Using message authentication code (MAC) to authenticate message, the invention uses one-off variable. The method includes steps: before using one-off variable, saving range and use state of one-off variable; it must carry out operation for one-off variable and message together to calculate MAC; in authenticating MAC, must authenticate one-off variable, and its state; after using one-off variable, must mark and save use state; for certain cipher key and authentication function, one-off variable is only use for once to authenticate message effectively. Using one-off variable can realize integrality and freshness of authenticating message. Advantages are: synchronous use one-off variable to prevent security attack in many ways, and simple method for realizing complicated authentication application.
The invention relates to the technical field of electronic informationencryption and discloses a synchronous code encryption device for an access controlsystem. The synchronous code encryption device comprises access control equipment and terminal equipment. The invention further discloses a synchronous code encryption method for the access controlsystem, which comprises the following steps: step 1, judging whether to punch a card for the first time or not; step 2, performing initial debugging; step 3, reading card number data and performing data combination, encryption and conversion; step 4, transmitting Wiegand data and performing incremental update on synchronous codes inside the access control equipment; step 5, decrypting the Wiegand data; step 6, storing the synchronous codes inside the terminal equipment in the access control equipment and setting a synchronous code contrast interval; step 7, judging whether the synchronous codes inside the access control equipment fall into the synchronous code contrast interval or not; step 8, judging as effective data; step 9, judging as ineffective data. The synchronous code encryption device and method provided by the invention favorably prevent security attack in a manner of counterfeiting the effective data, so that the safety and the reliability of a door lock system are improved.
An Internet of thingssystem with a network mask based on an object description method includes a device management platform, a plurality of device service applications, and a plurality of Internet ofThings devices. Wherein the internet of things device is based on an object description template, A real object description file and a pseudo object description file are formed, an access request issent to the device management platform and the registering is performed, the calling of the device management platform is received by the object description file, wherein the interaction between the device management platform and the device discovery platform and the device service application is based on the pseudo object description file, and the invocation between the device management platformand the Internet of Things device is based on the real object description file. The object description method can be used for describing all objects in the Internet of Things, and has compatibility and universality. By using the real object description method and the pseudo object description method, the malicious attacker is prevented from launching a direct malicious attack on the device itselfbecause of obtaining the information of the device invocation.