条数据对应的头节点生成第二摘要信息。
可选的,接收端可以对首条数据和首条数据对应的头节点进行哈希运算得到第二摘要信息。
可选的,接收端可以通过MD5算法对首条数据和首条数据对应的头节点进行哈希运算得到第二摘要信息。
可选的,在第二消息中包括第二时间戳时,接收端可以对第二时间戳、首条数据和首条数据对应的头节点进行哈希运算得到第二摘要信息。
例如,接收端接收的第二消息为(cert、e 0、m 0、h 3、t 0、0),假设对数字证书cert验证通过,接收端使用数字证书cert中的公钥信息对应第二验证码e 0进行解密得到第一摘要消息为MD 0。使用MD5算法对首条数据m 0、第二时间戳t 0、首条数据对应的头节点h 3进行哈希运算得到第二摘要信息MD 1
步骤304:在第一摘要信息和第二摘要信息相等时,对首条数据验证通过。
例如,在MD 0=MD 1时,对首条数据m 0验证通过。
可选的,在对首条数据验证通过后,接收端还可以保存首条数据对应的头节点。
可选的,接收端接收到第二消息后,还继续接收发送端在目标发送周期内发送的各第一消息,详细实现过程为:
步骤305:接收端接收消息,确定该消息为第一消息,第一消息包括目标数据、目标数据对应的哈希链中的节点、目标数据在目标发送周期中的发送序号和第一验证码,目标数据是目标发送周期内在发送首条数据之后发送的数据。
可选的,第一消息还可以包括发送目标数据的第一时间戳和/或发送端的身份标识信息等。
可选的,发送端广播的消息可能是包括首条数据的第二消息,也可能是包括除首条数据以外的其他目标数据的第一消息。接收端在接收到该消息,根据该消息中的发送序号确定接收的消息是第二消息或为第一消息。
例如,接收端接收消息,假设该消息为(m 1、h 3、e 1、1、t 1、ID),根据该消息中的发送序号1,确定该消息为第一消息。其中,在第一消息中m 1为目标发送周期内的第二条数据,t 1为发送第二条数据的第一时间戳,e 1为第一验证码,第二条数据的发送序号为1,h 3为第二条数据对应的节点、ID为发送端的身份标识信息。
再例如,假设接收端接收的消息为(m 2、h 2、e 2、2、t 2、ID),根据该消息中的发送序号2,确定该消息为第一消息。其中,在第一消息中m 2为目标发送周期内的第三条数据,t 2为发送第三条数据的第一时间戳,e 2为第一验证码,第三条数据的发送序号为2,h 2为第三条数据对应的节点。
还例如,假设接收端接收的消息为(m 3、h 1、e 3、3、t 3、ID),根据该消息中的发送序号3,确定该消息为第一消息。在第一消息中m 3为目标发送周期内的第四条数据,t 3为发送第四条数据的第一时间戳,e 3为第一验证码,第四条数据的发送序号为3,h 1为第四条数据对应的节点。
步骤306:接收端根据目标数据的发送序号确定已接收的第一数据对应的节点,第一数据是发送端在发送目标数据之前最近发送的数据。
可选的,当目标数据为目标发送周期内的第二条数据时,第一数据为目标发送周期内的首条数据。当目标数据为目标发送周期内的发送第二条数据之后的数据时,第一数据为目标发送周期内的发送首条数据之后的数据。
例如,假设接收的第一消息为(m 1、h 3、e 1、1、t 1、ID),根据目标数据m 1对应的发送序号1确定第一数据为首条数据m 0,以及确定第一数据对应的节点为头节点h 3
再例如,假设接收的第一消息为(m 2、h 2、e 2、2、t 2、ID),根据目标数据m 2对应的发送序号2确定第一数据为目标发送周期内的第二条数据m 1,以及确定第一数据对应的节点为头节点h 3
还例如,假设接收的第一消息为(m 3、h 1、e 3、3、t 3、ID),根据目标数据m 3对应的发送序号3确定第一数据为目标发送周期内的第三条数据m 2,以及确定第一数据对应的节点为哈希链的第二个节点h 2
步骤307:接收端根据第一数据对应的节点对目标数据对应的节点进行验证。
可选的,在第一数据为首条数据时,当目标数据对应的节点与首条数据对应的节点相等时,对目标数据对应的节点验证通过。
例如,在第一数据为首条数据m 0时,目标数据为m 1,其中目标数据m 1对应的节点h 3与首条数据对应的头节点h 3相等,所以对目标数据m 1对应的节点h 3验证通过。
可选的,在第一数据为目标发送周期内发送首条数据之后发送的数据时,对目标数据对应的节点进行哈希运算得到第二哈希结果,当第二哈希结果与第一数据对应的节点相等时,对目标数据对应的节点验证通过。
例如,在第一数据为目标发送周期内的第二条数据m 1时,目标数据为m 2,对目标数据m 2对应的节点h 2进行哈希运算得到的第二哈希结果H(h 2),且第二哈希结果H(h 2)等于第二条数据m 1对应的节点h 3相等,所以对目标数据m 2对应的节点h 2验证通过。
再例如,在第一数据为目标发送周期内的第三条数据m 2时,目标数据为m 3,对目标数据m 3对应的节点h 1进行哈希运算得到的第二哈希结果H(h 1),且第二哈希结果H(h 1)等于第三条数据m 3对应的节点h 2相等,所以对目标数据m 3对应的节点h 1验证通过。
由于接收端接收的消息中包括目标数据对应哈希链的节点,哈希链中的节点为单向映射关系,即哈希链中的节点h i=H(h i-1),只能由节点h i-1推算出节点h i,不能由节点h i推算出节点h i-1。接收端利用最近上一次接收收的哈希链中的节点验证目标数据对应的节点,这样可以验证出接收端连续接收的消息是否连续,从而提高安全性。
步骤308:在对目标数据对应的节点验证通过时,接收端对目标数据和目标数据对应的节点进行哈希运算得到第一哈希结果。
接收端可以采用预设第二哈希函数对目标数据和目标数据对应的节点进行哈希运算得到第一哈希结果。
可选的,在第一消息中包括第一时间戳时,接收端可以对第一时间戳、目标数据和目标数据对应的节点进行哈希运算得到第一哈希结果。
步骤309:在第一哈希结果等于第一验证码时,对目标数据验证通过。
其中,通过对目标数据对应的节点进行验证可以保证消息传输的安全性,接收端对目标数据对应的节点进行验证的速度较快且所需要的计算资源较少,哈希运算得到第一哈希结果所需要的计算资源少于解密所需要的计算资源,且哈希运算的速度快于解密的速度,所以不仅保证了消息传输的安全性,还提高验证的速度。
例如,假设接收的第一消息为(m 1、h 3、e 1、1、t 1、ID),目标数据为目标发送周期内的第二条数据m 1,接收端对第一时间戳t 1、第二条数据m 1和第二条数据对应的节点h 3进行哈希运算得到第一哈希结果f1=MAC(t 1,m 1,h 3),在第一哈希结果f1与第一验证码e 1相同时,对第二条数据m 1验证通过。
再例如,假设接收的第一消息为(m 2、h 2、e 2、2、t 2、ID),目标数据为目标发送周期内的第三条数据m 2,接收端对第一时间戳t 2、第三条数据m 2和第三条数据对应的节点h 2进行哈希运算得到第一哈希结果f2=MAC(t 2,m 2,h 2),在第一哈希结果f2与第一验证码e 2相同时,对第三条数据m 2验证通过。
还例如,假设接收的第一消息为(m 3、h 1、e 3、3、t 3、ID),目标数据为目标发送周期内的第四条数据m 3,接收端对第一时间戳t 3、第四条数据m 3和第四条数据对应的节点h 1进行哈希运算得到第一哈希结果f3=MAC(t 3,m 3,h 1),在第一哈希结果f3与第一验证码e 3相同时,对第四条数据m 3验证通过。
可选的,接收端对首条数据验证通过后可以处理首条数据,对目标数据验证通过后,可以处理目标数据。
接收端处理首条数据或目标数据的方式可以为播放首条数据或目标数据,或者显示首条数据或目标数据等。
可选的,由于第二消息中的数字证书中也包括发送端的身份标识信息,以及第一消息中包括发送端的身份标识信息,发送端的身份标识信息包括发送端的设备类型、设备生产商标识信息、设备生产日期和生产序号等信息,接收端可以直接从发送端的身份标识信息中提取这些信息,可以显示或播放这些信息,这样接收端不需要从网络中查询这些信息。
