A kind of data ciphering method of two-way interaction intelligent electric energy meter
Technical field
The present invention relates to field of data encryption, be specifically related to a kind of data ciphering method of two-way interaction intelligent electric energy meter.
Background technology
For promoting the interactive level of strong intelligent grid further, omnidirectional support electrical network is intelligent, interactive realization of goal, positive carrying and the promotion third time industrial revolution, strengthen participation and the perceptibility of Electricity customers, the world promoting smart grid electricity usage link leads status, have developed direct two-way interactive intelligent electric energy meter.This electric energy meter allows user to be read the data of electric energy meter inside by localized copy reading equipment (mobile phone, special kilowatt meter recorder).The networking of localization equipment may cause the information leakage of power consumer on the one hand, can bring adverse influence on the other hand to current existing acquisition system network.
Summary of the invention
For overcoming above-mentioned the deficiencies in the prior art, the invention provides a kind of data ciphering method of two-way interaction intelligent electric energy meter, identity verify is carried out to equipment, data encryption is carried out to electric energy meter data exchange process, both achieved the secure communication between electric energy meter and localized copy reading equipment, can not impact the performance of existing power information acquisition system again.
Realizing the solution that above-mentioned purpose adopts is:
A data ciphering method for two-way interaction intelligent electric energy meter, described method comprises:
(1) copy reading equipment and electric energy meter carry out identity verify mutually;
(2) copy reading equipment MCU sends data communications requests, starts transfer of data;
(3) copy reading equipment MCU accesses copy reading equipment ESAM, starts data encryption application, and copy reading equipment ESAM confirms that errorless backward copy reading equipment MCU returns confirmation;
(4) after copy reading equipment MCU receives confirmation, send the initial data needing to transmit to copy reading equipment ESAM, copy reading equipment ESAM encrypts it after receiving initial data, and the data after encryption are returned to copy reading equipment MCU;
(5) copy reading equipment MCU receives the data after encryption, sends data to electric energy meter MCU by physical transport layer;
(6), after electric energy meter MCU receives enciphered data, access electric energy meter ESAM, starts data deciphering application, and electric energy meter ESAM confirms that errorless backward electric energy meter MCU returns confirmation;
(7) electric energy meter MCU to receive encrypted data transmission after confirmation to electric energy meter ESAM to decrypt data, and the initial data after deciphering returns to electric energy meter MCU;
(8) electric energy meter MCU receives the initial data after deciphering, passes to electric energy meter, after electric energy meter receives data, returns corresponding result data to electric energy meter MCU according to the instruction responded in data;
(9) electric energy meter MCU accesses electric energy meter ESAM, starts data encryption, and electric energy meter ESAM confirms that errorless backward electric energy meter MCU returns confirmation;
(10) after electric energy meter MCU receives confirmation, the initial data needing to transmit is sent to electric energy meter ESAM, after electric energy meter ESAM receives initial data, utilize the cryptographic algorithm of its inside to encrypt initial data, and the data after encryption are returned to electric energy meter MCU;
(11) electric energy meter MCU receives the data after encryption, sends data to copy reading equipment MCU by physical transport layer;
(12) after copy reading equipment MCU receives enciphered data, access copy reading equipment ESAM, start data deciphering, copy reading equipment ESAM confirms that errorless backward copy reading equipment MCU returns confirmation;
(13) copy reading equipment MCU to receive encrypted data transmission after confirmation to copy reading equipment ESAM, copy reading equipment ESAM receives enciphered data, utilize the decipherment algorithm of its inside to decrypt data, and the initial data after deciphering is returned to copy reading equipment MCU.
Preferably, described identity verify comprises:
(1) copy reading equipment sends connection request and random number R 1 to electric energy meter;
(2) by electric energy meter, R1 is encrypted, produces random number R 2, R3 simultaneously
1ciphertext, by the ciphertext of R1, R2, R3
1ciphertext send to copy reading equipment;
(3) copy reading device decrypts comparison R1, if both are consistent, then completes the authentication of copy reading equipment to electric energy meter, deciphering R3
1ciphertext stores R3
1, encryption R2, produces R3
2ciphertext, by R3
1, R3
2store as arranging key R3, and by the ciphertext of R2, R3
2ciphertext send to electric energy meter;
(4) electric energy meter deciphering comparison R2, if both are consistent, then completes the authentication of electric energy meter to copy reading equipment, deciphering R3
2ciphertext stores R3
2, by R3
1, R3
2store as arranging key R3, and feed back authentication result to copy reading equipment.
Preferably, described electric energy meter comprises communication module and metering units;
Described communication module comprises electric energy meter ESAM and electric energy meter MCU.
Compared with prior art, the present invention has following beneficial effect:
1. the combine with technique symmetric and unsymmetric algorithm that accesses to your password carries out bidirectional identification discriminating, i.e. equipment identities legitimate verification, the checking of electric energy meter identity legitimacy.
2. the safety of communication data is ensure that by encryption and decryption technology.
3. produce encryption process key dispersion factor used by key agreement mechanisms, ensure that the fail safe of the data of equipment, but do not affect communication efficiency.
Accompanying drawing explanation
Fig. 1 is the safety knot composition of localized copy reading equipment provided by the invention and electric energy meter;
Fig. 2 is the identity verify flow process of localized copy reading equipment provided by the invention and intelligent meter;
Fig. 3 is the encryption and decryption flow process of localized copy reading equipment provided by the invention and intelligent meter.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.
