CN104243423A - Ad-hoc network encryption and authentication method and system and terminals - Google Patents
Ad-hoc network encryption and authentication method and system and terminals Download PDFInfo
- Publication number
- CN104243423A CN104243423A CN201310244521.7A CN201310244521A CN104243423A CN 104243423 A CN104243423 A CN 104243423A CN 201310244521 A CN201310244521 A CN 201310244521A CN 104243423 A CN104243423 A CN 104243423A
- Authority
- CN
- China
- Prior art keywords
- terminal
- hoc network
- access point
- information
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000004891 communication Methods 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an ad-hoc network encryption and authentication method which comprises the steps of generating passwords of an ad-hoc network according to all information of terminals in the ad-hoc network at present and informing all the terminals in the ad-hoc network of the passwords; encrypting business information through the passwords when all the terminals in the ad-hoc network send the business information; decrypting business information through the passwords when all the terminals in the ad-hoc network receive the business information. The invention further discloses an ad-hoc network encryption and authentication system and the terminals. By means of the ad-hoc network encryption and authentication method and system and the terminals, the communication safety of the ad-hoc network can be guaranteed.
Description
Technical Field
The invention relates to an encryption authentication technology in an ad hoc network, in particular to an encryption authentication method, a system and a terminal of the ad hoc network.
Background
Along with the development of information technology and the popularization of novel networks such as the Internet of things and ubiquitous networks, more and more terminal equipment must emerge in the space of life and work of people. In order to fully utilize various terminals in the surrounding environment of a user and provide real-time, efficient and high-quality services for the user, it has become a demand to enable the multiple terminals to work cooperatively to provide services together.
The safe information interaction among the multiple terminals is the premise of the cooperative work of the multiple terminals. At present, the mode of multi-terminal cooperative work is as follows: the terminals can form an ad hoc network after mutually authenticating, one of the terminals in the ad hoc network is selected as an access point terminal by using a mode of comparing terminal capability information, and an IP address can be allocated to each terminal by accessing the access point terminal, so that the terminals can mutually communicate through the IP addresses. The terminal information can be shared through the ad hoc network. However, the security of communication between terminals in the ad hoc network is not guaranteed, and if a new terminal requests to join the existing ad hoc network, no corresponding authentication method exists for authenticating the central terminal at present.
Disclosure of Invention
In view of the above, the main objective of the present invention is to provide an encryption authentication method, system and terminal for an ad hoc network, which can ensure the security of ad hoc network communication.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
an encryption authentication method of an ad hoc network comprises the following steps:
generating a password of the ad hoc network according to the current all terminal information in the ad hoc network and informing each terminal in the ad hoc network;
when each terminal in the ad hoc network sends service information, the service information is encrypted by using the password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the password.
Preferably, when a request for accessing the terminal to the ad hoc network is received, all terminals in the ad hoc network authenticate the accessed terminal; and after the authentication is successful, the accessed terminal is accessed to the ad hoc network.
Preferably, the method further comprises:
when determining that an access terminal in the ad hoc network exits or a terminal exits, updating the password of the ad hoc network according to the current terminal information in the ad hoc network, and informing each terminal in the ad hoc network of the updated password;
when each terminal in the ad hoc network sends service information, encrypting the service information by using the updated password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the updated password.
Preferably, before generating the password of the ad hoc network according to all current terminal information in the ad hoc network, the method further includes:
the terminal receives ad hoc network request messages sent by other terminals through a wireless fidelity (WIFI) network or a Bluetooth network and authenticates the other terminals; and after the authentication is successful, establishing connection with the other terminals and generating the ad hoc network.
Preferably, the method further comprises:
each terminal in the ad hoc network acquires the performance parameters of other terminals through the ad hoc network, determines one terminal as an access point terminal according to the performance parameters of the terminal, and allocates IP addresses to all the terminals of the ad hoc network by the access point terminal.
Preferably, the generating a password of the ad hoc network according to all current terminal information in the ad hoc network includes:
the access point terminal receives terminal information sent by a non-access point terminal and generates a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: terminal user name, IP address, terminal ID.
Preferably, the authenticating, by all terminals in the ad hoc network, the accessed terminal includes:
acquiring terminal information of the accessed terminal, matching the accessed terminal information with the cached terminal information, and determining that the authentication of the accessed terminal is successful after the matching is successful; and after the matching fails, when the accessed terminal is determined to be a legal terminal according to the acquired terminal information, the authentication of the accessed terminal is determined to be successful.
An ad hoc network cryptographic authentication system comprising: an access point terminal and a non-access point terminal; wherein,
the access point terminal is used for generating the self-networking password according to the current all terminal information in the self-networking and informing each non-access point terminal in the self-networking; when the service information is sent, the service information is encrypted by using the password; and when the service information is received, decrypting the service information by using the password.
The non-access point terminal is used for receiving the self-organized network password notified by the access point terminal; when the service information is sent, the service information is encrypted by using the password; and when the service information is received, decrypting the service information by using the password.