在本申请实施例中,接收端可以直接接收发送端广播的消息,这样该消息可以不经过服务器转发,减小了该消息传输的延时,提高消息发送的效率。另外,接收端所使用到的数字证书颁发者的公钥信息可以事先从服务器中获取并保存在本地,因此接收端即使在离线场景或网络环境较差的情况下也可以完成消息的解析。由于发送端发送的消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,即哈希链中的节点h i=H(h i-1),只能由节点h i-1推算出节点h i,不能由节点h i推算出节点h i-1。目标数据对应的节点是根据目标数据的发送序号确定的,这样发送端在当前发送周期内连续发送多条消息时,接收端根据每条消息中节点验证每条消息的连续性,提高了消息传输的安全性。
参见图4,本申请实施例提供了一种发送消息的方法,该方法可以应用于图1-1所示的通信系统,该方法的执行主体为该通信系统的发送端,包括:
步骤401:发送端将其身份标识信息确定为公钥信息,并生成与该公钥信息相匹配的私钥信息。
在本步骤中,发送端可以采用基于身份的签名机制(identity-based signature,IBS)方式获取公钥信息和私钥信息。IBS的方式为:发送端获取其自身的身份标识信息,将该身份标识信息作为公钥信息,基于该身份标识信息生成私钥信息。
可选的,发送端采用IBS方式生成私钥信息的实现方式有多种,在本步骤中列举了如下一种实现方式。通过该实现方式生成的私钥信息包括第一私钥和第二私钥。该实现方式可以为:
发送端可以事先接收服务器广播的乘法群的生成元g、乘法群的素数q和第一随机数x,然后保存在本地。这样在生成私钥信息时,可以生成小于该素数q的第二随机数r;根据该生成元g和第二随机数r获取第一私钥R,其中第一私钥R=g r;根据发送端的身份标识信息ID、第一私钥R、第一随机值x、第二随机值r,生成第二私钥Q,其中,第二私钥Q=r+x*h1(ID,R),其中h1()为预设的第三哈希函数。所以生成的私钥信息可以表示为(第一私钥R,第二私钥Q)。
服务器中事先预设一个乘法群,服务器可以获取该乘法群的生成元g和素数q,素数q为该乘法群中包括的元素数目,生成小于该素数q的第一随机数x;然后服务器广播该生成元g、该素数q和第一随机数x,发送端可以接收并保存该生成元g、该素数q和第一随机数x。这样发送端在生成私钥信息时可以获取本地保存的该生成元g、该素数q和第一随机数x,然后再生成私钥信息。或者,在生成私钥信息时,发送端也可以临时从服务器中获取该生成元g、该素数q和第一随机数x,然后再生成私钥信息。
发送端的身份标识信息可以在发送端出厂时设置在发送端中。所以发送端可以从其本地获取其身份标识信息。
关于发送端的身份标识信息的结构可以参见见图2-1所示实施例的步骤201中的相关内容,在此不再详细说明。
步骤402:发送端获取当前发送周期内待发送的首条数据。
可选的,首条数据可以是用户输入到发送端的数据,所以发送端可以接收用户输入的首条数据。
在发送端中发送周期周期性循环。可选的,发送端可以定义一个周期长度,可以使用计时器来实现该发送周期。例如,发送端可以启动一个计时器,设置该计时器从零开始计时,表示一个发送周期开始;当该计时器计时的时间达到该周期长度时,重新设置该计时器从零开始计时,表示该一个发送周期结束且另一个发送周期开始,如此循环往复,实现发送周期周期性循环。
对于每个发送周期,发送端可以记录在该发送周期内已发送的数据的发送序号。所以在当前发送周期内,当发送端接收到用户输入的数据时,发送端检测到本地有没有保存在当前发送周期内已发送的数据的发送序号,如果检测结果是没有保存,则确定该数据是当前发送周期的首条数据,如果检测结果是有保存,则确定该数据不是当前发送周期内的首条数据。
步骤403发送端通过该私钥信息对该首条数据和哈希链的头节点进行签名得到第二验证码。
可选的,发送端还可以获取当前的第二时间戳,第二时间戳实质是发送端发送首条数据的时间戳,可以通过该私钥信息对第二时间戳、该首条数据和哈希链的头节点进行签名得到第二验证码。
可选的,哈希链包括的节点数目等于一个发送周期内允许发送的数据数目。哈希链中任意相邻的两个节点,为了便于说明称该任意相邻的两个节点分别为第一节点和第二节点,第一节点靠近哈希链的头节点,第一节点是基于第二节点推算出来的。
可选的,一个发送周期可以对应一个哈希链,或者,m个发送周期可以对应一个哈希链,m为大于1的整数。
当一个发送周期对应一个哈希链时,发送端在对首条数据和哈希链的头节点进行签名之前,还生成哈希链。
当m个发送周期对应一个哈希链时,如果最近上次生成哈希链的时间所在的发送周期和当前发送周期间隔m-1个发送周期,则发送端在对首条数据和哈希链的头节点进行签名之前,还生成哈希链;如果最近上次生成哈希链的时间所在的发送周期和当前发送周期间隔少于m-1个发送周期,发送端在对首条数据和哈希链的头节点进行签名之前,获取最近上一次生成的哈希链。
在本步骤中,发送端可以根据该首条数据和哈希链的头节点生成第一摘要消息,使用该私钥信息对第一摘要消息进行加密得到第二验证码,第二验证码包括第一签名、第二签名和第一私钥。
可选的,在对第一摘要消息进行加密时,发送端生成小于该元素数目q的第三随机数t,根据该生成元g和第三随机数t获取第一签名T,其中第一签名T=g t;根据第一摘要信息MD、第一私钥R、第二私钥Q、第三随机值t和第一签名T,生成第二签名S,其中,第二签名S=t+Q*h2(MD,T,R),其中h2()为预设的第四哈希函数。所以生成的第二验证码可以表示为(第一签名T,第二签名S,第一私钥R)。
步骤404:发送端发送第二消息,第二消息包括该公钥信息、第二验证码、该首条数据和哈希链的头节点。
可选的,发送端可以广播第二消息。
可选的,第二消息还可以包括第二时间戳和首条数据在当前发送周期内的发送序号。
可选的,发送端在发送当前发送周期内除首条数据以外的其他待发送的目标数据时,发送端发送过程如下:
步骤405-步骤408:分别步骤205至208相同,在此不再详细说明。
在本申请实施例中,发送端可以直接向接收端广播第一消息或第二消息,这样第一消息和第二消息可以不经过服务器转发,减小了第一消息和第二消息传输的延时,提高消息发送的效率。另外,由于发送端发送的第一消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,目标数据对应的节点是根据目标数据的发送序号确定的,这样发送端在当前发送周期内连续发送多条第一消息时,可以使接收端根据每条第一消息中节点验证每条第一消息的连续性,对于不连续的第一消息可能是其他设备伪造发送端的消息,使接收端及时验证出伪造的第一消息,提高了消息传输的安全性。
参见图5,本申请实施例提供了一种验证消息的方法,该方法可以应用于图1-1所示的通信系统,其执行主体可以为接收端,用于接收图4所示的实施例发送的消息,该方法包括:
步骤501:接收端接收消息,确定该消息为第二消息,第二消息包括首条数据、该首条数据对应的哈希链中的头节点、第二验证码和公钥信息。
该公钥信息可以为发送端的身份标识信息。
可选的,第二消息还可以包括发送首条数据的第二时间戳和首条数据在目标发送周期中的发送序号。
可选的,发送端发送的消息可能是包括首条数据的第二消息,也可能是包括除首条数据以外的其他目标数据的第一消息。接收端在接收到该消息,根据该消息中的发送序号确定接收的消息是第二消息或为第一消息。
可选的,接收端中包括消息缓存区,接收端在接收到消息时,该消息无论是第一消息,还是第二消息,可以先将该消息缓存在消息缓存区中;在接收消息的时间长度达到第一阈值时,同时对接收到的Z个第二消息进行验证,该Z个消息是消息缓存区中缓存的第二消息,在同时对该Z个第二消息验证通过时,可以直接处理该Z个第二消息中的首条数据,在没有同时对该Z个第二消息验证通过时,对该Z个第二消息中的每个第二消息执行后续步骤502的操作,Z为大于0的整数,这样实现对该Z个第二消息中的第二验证码进行批量验证,提高了验证效率。
可选的,接收端同时对接收到的Z个第二消息进行验证的操作,可以包括如下521至523的操作,分别为:
521:接收端根据预设乘法群的生成元和该Z个第二消息中的第二验证码获取该Z个第二消息的第三数值。
该乘法群的生成元可以预设在服务器或预设在接收端中。接收端可以事先接收服务器广播的乘法群的生成元g和第一随机数x,还可以根据该生成元g和第一随机数x生成主公钥值y,主公钥值y=g x