Fig. 1 is the safety knot composition of localized copy reading equipment provided by the invention and electric energy meter; intelligent electric energy meter mainly comprises communication module and metering units; wherein the security protection of data encryption in communication module is provided by ESAM security module, and ESAM module is carried out protecting data encryption, ensured confidentiality, the completeness and efficiency of transmission data.The security protection of localization copy reading device data encryption is provided by ESAM security module, and ESAM module is carried out protecting data encryption, ensured confidentiality, the completeness and efficiency of transmission data.
Fig. 2 is the identity verify flow process of localized copy reading equipment provided by the invention and intelligent meter, and identity verify adopts the bidirectional identity authentication flow process based on the inside and outside certification of symmetric key, comprising:
(1) copy reading equipment sends connection request and random number R 1 to electric energy meter;
(2) by electric energy meter, R1 is encrypted, produces random number R 2, R3 simultaneously
1ciphertext, by the ciphertext of R1, R2, R3
1ciphertext send to copy reading equipment;
(3) copy reading device decrypts comparison R1, if both are consistent, then completes the authentication of copy reading equipment to electric energy meter, deciphering R3
1ciphertext stores R3
1, encryption R2, produces R3
2ciphertext, by R3
1, R3
2store as arranging key R3, and by the ciphertext of R2, R3
2ciphertext send to electric energy meter;
(4) electric energy meter deciphering comparison R2, if both are consistent, then completes the authentication of electric energy meter to copy reading equipment, deciphering R3
2ciphertext stores R3
2, by R3
1, R3
2store as arranging key R3, and feed back authentication result to copy reading equipment.
Security module is applied to electric energy meter and localized copy reading equipment by this method, integrated domestic cryptographic algorithm SM1, SM2, SM3 algorithm, and in security module, store up many keys, the function of every bar key is different, encryption, data deciphering etc. when being for reading identity verify, key agreement, data respectively.
When local device reading power meters, electric energy meter and equipment differentiate the legitimacy of the other side's identity mutually, after identity verify passes through, both sides carry out key agreement, and the communication data between double secret key intelligent meter through consultation and local copy reading equipment carries out all data encryption and decryption.The ciphertext copy reading order that electric energy meter accepting device sends, by agreement copy reading data after deciphering, ciphertext, to data encryption, is sent to copy reading equipment by security module, and equipment is deciphered by security module after accepting, and obtains needing data clear text.
Fig. 3 is the encryption and decryption flow chart of localized copy reading equipment and intelligent meter, mainly comprises:
(1) localized copy reading equipment MCU initiates data communications requests, and transfer of data starts.
(2) localized copy reading equipment MCU accesses localized copy reading equipment ESAM, starts data encryption, and localized copy reading equipment ESAM confirms that errorless backward localized copy reading equipment MCU returns confirmation.
(3) after localized copy reading equipment MCU receives confirmation, the initial data needing to transmit is sent to localized copy reading equipment ESAM, after localization copy reading equipment ESAM receives initial data, utilize the cryptographic algorithm of its inside to encrypt initial data, and the data after encryption are returned to localized copy reading equipment MCU.
(4) localized copy reading equipment MCU receives the data after encryption, sends data to electric energy meter MCU by physical transport layer.
(5), after electric energy meter MCU receives enciphered data, access electric energy meter ESAM, starts data deciphering, and electric energy meter ESAM confirms that errorless backward electric energy meter MCU returns confirmation.
(6) electric energy meter MCU to receive after confirmation by encrypted data transmission to electric energy meter ESAM, and electric energy meter ESAM receives enciphered data, utilizes the decipherment algorithm of its inside to decrypt data, and the initial data after deciphering is returned to electric energy meter MCU.
(7) electric energy meter MCU receives the initial data after deciphering, passes to electric energy meter, after electric energy meter receives data, returns corresponding result data to electric energy meter MCU according to the instruction responded in data.
(8) electric energy meter MCU accesses electric energy meter ESAM, starts data encryption, and electric energy meter ESAM confirms that errorless backward electric energy meter MCU returns confirmation.
(9) after electric energy meter MCU receives confirmation, the initial data needing to transmit is sent to electric energy meter ESAM, after electric energy meter ESAM receives initial data, utilize the cryptographic algorithm of its inside to encrypt initial data, and the data after encryption are returned to electric energy meter MCU.
(10) electric energy meter MCU receives the data after encryption, sends data to localized copy reading equipment MCU by physical transport layer.
(11) after localized copy reading equipment MCU receives enciphered data, access localized copy reading equipment ESAM, start data deciphering, localized copy reading equipment ESAM confirms that errorless backward localized copy reading equipment MCU returns confirmation.
(12) localized copy reading equipment MCU to receive encrypted data transmission after confirmation to localized copy reading equipment ESAM, localization copy reading equipment ESAM receives enciphered data, utilize the decipherment algorithm of its inside to decrypt data, and the initial data after deciphering is returned to localized copy reading equipment MCU.
(13), after localized copy reading equipment receives data, namely complete once localized copy reading equipment and communicate with the data encryption of two-way interaction intelligent electric energy meter.
Finally should be noted that: above embodiment is only for illustration of the technical scheme of the application but not the restriction to its protection range; although with reference to above-described embodiment to present application has been detailed description; those of ordinary skill in the field are to be understood that: those skilled in the art still can carry out all changes, amendment or equivalent replacement to the embodiment of application after reading the application; but these change, revise or be equal to replacement, all applying within the claims awaited the reply.