Preferably, the system further comprises: accessing a terminal;
the access terminal is used for sending a request for accessing the ad hoc network to the access point terminal or the non-access point terminal; after the access point terminal and the non-access point terminal authenticate the access terminal, accessing the ad hoc network;
the access point terminal is also used for authenticating the access terminal when receiving a request of accessing the ad hoc network from the access terminal; pushing a request of the access terminal for accessing the ad hoc network to the non-access point terminal;
the non-access point terminal is also used for authenticating the access terminal when receiving the request of the access terminal for accessing the ad hoc network; and pushing the request of the access terminal for accessing the ad hoc network to the access point terminal.
Preferably, the access point terminal is further configured to update a password of the ad hoc network according to current terminal information in the ad hoc network when it is determined that the access terminal in the ad hoc network or a terminal exits, and notify each non-access point terminal in the ad hoc network of the updated password; when the service information is sent, the updated password is used for encrypting the service information; when the service information is received, the updated password is used for decrypting the service information;
the non-access point terminal is further configured to receive the updated ad hoc network password notified by the access point terminal; when the service information is sent, the updated password is used for encrypting the service information; and when the service information is received, decrypting the service information by using the updated password.
Preferably, the access point terminal is further configured to authenticate the non-access point terminal after receiving an ad hoc network request message sent by the non-access point terminal through a WIFI network or a bluetooth network; after the authentication is successful, establishing connection with the non-access point terminal and generating an ad hoc network;
the non-access point terminal is also used for authenticating the access point terminal after receiving the ad hoc network request message sent by the access point terminal through a WIFI network or a Bluetooth network; and after the authentication is successful, establishing connection with the access point terminal and generating the ad hoc network.
Preferably, the access point terminal is further configured to allocate IP addresses to the access point terminal and all non-access point terminals of the ad hoc network.
Preferably, the access point terminal is further configured to receive terminal information sent by the non-access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: terminal user name, IP address, terminal ID.
Preferably, the access point terminal is further configured to obtain terminal information of the access terminal; matching the obtained terminal information with the cached terminal information, and determining that the access terminal is successfully authenticated after the matching is successful; after the matching is failed, when the access terminal is determined to be a legal terminal according to the acquired terminal information, the access terminal is determined to be successfully authenticated;
the non-access point terminal is also used for acquiring the terminal information of the access terminal; matching the obtained terminal information with the cached terminal information, and determining that the access terminal is successfully authenticated after the matching is successful; and after the matching fails, when the access terminal is determined to be a legal terminal according to the acquired terminal information, determining that the authentication on the access terminal is successful.
An encryption authentication terminal of an ad hoc network, comprising: a cryptographic unit and an encryption/decryption unit; wherein,
the password unit is used for generating the password of the ad hoc network according to the current all terminal information in the ad hoc network and informing each terminal in the ad hoc network when the terminal is determined to be the access point terminal; when the terminal is determined to be a non-access point terminal, receiving the password of the ad hoc network notified by the access point terminal;
the encryption and decryption unit is used for encrypting the service information by using the password when the service information is sent; and when the service information is received, decrypting the service information by using the password.
Preferably, the terminal further includes: a first receiving unit and an authentication unit; wherein,
the first receiving unit is used for receiving a request of accessing the access terminal to the ad hoc network;
and the authentication unit is used for authenticating the access terminal and pushing a request of accessing the access terminal to the ad hoc network to other terminals of the ad hoc network.
Preferably, the terminal further includes: an updating unit, a transmitting unit and a second receiving unit; wherein,
the updating unit is used for updating the self-organized network password according to the current terminal information in the self-organized network when the terminal is determined to be an access point terminal and an access terminal in the self-organized network or a terminal exits;
the sending unit is configured to notify each non-access point terminal in the ad hoc network of the updated password;
the second receiving unit is configured to receive the updated ad hoc network password notified by the access point terminal when the terminal is determined to be a non-access point terminal;
the encryption and decryption unit is also used for encrypting the service information by using the updated password when the service information is sent; and when the service information is received, decrypting the service information by using the updated password.
Preferably, the terminal further includes: a third receiving unit and an establishing unit; wherein,
the third receiving unit is used for receiving the ad hoc network request message sent by the other terminal through the WIFI network or the Bluetooth network;
the authentication unit also authenticates the other terminals;
and the establishing unit is used for establishing connection with the other terminals and generating the ad hoc network after the authentication is successful.
Preferably, the terminal further comprises an allocating unit, configured to allocate IP addresses to all terminals of the ad hoc network when the terminal determines to be an access point terminal.
Preferably, the cryptographic unit comprises: a receiving subunit, a sending subunit and a generating subunit; wherein,
the receiving subunit is configured to receive terminal information sent by a non-access point terminal when the terminal is determined to be an access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: a terminal user name, an IP address and a terminal ID;
the sending subunit is configured to send terminal information to the access point terminal when the terminal is determined to be a non-access point terminal;
and the generating subunit is used for generating the self-organized network password containing the terminal information.