这样在执行本步骤的操作时,对于该Z个第二消息中的每个第二消息,该第二消息的第二验证码可以表示为(第一签名T、第二签名S和第一私钥R),根据该第二签名S和该生成元g获取该第二消息对应的第三数值A,第三数值为A=g S;按上述方式获取每个第二消息对应的第三数值,分别为w 1、w 2、……、w Z
522:接收端根据每个第二消息和每个第二消息中的第二验证码获取每个第二消息的第四 数值。
对于每个第二消息,对该第二消息包括的发送端的身份标识信息ID和该第一私钥R进行哈希运算得到该第二消息的第一哈希值w,w=H1(ID,R);对该第二消息、该第二消息包括的发送端的身份标识信息ID、该第一签名T和第一私钥R进行哈希运算得到该第二消息的第二哈希值v,v=H2(Message,T,R,ID),H1()和H2()为两个哈希函数,Message为该第二消息;根据该第一签名T、第一私钥R、主公钥值y、第一哈希值w和第二哈希值v获取该第二消息对应的第四数值B,第四数值B=T*R w*y w*v。按上述方式获取每个第二消息对应的第四数值,分别为v 1、v 2、……、v Z
523:在该Z个第二消息对应的第三数值的乘积等于该Z个第二消息对应的第四数值的乘积时,对接收到的Z个第二消息验证通过,即w 1*w 2*……*w Z=v 1*v 2*……*v Z时,对接收到的Z个第二消息同时验证通过。
步骤502:接收端根据该公钥信息对第二验证码进行解密得到第一摘要信息,根据该首条数据和该首条数据对应的头节点生成第二摘要信息。
可选的,接收端在执行本步骤之前,还可以获取接收第二消息的第四时间戳,获取第二消息中的第二时间戳与第四时间戳之间的第二差值,在第二差值不超过第一阈值时,执行本步骤的操作。
可选的,接收端可以将当前的时间戳作为接收第二消息的第四时间戳。
发送端发送完第二消息后,接收端很快就可以接收到第二消息,发送第二消息的第二时间戳和接收第二消息的第四时间戳之间差值较小,通常小于第一阈值。
如果发送端发送第二消息后,第二消息被除接收端以外的其他设备截获,该其他设备可能重复地向接收端发送第二消息,这样接收端重复地处理第二消息,以实现攻击接收端。因此为了避免其他设备不断攻击接收端,接收端判断第二时间戳与第四时间戳之间的第二差值是否超过第一阈值,在超过第一阈值时,丢弃第二消息,避免重复处理第二消息,以避免被其他设备不断攻击;在未超过第一阈值时,执行本步骤的操作。
步骤503:在第一摘要信息和第二摘要信息相等时,对第二消息中的首条数据验证通过。
可选的,接收端接收到第二消息后,还继续接收发送端在目标发送周期内发送的各第一消息,详细实现过程为:
步骤504-步骤508:分别与步骤305-步骤309相同,在此不再详细说明。
在本申请实施例中,接收端可以直接接收发送端广播的消息,这样该消息可以不经过服务器转发,减小了该消息传输的延时,提高消息发送的效率。另外,由于发送端发送的消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,目标数据对应的节点是根据目标数据的发送序号确定的,这样发送端在当前发送周期内连续发送多条消息时,接收端根据每条消息中节点验证每条消息的连续性,提高了消息传输的安全性。
参见图6,本申请实施例提供了一种发送消息的装置600,所述装置600可以是上述任一实施例的发送端或发送端中的部分,包括:
处理单元601,用于获取待发送的目标数据,目标数据是当前发送周期内在发送首条数据之后待发送的数据;根据目标数据在当前发送周期内的发送序号从哈希链中获取目标数据对应的节点,哈希链包括的节点数目等于当前发送周期内允许发送的数据数目;对目标数据和目标数据对应的节点进行哈希运算得到第一验证码,第一验证码用于接收端验证目标数据;
发送单元602,用于发送第一消息,第一消息包括目标数据、目标数据对应的节点、第一验证码和目标数据的发送序号。
可选的,处理单元601,还用于:
随机生成哈希链的尾节点;
对哈希链中的节点h i-1进行哈希运算得到哈希链中的节点h i,i=1、2、……、N,N+1为当前发送周期内允许发送的数据数目,节点h 0为该尾节点,节点h N为哈希链的头节点。
可选的,处理单元601,用于:
在根据目标数据的发送序号确定目标数据是当前发送周期内待发送的第二条数据时,获取哈希链的头节点作为目标数据对应的节点;
在根据目标数据的发送序号确定目标数据是位于第二条数据之后待发送的数据时,获取哈希链中位于第三节点之后且与第三节点相邻的第四节点作为目标数据对应的节点,第三节点是最近上一次发送的哈希链中的节点。
可选的,第一消息还包括发送目标数据的第一时间戳。
可选的,处理单元601,还用于通过私钥信息对首条数据和哈希链的头节点进行签名得到第二验证码,第二验证码用于接收端对首条数据进行验证;
发送单元602,还用于发送第二消息,第二消息包括验证信息、首条数据、第二验证码和首条数据对应的节点,验证信息包括与该私钥信息相匹配的公钥信息。
可选的,处理单元601,用于:
根据首条数据和该哈希链的头节点生成第一摘要信息;
使用私钥信息对第一摘要信息进行签名得到第二验证码。
可选的,第二消息还包括发送目标数据的第二时间戳。
可选的,该验证信息为数字证书,该数字证书包括公钥信息;或者,该验证信息为公钥信息,该公钥信息为发送端的身份标识信息。
在本申请实施例中,发送单元可以直接向接收端发送第一消息或第二消息,这样第一消息和第二消息可以不经过服务器转发,减小了第一消息和第二消息传输的延时,提高消息发送的效率。另外,由于发送的消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,目标数据对应的节点是根据目标数据的发送序号确定的,这样发送单元在当前发送周期内连续发送多条消息时,可以使接收端根据每条消息中节点验证每条消息的连续性,对于不连续的消息可能是其他设备伪造发送端的消息,使接收端及时验证出伪造的消息,提高了消息传输的安全性。
参见图7,本申请实施例提供了一种验证消息的装置700,所述装置700可以是上述任一实施例的接收端或接收端中的部分,包括:
接收单元701,用于接收第一消息,第一消息包括目标数据、目标数据对应的哈希链中的一个节点、第一验证码和目标数据在目标发送周期中的发送序号,目标数据是目标发送周期内在发送首条数据之后发送的数据,哈希链包括的节点数目等于目标发送周期内允许发送的数据数目;
处理单元702,用于根据目标数据对应的节点、目标数据对应的发送序号和第一验证码对目标数据进行验证。
可选的,处理单元702,用于:
根据目标数据的发送序号确定已接收的第一数据对应的节点,第一数据是发送端在发送目标数据之前最近发送的数据;
根据第一数据对应的节点对目标数据对应的节点进行验证;
在验证目标数据对应的节点通过时,对目标数据和目标数据对应的节点进行哈希运算得到第一哈希结果;
在第一哈希结果与第一验证码匹配时,对目标数据验证通过。
可选的,第一数据为首条数据,首条数据对应的节点为哈希链的头节点,处理单元702,用于当目标数据对应的节点与首条数据对应的头节点相等时,对目标数据对应的节点验证通过。
可选的,第一数据为该目标发送周期内在发送首条数据之后发送的数据,处理单元702,用于:
对目标数据对应的节点进行哈希运算得到第二哈希结果;
在第二哈希结果与第一数据对应的节点相等时,对目标数据对应的节点验证通过。
可选的,第一消息还包括发送目标数据的第一时间戳;
处理单元702,用于:
获取第一时间戳和接收目标数据的第三时间戳之间的第一差值;
在第一差值不超过第一阈值时,根据目标数据对应的节点、目标数据对应的发送序号和第一验证码对目标数据进行验证。
可选的,接收单元701,还用于接收第二消息,第二消息包括首条数据、首条数据对应的哈希链的头节点、第二验证码和验证信息,验证信息包括公钥信息;
处理单元702,还用于根据第二验证码和该公钥信息对首条数据进行验证。
可选的,处理单元702,用于:
使用该公钥信息对第二验证码进行解密得到第一摘要信息;
根据首条数据和首条数据对应的头节点生成第二摘要信息;
在第一摘要信息与第二摘要信息匹配时,对首条数据验证通过。
可选的,验证信息为数字证书,数字证书包括该公钥信息,
处理单元702,用于:
使用数字证书的颁发者公钥信息验证该数字证书;
在验证数字证书通过后,使用该公钥信息对该第二验证码进行解密得到第一摘要信息。
