Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology

A technology of identity authentication and symmetric cryptography, which is applied in the field of using symmetric cryptography to enhance MQTT protocol identity authentication, to achieve the effects of easy implementation of development technology, improved security performance, and strong versatility

Pending Publication Date: 2021-11-05
中电信量子科技有限公司
View PDF1 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In the MQTT protocol in the prior art, the channel must be established based on the public-private key system to realize the protocol-based identity authentication function. In the environment of increasingly severe network attacks, the existing solutions cannot resist the impact of attacks on the security of IoT devices.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology
  • Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology
  • Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0078] The invention provides an identity authentication method using symmetric cryptography to enhance the MQTT protocol, which is applied to an identity authentication system. The identity authentication system includes a quantum random number generator, a quantum exchange cipher machine, a quantum key filling machine, and a quantum cryptography management service. system, IoT terminal, security key chip, and IoT platform.

[0079] The Internet of Things terminal can be a publisher in the MQTT protocol, or a subscriber in the MQTT protocol. The IoT platform can be a broker in the MQTT protocol. During the process of IoT terminal accessing the IoT platform, the IoT platform needs to authenticate the IoT terminal. If the authentication is passed, the IoT terminal can transmit business data with the IoT platform. For example, the IoT terminal can pass the IoT The platform publishes news, and can also subscribe to news published by other IoT terminals through the IoT platform. ...

Embodiment 2

[0119] The present invention provides a method of using symmetric cryptography to enhance MQTT protocol identity authentication, which is applied to terminals of the Internet of Things, such as Image 6 with Figure 7 shown, including:

[0120] First authentication:

[0121] S31. The terminal acquires a key request in the security chip, and the security chip returns the key B of the chip key serial number Z;

[0122] S32. The terminal constructs an initial identity authentication request message according to the content format of the MQTT connection message Connect: key serial number Z+terminal ID+ciphertext (time-varying parameter+terminal ID+terminal preset password), and the encryption method of the ciphertext can use a symmetric algorithm such as SM4 Complete, the encryption key is the key B taken out from S1;

[0123] S33. The terminal sends the constructed identity authentication request message to the proxy address exposed by the Internet of Things platform;

[0124...

Embodiment 3

[0130] The present invention provides a method of using symmetric cryptography to enhance MQTT protocol identity authentication, which is applied on the Internet of Things platform, such as Figure 8 with Figure 9 shown, including:

[0131] First authentication:

[0132] S301. The IoT platform obtains the key B' symmetrical to the key B from the quantum cryptography management service system according to the terminal ID and the key serial number Z in the initial identity authentication request message sent by the IoT terminal;

[0133] S302. The Internet of Things platform receives the key B' returned by the quantum cryptography management service system, and the Internet of Things platform uses the key B' to decrypt the initial identity authentication request message, and obtains the decrypted ciphertext: time-varying parameter + terminal ID+terminal preset password, and compare the decrypted terminal ID and terminal preset password with the terminal ID stored in the backg...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for enhancing MQTT protocol identity authentication by using a symmetric cryptographic technology, which comprises the following steps of: performing first identity authentication from an Internet of Things terminal to an Internet of Things platform: charging a quantum key into a quantum safety chip by a quantum key charging machine, and recording and storing a corresponding relationship between the charging safety chip and the key, the Internet of Things terminal calls a quantum key in a chip to construct an identity authentication request message to the Internet of Things platform, the Internet of Things platform obtains symmetry, carries out decryption and identity comparison, generates a login token after successful authentication, and returns a verification message to the terminal; second identity authentication: the Internet of Things platform applies for a key according to the terminal ID and constructs an identity authentication request message to the terminal; and the terminal decrypts and verifies the platform ID and the login token. The invention further provides a system and equipment corresponding to the method. The invention has the advantages that identity authentication is performed by using a key set symmetric algorithm in the quantum safety chip, one key is pad at a time, a third party does not need to issue and authenticate a digital certificate. Therefore, the safety is improved.

Description

technical field [0001] The invention belongs to the technical field of security application products, and in particular relates to a method for enhancing MQTT protocol identity authentication by using symmetric encryption technology. Background technique [0002] The MQTT (Message Queuing Telemetry Transport) protocol is a communication protocol based on the publish / subscribe model, which is built on the TCP / IP (Transmission Control Protocol / Internet Protocol) protocol superior. MQTT can provide real-time and reliable message services for connected terminals with less code and limited bandwidth. [0003] In the MQTT protocol, a server (may be referred to as an MQTT server) needs to authenticate an accessed terminal (may be referred to as an MQTT terminal). After successful authentication, the MQTT terminal publishes or subscribes to messages through the MQTT server. In order to improve the security of transmitted data during the authentication process, the prior art gener...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/08H04L9/32H04L29/06H04L29/08
CPCH04L9/0852H04L9/0866H04L9/3226H04L9/3213H04L63/0435H04L63/083H04L63/0807H04L67/12
Inventor 王丙磊胡缙王建礼
Owner 中电信量子科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products