Preferably, the authentication unit includes: the method comprises the steps of obtaining a subunit, a matching subunit and a determining subunit; wherein,
the acquiring subunit is configured to acquire terminal information of an access terminal;
the matching subunit is used for matching the acquired terminal information with the cached terminal information;
the determining subunit is configured to determine that the authentication of the access terminal is successful after the matching subunit is successfully matched; and after the matching fails, when the access terminal is determined to be a legal terminal according to the acquired terminal information, determining that the authentication on the access terminal is successful.
The encryption authentication method, the system and the terminal of the ad hoc network provided by the invention generate the password of the ad hoc network according to the current all terminal information in the ad hoc network and inform each terminal in the ad hoc network;
when each terminal in the ad hoc network sends service information, the service information is encrypted by using the password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the password. Therefore, the service information communicated in the ad hoc network can be encrypted, and the data security is guaranteed; when a request of a terminal for accessing the ad hoc network is received, all terminals in the ad hoc network authenticate the accessed terminal; after the authentication is successful, the accessed terminal is accessed to the ad hoc network; therefore, other terminals except the ad hoc network can be authenticated by all terminals in the ad hoc network, and the safety of the terminals added into the ad hoc network is further ensured.
Drawings
Fig. 1 is a schematic diagram illustrating an implementation flow of an encryption authentication method for an ad hoc network according to an embodiment of the present invention;
FIG. 2 is a schematic structural diagram of an encryption authentication system of an ad hoc network according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an encryption authentication terminal of an ad hoc network according to an embodiment of the present invention.
Detailed Description
So that the manner in which the features and aspects of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings.
The embodiment of the invention provides an encryption authentication method of an ad hoc network, which comprises the following steps as shown in figure 1:
step 101: and generating the passwords of the ad hoc network according to the current all terminal information in the ad hoc network and informing each terminal in the ad hoc network.
Pre-generating an ad hoc network, preferably, before step 101, the method further comprises: after receiving an ad hoc network request message sent by other terminals through a WIreless FIdelity (WIFI) network or a Bluetooth network, the terminal authenticates the other terminals; and after the authentication is successful, establishing connection with the other terminals and generating the ad hoc network.
Each terminal in the ad hoc network acquires the performance parameters of other terminals through the ad hoc network, determines one terminal as an access point terminal according to the performance parameters of the terminal, and allocates IP addresses to all the terminals of the ad hoc network by the access point terminal.
Here, the performance parameter may be a CPU processing capability, a memory size, and the like of the terminal.
Preferably, the generating a password of the ad hoc network according to the terminal information in the current ad hoc network includes:
the access point terminal receives terminal information sent by a non-access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: terminal user name, IP address, terminal ID.
For example, the non-access point terminal will be terminal 2, 3, 4, and the access point terminal will be terminal 1; the terminals 2, 3 and 4 send their own terminal information to the terminal 1; after receiving the terminal information sent by the terminals 2, 3 and 4, the terminal 1 generates a password containing the terminal information; the format of the password includes but is not limited to a terminal user name, an IP address and a terminal ID; as shown in table 1.
| Terminal 2 | Terminal 3 | Terminal 4 | Terminal 1 | |
| Terminal user name | Name2 | Name3 | Name4 | Name1 |
| IP address | 192.168.0.2 | 192.168.0.3 | 192.168.0.4 | 192.168.0.1 |
| Terminal ID | SSID2 | SSID3 | SSID4 | SSID1 |
TABLE 1
The password of the ad hoc network using the terminal 1 as the access node terminal is:
NAME (2+3+4+1) + IP (2+3+4+1) + SSID (2+3+4+1), wherein a Service Set Identifier (SSID) is a terminal ID; the password length can be intercepted according to the needs of the user; the password is a unified password of the ad hoc network.
Here, the SSID includes information of the user, such as a service name and device attribute information input by the user. Further, the CPU, memory, and disk space of a device may be represented by numbers, which may be set by a user or a developer, or may take values specified by a standard.
Step 102: when each terminal in the ad hoc network sends service information, the service information is encrypted by using the password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the password.
Preferably, the method further comprises: when a request of a terminal for accessing the ad hoc network is received, all terminals in the ad hoc network authenticate the accessed terminal; and after the authentication is successful, the accessed terminal is accessed to the ad hoc network.
Correspondingly, when an access terminal in the ad hoc network is determined or a terminal exits, updating the password of the ad hoc network according to the current terminal information in the ad hoc network, and informing each terminal in the ad hoc network of the updated password;
when each terminal in the ad hoc network sends service information, encrypting the service information by using the updated password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the updated password.
For example, the terminal 5 is a terminal outside the ad hoc network, and when the terminal 5 searches for the terminals 2, 3, and 4 in the ad hoc network through WIFI or bluetooth, the terminal sends a join request message to the terminals 2, 3, and 4; the terminals 2, 3 and 4 push the join request message to the terminal 1; the terminal 1, 2, 3, 4 authenticates the terminal 5. Or, when the terminal 5 searches for the terminal 1 in the ad hoc network through WIFI or bluetooth, sending a join request message to the terminal 1; the terminal 1 pushes the joining request message to the terminals 2, 3 and 4; the terminal 1, 2, 3, 4 authenticates the terminal 5.