可选的,处理单元702,用于:
将第二消息缓存在消息缓存区中;
在接收消息的时间长度达到第二阈值时,对接收到的Z个消息中的数字证书进行验证,该Z个消息是消息缓存区中缓存的包括数字证书的消息,Z为大于0的整数;
在对Z个消息中的数字证书进行验证未通过时,使用数字证书的颁发者公钥信息验证该数字证书。
可选的,处理单元702,用于:
对Z个消息中的数字证书进行哈希运算,得到Z个消息中的数字证书的哈希值;
计算Z个消息中的数字证书的哈希值的乘积得到第一数值;
计算Z个消息中的数字证书中的数字签名的乘积得到第二数值;
在第二数值的e次方等于第一数值时,对Z个消息中的数字证书进行验证通过。
可选的,第二消息还包括发送首条数据的第二时间戳;
处理单元702,用于:
获取第二时间戳和接收首条数据的第四时间戳之间的第二差值;
在第二差值不超过第一阈值时,根据第二验证码和该公钥信息对首条数据进行验证。
可选的,处理单元702,用于:
将第二消息缓存在消息缓存区中;
在接收消息的时间长度达到第二阈值时,同时对接收到的Z个第二消息进行验证,Z个第二消息是消息缓存区中缓存的第二消息;
在同时对Z个第二消息验证不通过时,根据第二验证码和该公钥信息对首条数据进行验证。
在本申请实施例中,接收单元可以直接接收发送端发送的消息,这样该消息可以不经过服务器转发,减小了该消息传输的延时,提高消息发送的效率。另外,由于发送端发送的消息中包括目标数据对应哈希链中的节点,哈希链中的节点为单向映射关系,目标数据对应的节点是根据目标数据的发送序号确定的,这样发送端在当前发送周期内连续发送多条消息时,处理单元根据每条消息中节点验证每条消息的连续性,提高了消息传输的安全性。
参见图8,图8所示为本申请实施例提供的一种发送消息的装置800示意图。该装置800包括至少一个处理器801,总线系统802,存储器803以及至少一个收发器804。
该装置800是一种硬件结构的装置,可以用于实现图6所述的装置600中的功能模块。例如,本领域技术人员可以想到图6所示的装置600中的处理单元601可以通过该至少一个处理器801调用存储器803中的代码来实现,图6所示的装置600中的发送单元602可以通过该收发器804来实现。
可选的,该装置800还可用于实现上述任一实施例中发送端的功能。
可选的,上述处理器801可以是一个通用中央处理器(central processing unit,CPU),微处理器,特定应用集成电路(application-specific integrated circuit,ASIC),或一个或多个用于控制本申请方案程序执行的集成电路。
上述总线系统802可包括一通路,在上述组件之间传送信息。
上述收发器804,用于与其他设备或通信网络通信。
上述存储器803可以是只读存储器(read-only memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(random access memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(electrically erasable programmable read-only memory,EEPROM)、只读光盘(compact disc read-only memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过总线与处理器相连接。存储器也可以和处理器集成在一起。
其中,存储器803用于存储执行本申请方案的应用程序代码,并由处理器801来控制执行。处理器801用于执行存储器803中存储的应用程序代码,从而实现本专利方法中的功能。
在具体实现中,作为一种实施例,处理器801可以包括一个或多个CPU,例如图8中的CPU0和CPU1。
在具体实现中,作为一种实施例,该装置800可以包括多个处理器,例如图8中的处理器801和处理器807。这些处理器中的每一个可以是一个单核(single-CPU)处理器,也可以是一个多核(multi-CPU)处理器。这里的处理器可以指一个或多个设备、电路、和/或用于处理数据(例如计算机程序指令)的处理核。
在具体实现中,作为一种实施例,该装置800还可以包括输出设备805和输入设备806。输出设备805和处理器801通信,可以以多种方式来显示信息。例如,输出设备805可以是液晶显示器(liquid crystal display,LCD)等。输入设备806和处理器801通信,可以以多种方式接受用户的输入。例如,输入设备806可以是触摸屏设备或传感设备等。
参见图9,图9所示为本申请实施例提供的一种验证消息的装置900示意图。该装置900包括至少一个处理器901,总线系统902,存储器903以及至少一个收发器904。
该装置900是一种硬件结构的装置,可以用于实现图7所述的装置700中的功能模块。例如,本领域技术人员可以想到图7所示的装置700中的处理单元702可以通过该至少一个处理器901调用存储器903中的代码来实现,图7所示的装置700中的接收单元701可以通过该收发器904来实现。
可选的,该装置900还可用于实现上述任一实施例中发送端的功能。
可选的,上述处理器901可以是一个通用中央处理器(central processing unit,CPU),微处理器,特定应用集成电路(application-specific integrated circuit,ASIC),或一个或多个用于控制本申请方案程序执行的集成电路。
上述总线系统902可包括一通路,在上述组件之间传送信息。
上述收发器904,用于与其他设备或通信网络通信。
上述存储器903可以是只读存储器(read-only memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(random access memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(electrically erasable programmable read-only memory,EEPROM)、只读光盘(compact disc read-only memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过总线与处理器相连接。存储器也可以和处理器集成在一起。
其中,存储器903用于存储执行本申请方案的应用程序代码,并由处理器801来控制执行。处理器901用于执行存储器903中存储的应用程序代码,从而实现本专利方法中的功能。
在具体实现中,作为一种实施例,处理器901可以包括一个或多个CPU,例如图9中的CPU0和CPU1。
在具体实现中,作为一种实施例,该装置900可以包括多个处理器,例如图9中的处理器801和处理器907。这些处理器中的每一个可以是一个单核(single-CPU)处理器,也可以是一个多核(multi-CPU)处理器。这里的处理器可以指一个或多个设备、电路、和/或用于处理数据(例如计算机程序指令)的处理核。
在具体实现中,作为一种实施例,该装置900还可以包括输出设备905和输入设备906。输出设备905和处理器901通信,可以以多种方式来显示信息。例如,输出设备905可以是液晶显示器(liquid crystal display,LCD)等。输入设备906和处理器901通信,可以以多种 方式接受用户的输入。例如,输入设备806可以是触摸屏设备或传感设备等。
参见图10,本申请实施例提供了一种通信系统1000,所述通信系统1000包括:图6所述的装置和图7所述的装置,或者,图8所述的装置和图9所述的装置。在实现时,图6所述的装置或图8所述的装置可以为发送端,以及,图7所述的装置或图9所述的装置可以为接收端。
上述本申请实施例序号仅仅为了描述,不代表实施例的优劣。
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是只读存储器,磁盘或光盘等。
以上所述仅为本申请的可选实施例,并不用以限制本申请,凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。