Further, authenticating the accessed terminal by all terminals in the ad hoc network includes:
acquiring terminal information of the accessed terminal;
matching the obtained terminal information with the cached terminal information, and determining that the authentication of the accessed terminal is successful after the matching is successful; and after the matching fails, when the accessed terminal is determined to be a legal terminal according to the acquired terminal information, the authentication of the accessed terminal is determined to be successful.
Here, each time terminal information sent by a terminal is received, the terminal information needs to be stored, so that when the terminal information sent by the terminal is received again next time, the terminal is determined to be a legal terminal by directly matching the stored terminal information, and then the authentication of the terminal is successful.
Further, the updating the password of the ad hoc network according to the terminal information in the current ad hoc network includes:
the access point terminal receives terminal information sent by an accessed terminal; and generating the self-organized network password containing the terminal information and the terminal information of other non-access point terminals in the self-organized network.
For example, the terminal 5 is an access terminal, and after the terminal 5 joins the ad hoc network, there are terminals 1, 2, 3, 4, and 5 in the ad hoc network, where the terminal 1 is an access point terminal, the terminals 2, 3, 4, and 5 are non-access point terminals, and the updated ad hoc network password is:
NAME(2+3+4+1+5)+IP(2+3+4+1+5)+SSID(2+3+4+1+5)。
for the above encryption authentication method of the ad hoc network, an embodiment of the present invention further provides an encryption authentication system of the ad hoc network, as shown in fig. 2, the system includes: an access point terminal 21 and a non-access point terminal 22; wherein,
the access point terminal 21 is configured to generate a password of the ad hoc network according to all current terminal information in the ad hoc network and notify each non-access point terminal 22 in the ad hoc network; when the service information is sent, the service information is encrypted by using the password; when service information is received, the service information is decrypted by using the password;
the non-access point terminal 22 is configured to receive the password of the ad hoc network notified by the access point terminal 21; when the service information is sent, the service information is encrypted by using the password; and when the service information is received, decrypting the service information by using the password.
Preferably, the system further comprises: an access terminal 23;
the access terminal 23 is configured to send a request for accessing the ad hoc network to the access point terminal 21 or the non-access point terminal 22; after the access point terminal 21 and the non-access point terminal 22 authenticate the access terminal, accessing the ad hoc network;
the access point terminal 21 is further configured to authenticate the access terminal 23 when receiving a request for accessing the ad hoc network from the access terminal 23; and pushing the request of the access terminal 23 to access the ad hoc network to the non-access point terminal 22;
the non-access point terminal 22 is further configured to authenticate the access terminal 23 when receiving a request for accessing the ad hoc network from the access terminal 23; and pushes the request of the access terminal 23 accessing the ad hoc network to the access point terminal 21.
Preferably, the access point terminal 21 is further configured to update a password of the ad hoc network according to current terminal information in the ad hoc network when it is determined that the access terminal in the ad hoc network or a terminal exits, and notify each non-access point terminal 22 in the ad hoc network of the updated password; when the service information is sent, the updated password is used for encrypting the service information; when the service information is received, the updated password is used for decrypting the service information;
the non-access point terminal 22 is further configured to receive the updated ad hoc network password notified by the access point terminal 21; when the service information is sent, the updated password is used for encrypting the service information; and when the service information is received, decrypting the service information by using the updated password.
Preferably, the access point terminal 21 is further configured to authenticate the non-access point terminal 22 after receiving the ad hoc network request message sent by the non-access point terminal 22 through the WIFI network or the bluetooth network; after the authentication is successful, establishing connection with the non-access point terminal 22 and generating an ad hoc network;
the non-access point terminal 22 is further configured to authenticate the access point terminal 21 after receiving the ad hoc network request message sent by the access point terminal 21 through the WIFI network or the bluetooth network; and after the authentication is successful, establishing connection with the access point terminal 22 and generating an ad hoc network.
Preferably, the access point terminal 21 is further configured to allocate IP addresses to the access point terminal 21 and all non-access point terminals 22 of the ad hoc network.
Preferably, the access point terminal 21 is further configured to receive terminal information sent by the non-access point terminal 22; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: a terminal user name, an IP address and a terminal ID; .
Preferably, the access point terminal 21 is further configured to obtain terminal information of the access terminal 23; matching the obtained terminal information with the cached terminal information, and determining that the access terminal 23 is successfully authenticated after the matching is successful; after the matching is failed, when the access terminal 23 is determined to be a legal terminal according to the acquired terminal information, the authentication of the access terminal 23 is determined to be successful;
the non-access point terminal 22 is further configured to obtain terminal information of the access terminal 23; matching the obtained terminal information with the cached terminal information, and determining that the access terminal 23 is successfully authenticated after the matching is successful; and after the matching fails, when the access terminal 23 is determined to be a legal terminal according to the acquired terminal information, determining that the authentication of the access terminal 23 is successful.
Those skilled in the art will understand that the functions implemented by each device of the encryption authentication system of the ad hoc network shown in fig. 2 can be understood by referring to the related description of the encryption authentication method of the ad hoc network. The functions of the devices of the ad hoc network encryption authentication system shown in fig. 2 may be implemented by a program running on a processor, or may be implemented by specific logic circuits.
For the above encryption authentication method and system of the ad hoc network, an embodiment of the present invention further provides an encryption authentication terminal of the ad hoc network, as shown in fig. 3, where the terminal includes: a cryptographic unit 31 and an encryption/decryption unit 32; wherein,
the password unit 31 is configured to generate a password of the ad hoc network according to current all terminal information in the ad hoc network and notify each terminal in the ad hoc network when the terminal determines that the terminal is an access point terminal; when the terminal is determined to be a non-access point terminal, receiving the password of the ad hoc network notified by the access point terminal;
the encryption and decryption unit 32 is configured to encrypt the service information with the password when the service information is sent; and when the service information is received, decrypting the service information by using the password.
Preferably, the terminal further includes: a first receiving unit 33 and an authentication unit 34; wherein,
the first receiving unit 33 is configured to receive a request for accessing the ad hoc network by an access terminal;
the authentication unit 34 is configured to authenticate the access terminal, and push a request for accessing the access terminal to the ad hoc network to another terminal of the ad hoc network.
Preferably, the terminal further includes: an updating unit 35, a transmitting unit 36, and a second receiving unit 37; wherein,
the updating unit 35 is configured to update the password of the ad hoc network according to the current terminal information in the ad hoc network when the terminal determines that the terminal is an access point terminal and determines that the access terminal in the ad hoc network or a terminal exits;
the sending unit 36 is configured to notify each non-access point terminal in the ad hoc network of the updated password;
the second receiving unit 37 is configured to receive the updated ad hoc network password notified by the access point terminal when the terminal is determined to be a non-access point terminal;
the encryption and decryption unit 32 is further configured to encrypt the service information by using the updated password when the service information is sent; and when the service information is received, decrypting the service information by using the updated password.
Preferably, the terminal further includes: a third receiving unit 38 and a establishing unit 39; wherein,
the third receiving unit 38 is configured to receive an ad hoc network request message sent by the other terminal through a WIFI network or a bluetooth network;
the authentication unit 34 is further configured to authenticate the other terminals;
the establishing unit 39 is configured to establish a connection with the other terminal and generate an ad hoc network after the authentication is successful.
Preferably, the terminal further comprises an allocating unit 310, configured to allocate IP addresses to all terminals of the ad hoc network when the terminal determines to be an access point terminal
Preferably, the cryptographic unit 31 comprises: a receiving subunit 311, a transmitting subunit 312, and a generating subunit 313; wherein,
the receiving subunit 311 is configured to receive terminal information sent by a non-access point terminal when the terminal is determined to be an access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: a terminal user name, an IP address and a terminal ID;
the sending subunit 312 is configured to send terminal information to the access point terminal when the terminal is determined to be a non-access point terminal;
a generating subunit 313, configured to generate a password of the ad hoc network that includes the terminal information.
Preferably, the authentication unit 34 includes: an acquisition subunit 341, a matching subunit 342, and a determination subunit 343; wherein,
the acquiring subunit 341 is configured to acquire terminal information of an access terminal;
the matching subunit 342 is configured to match the obtained terminal information with the cached terminal information;
the determining subunit 343, configured to determine that the authentication of the access terminal is successful after the matching of the matching subunit 342 is successful; and after the matching fails, when the access terminal is determined to be a legal terminal according to the acquired terminal information, determining that the authentication on the access terminal is successful.
Those skilled in the art should understand that the implementation functions of each unit and its sub-units in the encryption authentication terminal of the ad hoc network shown in fig. 3 can be understood by referring to the related description of the encryption authentication method and system of the ad hoc network. The functions of each unit and its sub-units in the encryption authentication terminal of the ad hoc network shown in fig. 3 can be implemented by a program running on a processor, and can also be implemented by a specific logic circuit.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (21)
1. An encryption authentication method of an ad hoc network is characterized by comprising the following steps:
generating a password of the ad hoc network according to the current all terminal information in the ad hoc network and informing each terminal in the ad hoc network;
when each terminal in the ad hoc network sends service information, the service information is encrypted by using the password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the password.
2. The encryption authentication method according to claim 1, wherein when a request for a terminal to access the ad hoc network is received, all terminals in the ad hoc network authenticate the accessed terminal; and after the authentication is successful, the accessed terminal is accessed to the ad hoc network.
3. The cryptographic authentication method according to claim 1 or 2, characterized in that the method further comprises:
when determining that an access terminal in the ad hoc network exits or a terminal exits, updating the password of the ad hoc network according to the current terminal information in the ad hoc network, and informing each terminal in the ad hoc network of the updated password;
when each terminal in the ad hoc network sends service information, encrypting the service information by using the updated password; and when each terminal in the ad hoc network receives the service information, decrypting the service information by using the updated password.