Claims (41)

  1. 一种发送消息的方法,其特征在于,所述方法包括:
    发送端获取待发送的目标数据,所述目标数据是当前发送周期内在发送首条数据之后待发送的数据;
    所述发送端根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点,所述哈希链包括的节点数目等于当前发送周期内允许发送的数据数目;
    所述发送端对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一验证码,所述第一验证码用于接收端验证所述目标数据;
    所述发送端发送第一消息,所述第一消息包括所述目标数据、所述目标数据对应的节点、所述第一验证码和所述目标数据的发送序号。
  2. 如权利要求1所述的方法,其特征在于,所述根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点之前,还包括:
    随机生成所述哈希链的尾节点;
    对所述哈希链中的节点h i-1进行哈希运算得到所述哈希链中的节点h i,i=1、2、……、N,N+1为当前发送周期内允许发送的数据数目,节点h 0为所述尾节点,节点h N为所述哈希链的头节点。
  3. 如权利要求1或2所述的方法,其特征在于,所述根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点,包括:
    在根据所述目标数据的发送序号确定所述目标数据是当前发送周期内待发送的第二条数据时,获取所述哈希链的头节点作为所述目标数据对应的节点;
    在根据所述目标数据的发送序号确定所述目标数据是位于所述第二条数据之后待发送的数据时,获取所述哈希链中位于第三节点之后且与所述第三节点相邻的第四节点作为所述目标数据对应的节点,所述第三节点是最近上一次发送的所述哈希链中的节点。
  4. 如权利要求1至3任一项所述的方法,其特征在于,所述第一消息还包括发送所述目标数据的第一时间戳。
  5. 如权利要求1至4任一项所述的方法,其特征在于,所述获取待发送的目标数据之前,还包括:
    通过私钥信息对所述首条数据和所述哈希链的头节点进行签名得到第二验证码,所述第二验证码用于所述接收端对所述首条数据进行验证;
    发送第二消息,所述第二消息包括验证信息、所述首条数据、所述第二验证码和所述首条数据对应的节点,所述验证信息包括与所述私钥信息相匹配的公钥信息。
  6. 如权利要求5所述的方法,其特征在于,所述通过私钥信息对所述首条数据和所述哈希链的头节点进行签名得到第二验证码,包括:
    根据所述首条数据和所述哈希链的头节点生成第一摘要信息;
    使用私钥信息对所述第一摘要信息进行签名得到第二验证码。
  7. 如权利要求5或6所述的方法,其特征在于,所述第二消息还包括发送所述目标数据的第二时间戳。
  8. 如权利要求5至7任一项所述的方法,其特征在于,所述验证信息为数字证书,所述数字证书包括所述公钥信息;或者,所述验证信息为所述公钥信息,所述公钥信息为所述发送端的身份标识信息。
  9. 一种验证消息的方法,其特征在于,所述方法包括:
    接收端接收第一消息,所述第一消息包括目标数据、所述目标数据对应的哈希链中的一个节点、第一验证码和所述目标数据在目标发送周期中的发送序号,所述目标数据是所述目标发送周期内在发送首条数据之后发送的数据,所述哈希链包括的节点数目等于所述目标发送周期内允许发送的数据数目;
    所述接收端根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。
  10. 如权利要求9所述的方法,其特征在于,所述根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证,包括:
    根据所述目标数据的发送序号确定已接收的第一数据对应的节点,所述第一数据是发送端在发送所述目标数据之前最近发送的数据;
    根据所述第一数据对应的节点对所述目标数据对应的节点进行验证;
    在验证所述目标数据对应的节点通过时,对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一哈希结果;
    在所述第一哈希结果与所述第一验证码匹配时,对所述目标数据验证通过。
  11. 如权利要求10所述的方法,其特征在于,所述第一数据为所述首条数据,所述首条数据对应的节点为所述哈希链的头节点,所述根据所述第一数据对应的节点对所述目标数据对应的节点进行验证,包括:
    当所述目标数据对应的节点与所述首条数据对应的头节点相等时,对所述目标数据对应的节点验证通过。
  12. 如权利要求10所述的方法,其特征在于,所述第一数据为所述目标发送周期内在发送所述首条数据之后发送的数据,所述根据所述第一数据对应的节点对所述目标数据对应的节点进行验证,包括:
    对所述目标数据对应的节点进行哈希运算得到第二哈希结果;
    在所述第二哈希结果与所述第一数据对应的节点相等时,对所述目标数据对应的节点验证通过。
  13. 如权利要求9至12任一项所述的方法,其特征在于,所述第一消息还包括发送所述目标数据的第一时间戳;
    所述根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证,包括:
    获取所述第一时间戳和接收所述目标数据的第三时间戳之间的第一差值;
    在所述第一差值不超过第一阈值时,根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。
  14. 如权利要求9至13任一项所述的方法,其特征在于,所述接收第一消息之前,还包括:
    接收第二消息,所述第二消息包括所述首条数据、所述首条数据对应的所述哈希链的头节点、第二验证码和验证信息,所述验证信息包括公钥信息;
    根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  15. 如权利要求14所述的方法,其特征在于,所述根据所述第二验证码和所述公钥信息对所述首条数据进行验证,包括:
    使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息;
    根据所述首条数据和所述首条数据对应的头节点生成第二摘要信息;
    在所述第一摘要信息与所述第二摘要信息匹配时,对所述首条数据验证通过。
  16. 如权利要求15所述的方法,其特征在于,所述验证信息为数字证书,所述数字证书包括所述公钥信息,
    所述使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息,包括:
    使用所述数字证书的颁发者公钥信息验证所述数字证书;
    在验证所述数字证书通过后,使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息。
  17. 如权利要求16所述的方法,其特征在于,所述使用所述数字证书的颁发者公钥信息验证所述数字证书,包括:
    将所述第二消息缓存在消息缓存区中;
    在接收消息的时间长度达到第二阈值时,对接收到的Z个消息中的数字证书进行验证,所述Z个消息是所述消息缓存区中缓存的包括数字证书的消息,Z为大于0的整数;
    在对所述Z个消息中的数字证书进行验证未通过时,使用所述数字证书的颁发者公钥信息验证所述数字证书。
  18. 如权利要求17所述的方法,其特征在于,所述对接收到的Z个消息中的数字证书进行验证,包括:
    对Z个消息中的数字证书进行哈希运算,得到所述Z个消息中的数字证书的哈希值;
    计算所述Z个消息中的数字证书的哈希值的乘积得到第一数值;
    计算所述Z个消息中的数字证书中的数字签名的乘积得到第二数值;
    在所述第二数值的e次方等于所述第一数值时,对所述Z个消息中的数字证书进行验证通过。
  19. 如权利要求14至18任一项所述的方法,其特征在于,所述第二消息还包括发送所述首条数据的第二时间戳;
    所述根据所述第二验证码和所述公钥信息对所述首条数据进行验证,包括:
    获取所述第二时间戳和接收所述首条数据的第四时间戳之间的第二差值;
    在所述第二差值不超过第一阈值时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  20. 如权利要求14至19任一项所述的方法,其特征在于,所述根据所述第二验证码和所述公钥信息对所述首条数据进行验证,包括:
    将所述第二消息缓存在消息缓存区中;
    在接收消息的时间长度达到第二阈值时,同时对接收到的Z个第二消息进行验证,所述Z个第二消息是所述消息缓存区中缓存的第二消息;