4. The encryption authentication method as claimed in claim 3, wherein before generating the password of the ad hoc network according to all current terminal information in the ad hoc network, the method further comprises:
the terminal receives ad hoc network request messages sent by other terminals through a wireless fidelity (WIFI) network or a Bluetooth network and authenticates the other terminals; and after the authentication is successful, establishing connection with the other terminals and generating the ad hoc network.
5. The cryptographic authentication method as claimed in claim 4, further comprising:
each terminal in the ad hoc network acquires the performance parameters of other terminals through the ad hoc network, determines one terminal as an access point terminal according to the performance parameters of the terminal, and allocates IP addresses to all the terminals of the ad hoc network by the access point terminal.
6. The encryption authentication method as claimed in claim 5, wherein the generating the password of the ad hoc network according to all current terminal information in the ad hoc network comprises:
the access point terminal receives terminal information sent by a non-access point terminal and generates a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: terminal user name, IP address, terminal ID.
7. The encryption authentication method as claimed in claim 2, 4, 5 or 6, wherein the authentication of the accessed terminal by all terminals in the ad hoc network comprises:
acquiring terminal information of the accessed terminal, matching the accessed terminal information with the cached terminal information, and determining that the authentication of the accessed terminal is successful after the matching is successful; and after the matching fails, when the accessed terminal is determined to be a legal terminal according to the acquired terminal information, the authentication of the accessed terminal is determined to be successful.
8. An ad hoc network encryption authentication system, comprising: an access point terminal and a non-access point terminal; wherein,
the access point terminal is used for generating the self-networking password according to the current all terminal information in the self-networking and informing each non-access point terminal in the self-networking; when the service information is sent, the service information is encrypted by using the password; when service information is received, the service information is decrypted by using the password;
the non-access point terminal is used for receiving the self-organized network password notified by the access point terminal; when the service information is sent, the service information is encrypted by using the password; and when the service information is received, decrypting the service information by using the password.
9. The cryptographic authentication system of claim 8, further comprising: accessing a terminal;
the access terminal is used for sending a request for accessing the ad hoc network to the access point terminal or the non-access point terminal; after the access point terminal and the non-access point terminal authenticate the access terminal, accessing the ad hoc network;
the access point terminal is also used for authenticating the access terminal when receiving a request of accessing the ad hoc network from the access terminal; pushing a request of the access terminal for accessing the ad hoc network to the non-access point terminal;
the non-access point terminal is also used for authenticating the access terminal when receiving the request of the access terminal for accessing the ad hoc network; and pushing the request of the access terminal for accessing the ad hoc network to the access point terminal.
10. The cryptographic authentication system of claim 8 or 9,
the access point terminal is further configured to update the password of the ad hoc network according to current terminal information in the ad hoc network when it is determined that the access terminal in the ad hoc network or a terminal exits, and notify each non-access point terminal in the ad hoc network of the updated password; when the service information is sent, the updated password is used for encrypting the service information; when the service information is received, the updated password is used for decrypting the service information;
the non-access point terminal is further configured to receive the updated ad hoc network password notified by the access point terminal; when the service information is sent, the updated password is used for encrypting the service information; and when the service information is received, decrypting the service information by using the updated password.
11. The cryptographic authentication system of claim 10,
the access point terminal is also used for authenticating the non-access point terminal after receiving the ad hoc network request message sent by the non-access point terminal through a WIFI network or a Bluetooth network; after the authentication is successful, establishing connection with the non-access point terminal and generating an ad hoc network;
the non-access point terminal is also used for authenticating the access point terminal after receiving the ad hoc network request message sent by the access point terminal through a WIFI network or a Bluetooth network; and after the authentication is successful, establishing connection with the access point terminal and generating the ad hoc network.
12. The encryption authentication system of claim 11, wherein the access point terminal is further configured to assign IP addresses to the access point terminal and all non-access point terminals of the ad hoc network.
13. The encryption authentication system of claim 12, wherein the access point terminal is further configured to receive terminal information sent by the non-access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: terminal user name, IP address, terminal ID.
14. The cryptographic authentication system of claim 9, 11, 12 or 13,
the access point terminal is also used for acquiring the terminal information of the access terminal; matching the obtained terminal information with the cached terminal information, and determining that the access terminal is successfully authenticated after the matching is successful; after the matching is failed, when the access terminal is determined to be a legal terminal according to the acquired terminal information, the access terminal is determined to be successfully authenticated;
the non-access point terminal is also used for acquiring the terminal information of the access terminal; matching the obtained terminal information with the cached terminal information, and determining that the access terminal is successfully authenticated after the matching is successful; and after the matching fails, when the access terminal is determined to be a legal terminal according to the acquired terminal information, determining that the authentication on the access terminal is successful.
15. An encryption authentication terminal of an ad hoc network, the terminal comprising: a cryptographic unit and an encryption/decryption unit; wherein,
the password unit is used for generating the password of the ad hoc network according to the current all terminal information in the ad hoc network and informing each terminal in the ad hoc network when the terminal is determined to be the access point terminal; when the terminal is determined to be a non-access point terminal, receiving the password of the ad hoc network notified by the access point terminal;
the encryption and decryption unit is used for encrypting the service information by using the password when the service information is sent; and when the service information is received, decrypting the service information by using the password.
16. The cryptographic authentication terminal of claim 15, wherein the terminal further comprises: a first receiving unit and an authentication unit; wherein,
the first receiving unit is used for receiving a request of accessing the access terminal to the ad hoc network;
and the authentication unit is used for authenticating the access terminal and pushing a request of accessing the access terminal to the ad hoc network to other terminals of the ad hoc network.
17. The cryptographic authentication terminal of claim 15 or 16, wherein the terminal further comprises: an updating unit, a transmitting unit and a second receiving unit; wherein,
the updating unit is used for updating the self-organized network password according to the current terminal information in the self-organized network when the terminal is determined to be an access point terminal and an access terminal in the self-organized network or a terminal exits;
the sending unit is configured to notify each non-access point terminal in the ad hoc network of the updated password;
the second receiving unit is configured to receive the updated ad hoc network password notified by the access point terminal when the terminal is determined to be a non-access point terminal;
the encryption and decryption unit is also used for encrypting the service information by using the updated password when the service information is sent; and when the service information is received, decrypting the service information by using the updated password.
18. The cryptographic authentication terminal of claim 17, wherein the terminal further comprises: a third receiving unit and an establishing unit; wherein,
the third receiving unit is used for receiving the ad hoc network request message sent by the other terminal through the WIFI network or the Bluetooth network;
the authentication unit also authenticates the other terminals;
and the establishing unit is used for establishing connection with the other terminals and generating the ad hoc network after the authentication is successful.
19. The encryption authentication terminal of claim 18, further comprising an assigning unit for assigning IP addresses to all terminals of the ad hoc network when the terminal is determined as the access point terminal.
20. The cryptographic authentication terminal of claim 19, wherein the cryptographic unit comprises: a receiving subunit, a sending subunit and a generating subunit; wherein,
the receiving subunit is configured to receive terminal information sent by a non-access point terminal when the terminal is determined to be an access point terminal; generating a password of the ad hoc network containing the terminal information; wherein the terminal information includes at least one of the following information: a terminal user name, an IP address and a terminal ID;
the sending subunit is configured to send terminal information to the access point terminal when the terminal is determined to be a non-access point terminal;
and the generating subunit is used for generating the self-organized network password containing the terminal information.
21. The cryptographic authentication terminal of claim 16, 18, 19 or 20, characterized in that the authentication unit comprises: the method comprises the steps of obtaining a subunit, a matching subunit and a determining subunit; wherein,
the acquiring subunit is configured to acquire terminal information of an access terminal;
the matching subunit is used for matching the acquired terminal information with the cached terminal information;
the determining subunit is configured to determine that the authentication of the access terminal is successful after the matching subunit is successfully matched; and after the matching fails, when the access terminal is determined to be a legal terminal according to the acquired terminal information, determining that the authentication on the access terminal is successful.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310244521.7A CN104243423A (en) | 2013-06-19 | 2013-06-19 | Ad-hoc network encryption and authentication method and system and terminals |
| PCT/CN2013/084974 WO2014201783A1 (en) | 2013-06-19 | 2013-10-10 | Encryption and authentication method, system and terminal for ad hoc network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310244521.7A CN104243423A (en) | 2013-06-19 | 2013-06-19 | Ad-hoc network encryption and authentication method and system and terminals |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104243423A true CN104243423A (en) | 2014-12-24 |
Family
ID=52103865
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310244521.7A Pending CN104243423A (en) | 2013-06-19 | 2013-06-19 | Ad-hoc network encryption and authentication method and system and terminals |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104243423A (en) |
| WO (1) | WO2014201783A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105979475A (en) * | 2016-05-11 | 2016-09-28 | 珠海市魅族科技有限公司 | Short-distance wireless connection method and terminals |