    在同时对所述Z个第二消息验证不通过时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  21. 一种发送消息的装置,其特征在于,所述装置包括:
    处理单元,用于获取待发送的目标数据,所述目标数据是当前发送周期内在发送首条数据之后待发送的数据;根据所述目标数据在当前发送周期内的发送序号从哈希链中获取所述目标数据对应的节点,所述哈希链包括的节点数目等于当前发送周期内允许发送的数据数目;对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一验证码,所述第一验证码用于接收端验证所述目标数据;
    发送单元,用于发送第一消息,所述第一消息包括所述目标数据、所述目标数据对应的节点、所述第一验证码和所述目标数据的发送序号。
  22. 如权利要求21所述的装置,其特征在于,所述处理单元,还用于:
    随机生成所述哈希链的尾节点;
    对所述哈希链中的节点h i-1进行哈希运算得到所述哈希链中的节点h i,i=1、2、……、N,N+1为当前发送周期内允许发送的数据数目,节点h 0为所述尾节点,节点h N为所述哈希链的头节点。
  23. 如权利要求21或22所述的装置,其特征在于,所述处理单元,用于:
    在根据所述目标数据的发送序号确定所述目标数据是当前发送周期内待发送的第二条数据时,获取所述哈希链的头节点作为所述目标数据对应的节点;
    在根据所述目标数据的发送序号确定所述目标数据是位于所述第二条数据之后待发送的 数据时,获取所述哈希链中位于第三节点之后且与所述第三节点相邻的第四节点作为所述目标数据对应的节点,所述第三节点是最近上一次发送的所述哈希链中的节点。
  24. 如权利要求21至23任一项所述的装置,其特征在于,所述第一消息还包括发送所述目标数据的第一时间戳。
  25. 如权利要求21至24任一项所述的装置,其特征在于,
    所述处理单元,还用于通过私钥信息对所述首条数据和所述哈希链的头节点进行签名得到第二验证码,所述第二验证码用于所述接收端对所述首条数据进行验证;
    所述发送单元,还用于发送第二消息,所述第二消息包括验证信息、所述首条数据、所述第二验证码和所述首条数据对应的节点,所述验证信息包括与所述私钥信息相匹配的公钥信息。
  26. 如权利要求25所述的装置,其特征在于,所述处理单元,用于:
    根据所述首条数据和所述哈希链的头节点生成第一摘要信息;
    使用私钥信息对所述第一摘要信息进行签名得到第二验证码。
  27. 如权利要求25或26所述的装置,其特征在于,所述第二消息还包括发送所述目标数据的第二时间戳。
  28. 如权利要求25至27任一项所述的装置,其特征在于,所述验证信息为数字证书,所述数字证书包括所述公钥信息;或者,所述验证信息为所述公钥信息,所述公钥信息为所述装置的身份标识信息。
  29. 一种验证消息的装置,其特征在于,所述装置包括:
    接收单元,用于接收第一消息,所述第一消息包括目标数据、所述目标数据对应的哈希链中的一个节点、第一验证码和所述目标数据在目标发送周期中的发送序号,所述目标数据是所述目标发送周期内在发送首条数据之后发送的数据,所述哈希链包括的节点数目等于所述目标发送周期内允许发送的数据数目;
    处理单元,用于根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。
  30. 如权利要求29所述的装置,其特征在于,所述处理单元,用于:
    根据所述目标数据的发送序号确定已接收的第一数据对应的节点,所述第一数据是发送端在发送所述目标数据之前最近发送的数据;
    根据所述第一数据对应的节点对所述目标数据对应的节点进行验证;
    在验证所述目标数据对应的节点通过时,对所述目标数据和所述目标数据对应的节点进行哈希运算得到第一哈希结果;
    在所述第一哈希结果与所述第一验证码匹配时,对所述目标数据验证通过。
  31. 如权利要求30所述的装置,其特征在于,所述第一数据为所述首条数据,所述首条数据对应的节点为所述哈希链的头节点,所述处理单元,用于当所述目标数据对应的节点与所述首条数据对应的头节点相等时,对所述目标数据对应的节点验证通过。
  32. 如权利要求30所述的装置,其特征在于,所述第一数据为所述目标发送周期内在发送所述首条数据之后发送的数据,所述处理单元,用于:
    对所述目标数据对应的节点进行哈希运算得到第二哈希结果;
    在所述第二哈希结果与所述第一数据对应的节点相等时,对所述目标数据对应的节点验证通过。
  33. 如权利要求29至32任一项所述的装置,其特征在于,所述第一消息还包括发送所述目标数据的第一时间戳;
    所述处理单元,用于:
    获取所述第一时间戳和接收所述目标数据的第三时间戳之间的第一差值;
    在所述第一差值不超过第一阈值时,根据所述目标数据对应的节点、所述目标数据对应的发送序号和所述第一验证码对所述目标数据进行验证。
  34. 如权利要求29至33任一项所述的装置,其特征在于,
    所述接收单元,还用于接收第二消息,所述第二消息包括所述首条数据、所述首条数据对应的所述哈希链的头节点、第二验证码和验证信息,所述验证信息包括公钥信息;
    所述处理单元,还用于根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  35. 如权利要求34所述的装置,其特征在于,所述处理单元,用于:
    使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息;
    根据所述首条数据和所述首条数据对应的头节点生成第二摘要信息;
    在所述第一摘要信息与所述第二摘要信息匹配时,对所述首条数据验证通过。
  36. 如权利要求35所述的装置,其特征在于,所述验证信息为数字证书,所述数字证书包括所述公钥信息,
    所述处理单元,用于:
    使用所述数字证书的颁发者公钥信息验证所述数字证书;
    在验证所述数字证书通过后,使用所述公钥信息对所述第二验证码进行解密得到第一摘要信息。
  37. 如权利要求36所述的装置,其特征在于,所述处理单元,用于:
    将所述第二消息缓存在消息缓存区中;
    在接收消息的时间长度达到第二阈值时,对接收到的Z个消息中的数字证书进行验证,所述Z个消息是所述消息缓存区中缓存的包括数字证书的消息,Z为大于0的整数;
    在对所述Z个消息中的数字证书进行验证未通过时,使用所述数字证书的颁发者公钥信息验证所述数字证书。
  38. 如权利要求37所述的装置,其特征在于,所述处理单元,用于:
    对Z个消息中的数字证书进行哈希运算,得到所述Z个消息中的数字证书的哈希值;
    计算所述Z个消息中的数字证书的哈希值的乘积得到第一数值;
    计算所述Z个消息中的数字证书中的数字签名的乘积得到第二数值;
    在所述第二数值的e次方等于所述第一数值时,对所述Z个消息中的数字证书进行验证通过。
  39. 如权利要求34至38任一项所述的装置,其特征在于,所述第二消息还包括发送所述首条数据的第二时间戳;
    所述处理单元,用于:
    获取所述第二时间戳和接收所述首条数据的第四时间戳之间的第二差值;
    在所述第二差值不超过第一阈值时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  40. 如权利要求29至39任一项所述的装置,其特征在于,所述处理单元,用于:
    将所述第二消息缓存在消息缓存区中;
    在接收消息的时间长度达到第二阈值时,同时对接收到的Z个第二消息进行验证,所述Z个第二消息是所述消息缓存区中缓存的第二消息;
    在同时对所述Z个第二消息验证不通过时,根据所述第二验证码和所述公钥信息对所述首条数据进行验证。
  41. 一种通信系统,其特征在于,所述通信系统包括:如权利要求21至28任一项权利要求所述的装置和如权利要求29至40任一项权利要求所述的装置。
PCT/CN2019/095086 2018-09-12 2019-07-08 一种发送消息的方法、验证消息的方法、装置及通信系统 Ceased WO2020052335A1 (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP19860362.3A EP3843355B8 (en) 2018-09-12 2019-07-08 Method for sending message, method for verifying message, and devices

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811063947.1 2018-09-12
CN201811063947.1A CN110896390B (zh) 2018-09-12 2018-09-12 一种发送消息的方法、验证消息的方法、装置及通信系统

Publications (1)

Publication Number Publication Date
WO2020052335A1 true WO2020052335A1 (zh) 2020-03-19

Family

ID=69776950

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/095086 Ceased WO2020052335A1 (zh) 2018-09-12 2019-07-08 一种发送消息的方法、验证消息的方法、装置及通信系统

Country Status (3)

Country Link
EP (1) EP3843355B8 (zh)
CN (1) CN110896390B (zh)
WO (1) WO2020052335A1 (zh)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112615820A (zh) * 2020-12-05 2021-04-06 百果园技术(新加坡)有限公司 重放攻击检测方法、装置、设备和存储介质
CN113438202A (zh) * 2021-05-18 2021-09-24 北京达佳互联信息技术有限公司 验证码请求的处理方法、装置、电子设备及存储介质
US20210314748A1 (en) * 2020-04-01 2021-10-07 Lg Electronics Inc. Verification of messages using hash chaining
CN114244792A (zh) * 2020-09-09 2022-03-25 中国联合网络通信集团有限公司 消息发送方法及装置,和消息显示方法及装置
CN116132166A (zh) * 2023-02-03 2023-05-16 网易(杭州)网络有限公司 基于区块链的通信方法、装置、设备及存储介质
TWI873058B (zh) * 2023-07-10 2025-02-11 岱鐠科技股份有限公司 操作安全程式設計系統的方法
US12574255B2 (en) 2023-07-10 2026-03-10 Dediprog Technology Co., Ltd. Secure programming system, operating method thereof and computer readable recording medium using such operating method