| CN108696879A (en) * | 2018-03-21 | 2018-10-23 | 深圳市海司恩科技有限公司 | Ad hoc network method, self-organizing network system and the storage medium of ultraviolet optical-fiber network |
| CN108834121A (en) * | 2018-07-02 | 2018-11-16 | 中国联合网络通信集团有限公司 | A kind of bluetooth equipment ad hoc network method and system |
| CN110366153A (en) * | 2019-07-17 | 2019-10-22 | 苏州佩林网络科技有限公司 | A kind of method of bluetooth ad hoc network |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1098489A3 (en) * | 1999-11-03 | 2002-07-10 | Nokia Corporation | Method and system for making wireless terminal profile information accessible to a network |
| CN1564514A (en) * | 2004-03-26 | 2005-01-12 | 中兴通讯股份有限公司 | Self arranged net mode shared key authentication and conversation key consulant method of radio LAN |
| CN102256248A (en) * | 2011-07-05 | 2011-11-23 | 淮阴工学院 | Scheme for managing Ad hoc group key |
| CN102685740A (en) * | 2012-03-29 | 2012-09-19 | 公安部第三研究所 | Short-distance wireless communication node and wireless communication method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102487503B (en) * | 2010-12-06 | 2014-04-16 | 中国航空工业集团公司第六三一研究所 | Method for managing multi-stage security dynamic group security keys |
| CN102857918A (en) * | 2012-10-12 | 2013-01-02 | 北京汽车股份有限公司 | Vehicle-mounted communication system |
-
2013
- 2013-06-19 CN CN201310244521.7A patent/CN104243423A/en active Pending
- 2013-10-10 WO PCT/CN2013/084974 patent/WO2014201783A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1098489A3 (en) * | 1999-11-03 | 2002-07-10 | Nokia Corporation | Method and system for making wireless terminal profile information accessible to a network |
| CN1564514A (en) * | 2004-03-26 | 2005-01-12 | 中兴通讯股份有限公司 | Self arranged net mode shared key authentication and conversation key consulant method of radio LAN |
| CN102256248A (en) * | 2011-07-05 | 2011-11-23 | 淮阴工学院 | Scheme for managing Ad hoc group key |
| CN102685740A (en) * | 2012-03-29 | 2012-09-19 | 公安部第三研究所 | Short-distance wireless communication node and wireless communication method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105979475A (en) * | 2016-05-11 | 2016-09-28 | 珠海市魅族科技有限公司 | Short-distance wireless connection method and terminals |
| CN105979475B (en) * | 2016-05-11 | 2020-01-07 | 珠海市魅族科技有限公司 | Method and terminal for short-range wireless connection |
| CN108696879A (en) * | 2018-03-21 | 2018-10-23 | 深圳市海司恩科技有限公司 | Ad hoc network method, self-organizing network system and the storage medium of ultraviolet optical-fiber network |
| CN108834121A (en) * | 2018-07-02 | 2018-11-16 | 中国联合网络通信集团有限公司 | A kind of bluetooth equipment ad hoc network method and system |
| CN108834121B (en) * | 2018-07-02 | 2021-04-02 | 中国联合网络通信集团有限公司 | A kind of bluetooth device ad hoc network method and system |
| CN110366153A (en) * | 2019-07-17 | 2019-10-22 | 苏州佩林网络科技有限公司 | A kind of method of bluetooth ad hoc network |
| CN110366153B (en) * | 2019-07-17 | 2022-08-05 | 苏州佩林软件技术有限公司 | Bluetooth ad hoc network method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014201783A1 (en) | 2014-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11178125B2 (en) | Wireless network connection method, wireless access point, server, and system | |
| CN113596828B (en) | End-to-end service layer authentication | |
| CN105706390B (en) | Method and apparatus for performing device-to-device communication in a wireless communication network | |
| US11246033B2 (en) | Authentication method, and related device and system | |
| CN103441997B (en) | Content sharing method, device and system | |
| CN110800331A (en) | Network verification method, related equipment and system | |
| KR20160078475A (en) | Key configuration method, system and apparatus | |
| US12382284B2 (en) | User equipment authentication and authorization procedure for edge data network | |
| US11968530B2 (en) | Network authentication for user equipment access to an edge data network | |
| CN104243423A (en) | Ad-hoc network encryption and authentication method and system and terminals | |
| CN103650457B (en) | A detection method, device and terminal device for shared access | |
| CN115460562A (en) | Secure and trusted peer-to-peer offline communication system and method | |
| JP5721183B2 (en) | Wireless LAN communication system, wireless LAN base unit, communication connection establishment method, and program | |
| CN114338132A (en) | Secret-free login method, client application, operator server and electronic equipment | |
| JP7076050B1 (en) | Devices, methods and programs for providing communication services to access IP networks | |
| CN113194471B (en) | Wireless network access method, device and terminal based on block chain network | |
| WO2016062000A1 (en) | Method, device and system for broadcasting and monitoring device-to-device limiting discovery service | |
| CN113132982A (en) | Data forwarding method and device, computer equipment and storage medium | |
| WO2022174399A1 (en) | User equipment authentication and authorization procedure for edge data network | |
| KR100463751B1 (en) | Method for generating packet-data in wireless-communication and method and apparatus for wireless-communication using that packet-data | |
| JP7076051B1 (en) | Devices, methods and programs for providing communication services to access IP networks | |
| CN118677602A (en) | Method, device, equipment and system for configuring key | |
| CN115412887B (en) | Distribution network method, device, system, equipment and storage medium | |
| JP2025072636A (en) | Apparatus, method and program for providing communication services for accessing IP networks | |
| CN115811751A (en) | A configuration information acquisition and configuration method, terminal equipment, and access point equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141224 |
|
| RJ01 | Rejection of invention patent application after publication |