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124396B (zh) * 2020-09-01 2023-12-01 中国电信股份有限公司 信息传输方法、系统和存储介质
CN114006930B (zh) * 2021-09-30 2023-09-08 三一海洋重工有限公司 一种抓料机的远程控制方法、操作方法、装置及系统
CN114422140B (zh) * 2021-12-27 2024-03-12 微位(深圳)网络科技有限公司 消息时间验证方法、装置、设备及介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1912376A1 (en) * 2006-10-10 2008-04-16 NTT DoCoMo, Inc. Method and apparatus for authentication
CN101729248A (zh) * 2008-11-03 2010-06-09 华为技术有限公司 密钥管理、密钥验证的方法及装置
KR20150024117A (ko) * 2013-08-26 2015-03-06 고려대학교 산학협력단 차량용 데이터의 인증 및 획득 방법
CN105187376A (zh) * 2015-06-16 2015-12-23 西安电子科技大学 车联网中汽车内部网络的安全通信方法

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2850862B1 (en) * 2012-05-15 2018-10-03 Telefonaktiebolaget LM Ericsson (publ) Secure paging
US9853819B2 (en) * 2013-08-05 2017-12-26 Guardtime Ip Holdings Ltd. Blockchain-supported, node ID-augmented digital record signature method
CN104936132B (zh) * 2015-05-29 2019-12-06 Oppo广东移动通信有限公司 机器类型通信的方法、终端以及基站
CN105931052A (zh) * 2016-04-21 2016-09-07 四川大学 一种基于区块链多因子交叉验证的虚拟货币交易验证方法
CN106101068B (zh) * 2016-05-27 2019-06-11 宇龙计算机通信科技(深圳)有限公司 终端通信方法及系统
WO2017218986A1 (en) * 2016-06-16 2017-12-21 The Bank Of New York Mellon Managing verifiable, cryptographically strong transactions
CN106559211B (zh) * 2016-11-22 2019-12-13 中国电子科技集团公司第三十研究所 一种区块链中隐私保护智能合约方法
CN108111467B (zh) * 2016-11-24 2021-04-09 华为技术有限公司 身份认证方法与设备及系统
CN106650496B (zh) * 2016-12-16 2020-03-31 杭州嘉楠耘智信息科技有限公司 一种数据处理方法及装置
CN107077557B (zh) * 2016-12-29 2020-07-31 深圳前海达闼云端智能科技有限公司 软件应用程序发布和验证的方法及装置
JP2018133744A (ja) * 2017-02-16 2018-08-23 パナソニックIpマネジメント株式会社 通信システム、車両、および監視方法
CN107579817A (zh) * 2017-09-12 2018-01-12 广州广电运通金融电子股份有限公司 基于区块链的用户身份验证方法、装置及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1912376A1 (en) * 2006-10-10 2008-04-16 NTT DoCoMo, Inc. Method and apparatus for authentication
CN101729248A (zh) * 2008-11-03 2010-06-09 华为技术有限公司 密钥管理、密钥验证的方法及装置
KR20150024117A (ko) * 2013-08-26 2015-03-06 고려대학교 산학협력단 차량용 데이터의 인증 및 획득 방법
CN105187376A (zh) * 2015-06-16 2015-12-23 西安电子科技大学 车联网中汽车内部网络的安全通信方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3843355A4

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210314748A1 (en) * 2020-04-01 2021-10-07 Lg Electronics Inc. Verification of messages using hash chaining
US11811943B2 (en) * 2020-04-01 2023-11-07 Lg Electronics Inc. Verification of messages using hash chaining
CN114244792A (zh) * 2020-09-09 2022-03-25 中国联合网络通信集团有限公司 消息发送方法及装置,和消息显示方法及装置
CN112615820A (zh) * 2020-12-05 2021-04-06 百果园技术(新加坡)有限公司 重放攻击检测方法、装置、设备和存储介质
CN113438202A (zh) * 2021-05-18 2021-09-24 北京达佳互联信息技术有限公司 验证码请求的处理方法、装置、电子设备及存储介质
CN113438202B (zh) * 2021-05-18 2023-06-02 北京达佳互联信息技术有限公司 验证码请求的处理方法、装置、电子设备及存储介质
CN116132166A (zh) * 2023-02-03 2023-05-16 网易(杭州)网络有限公司 基于区块链的通信方法、装置、设备及存储介质
TWI873058B (zh) * 2023-07-10 2025-02-11 岱鐠科技股份有限公司 操作安全程式設計系統的方法
US12574255B2 (en) 2023-07-10 2026-03-10 Dediprog Technology Co., Ltd. Secure programming system, operating method thereof and computer readable recording medium using such operating method
US12574254B2 (en) 2023-07-10 2026-03-10 Dediprog Technology Co., Ltd. Secure programming system and operating method thereof
US12587390B2 (en) 2023-07-10 2026-03-24 Dediprog Technology Co., Ltd. Method of operating secure programming system

Also Published As

Publication number Publication date
CN110896390A (zh) 2020-03-20
EP3843355B8 (en) 2025-01-22
EP3843355A1 (en) 2021-06-30
EP3843355A4 (en) 2021-11-10
CN110896390B (zh) 2021-05-11
EP3843355B1 (en) 2024-12-18

Similar Documents

Publication Publication Date Title
WO2020052335A1 (zh) 一种发送消息的方法、验证消息的方法、装置及通信系统
CN102170352B (zh) 使用具有温特尼茨单次签名的ecdsa的方法
US8904183B2 (en) Efficient technique to achieve non-repudiation and resilience to DoS attacks in wireless networks
JP7214838B2 (ja) 証明書ステータスの決定方法
EP2873191B1 (en) Mechanisms for certificate revocation status verification on constrained devices
CN109951823A (zh) 用于车辆到车辆通信的方法和装置
WO2018112940A1 (zh) 区块链节点的业务执行方法、装置及节点设备
JP2020532928A (ja) デジタル署名方法、装置及びシステム
CN113742709B (zh) 信息的处理方法、装置、可读介质和电子设备
CN107210910A (zh) 为一段数据提供散列值的方法、电子设备和计算机程序
US12192185B2 (en) Data transmission method, communication processing method, device, and communication processing program
CN104065481A (zh) 具有隐私保护的凭证产生及撤销的方法及装置
US20210336781A1 (en) Network device, method for security and computer readable storage medium
WO2016068942A1 (en) Encryption for transactions in a memory fabric
CN118764201A (zh) 一种面向物联网的可信认证安全芯片系统及控制方法
CN104468074A (zh) 应用程序之间认证的方法及设备
CN108599936A (zh) 一种OpenStack开源云用户的安全认证方法
Alazzawi et al. Authentication and revocation scheme for VANETs based on Chinese remainder theorem
CN107332833A (zh) 校验方法及装置
CN112995322B (zh) 信息传输通道建立方法、装置、存储介质以及终端
CN113051621B (zh) 安全通信方法、设备及系统
CN112423295B (zh) 一种基于区块链技术的轻量级安全认证方法及系统
CN120266435A (zh) 一种身份管理方法及装置
Rabadi Implicit certificates support in IEEE 1609 security services for wireless access in vehicular environment (WAVE)
CN116033414A (zh) 一种VANETs隐私保护方法和设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19860362

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2019860362

Country of ref document: EP

Effective date: 20210326