CN107360570A - The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device - Google Patents
The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device Download PDFInfo
- Publication number
- CN107360570A CN107360570A CN201710485266.3A CN201710485266A CN107360570A CN 107360570 A CN107360570 A CN 107360570A CN 201710485266 A CN201710485266 A CN 201710485266A CN 107360570 A CN107360570 A CN 107360570A
- Authority
- CN
- China
- Prior art keywords
- wearable device
- bit
- data
- key
- sensing data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Power Engineering (AREA)
- User Interface Of Digital Computer (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses the lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, comprise the following steps:The sensing data of the acceleration transducer embedded in the different wearable device of user is obtained, the sensing data is that through randomness common shake produces the acceleration information with similar track to different wearable devices;High-pass filtering is carried out to the sensing data of acquisition, and carries out gliding smoothing filtration treatment;Error correction filtering is carried out to the sensing data of different wearable devices, specially abandons the bit-pattern point that adjacent difference is less than threshold value;Algorithm is quantified by the data bit of the numerical relation based on consecutive number strong point bit quantization is carried out to the sensing data after corrected filtering;Two wearable devices are held consultation, to co-own an identical safe key.
Description
Technical field
The present invention relates to the body area network in Internet of Things (BodySensorNetwork) field, more particularly to body area to sense
In device network, the key lightweight dynamic creation method of wearable computing embedded device.Including initial between wearable device
Key generates, sensing data processing and the generation of real-time session key.
Background technology
With the development of current wireless sensor network and wearable computing technology, wearable and embedded device is extensive
Apply in different fields (including telemedicine field) on ground.The safety issue of wearable device has obtained increasing pass
Note.Data involved by these are worn in the equipment with human body are related to the individual privacy of user, therefore for place
The communication security of equipment room in body area sensing network ensures to become particularly significant.On the other hand, due to wearable device
Application characteristic condition limits, its hardware capabilities such as limited ability such as runnability, continuation of the journey.And traditional encipherment scheme such as public key adds
The computing of dense body requires excessive so that this kind of scheme is not well suited for applying on this kind of wearable device.
Leading to when the key generation between wearable device and management method depend primarily on the connection between equipment at present
Letter pattern (such as Wi-Fi, Bluetooth communication).It is for the nothing between equipment (e.g., computer, mobile phone) at the beginning of these conceptual designs
Line communicates, and does not account for this kind of wearable device of low power consuming requirement.By taking Bluetooth communication as an example, the Secure Communication of bluetooth
In with reference to traditional Diffle-Hellman key agreement schemes, it is this kind of based on the scheme of asymmetric encipherment system because it is multiple
Miscellaneous computing requirement, and it is not suitable for wearable device.And because these schemes need substantial amounts of operational performance when producing key,
Decline so as to result in the endurance of these many wearable devices, therefore have impact on Consumer's Experience.Wearable set for these
During standby design key managing project, it is necessary to consider enough securities of scheme and lightweight it is efficient between equilibrium, this two
It is a mutually contradictory requirement between person, so as to and be run into currently for the research institute of the key managing project of wearable device
A Major Difficulties.
The content of the invention
The technical problem to be solved in the present invention is the asymmetrical encryption approach for needing complex calculation in the prior art
The defects of being not suitable for wearable device, there is provided a kind of lightweight real-time cipher key generation method suitable for wearable device and be
System.
The technical solution adopted for the present invention to solve the technical problems is:
The lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, bag are provided
Include following steps:
S1, the sensing data for obtaining the acceleration transducer embedded in the different wearable device of user, the sensing data
For different wearable devices, through randomness common shake produces the acceleration information with similar track;
S2, the sensing data to acquisition carry out high-pass filtering, and carry out gliding smoothing filtration treatment;
S3, the sensing data to different wearable devices carry out error correction filtering, specially abandon adjacent difference less than threshold value
Bit-pattern point;
S4, algorithm quantified to the sensing after corrected filtering by the data bit of the numerical relation based on consecutive number strong point
Data carry out bit quantization;
S5, two wearable devices are held consultation, to co-own an identical safe key, specific negotiations process bag
Include:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root
Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device
For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set
The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data
Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;
The checking sequence is: Wherein K is the
The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K
New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close
Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and
The integrality of data.
Connect above-mentioned technical proposal, in step S4, the data bit of the numerical relation based on consecutive number strong point quantifies algorithm tool
Body is:Compare the quantity difference size of current data point and previous data point, if current sample point is less than previous sample point,
The bit value that then current sample point quantifies is 1, is otherwise 0.
Connect above-mentioned technical proposal, in step S3, specially abandon the bit-pattern point that adjacent difference is less than 0.15.
Above-mentioned technical proposal is connect, this method also includes step:
S6, the real-time of embedded accelerometer sensor capture obtained in two wearable devices of body different parts add
Speed data;
S7, quantify real time acceleration number of the algorithm to acquisition by the data bit of the numerical relation based on consecutive number strong point
According to directly progress bit quantization processing;
S8, two different wearable devices each possess different random bit strings, utilize the shared key generated
Respective Bit String is encrypted, and the cryptographic Hash for calculating encrypted content is set with verification of data integrity, latter two right wearing
It is standby that ciphertext and cryptographic Hash are each sent to other side;
Decryption obtains in plain text after if S9, one of wearable device receive ciphertext, and verifies the cryptographic Hash of plaintext, if testing
Card passes through, then oneself existing random bit is serially added the Bit String received, generate new session key.
Perceived present invention also offers Behavior-based control action in a kind of Internet of Things wearable device based on the above method
Lightweight real-time cipher key generates system, including:
Sensing data acquisition module, the sensing of the acceleration transducer embedded in the wearable device different for obtaining user
Data, the sensing data are that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices
According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference
Less than the bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm pair by the data bit of the numerical relation based on consecutive number strong point
Sensing data after corrected filtering carries out bit quantization;
Negotiation module, held consultation for two wearable devices, to co-own an identical safe key, specific association
Business's process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root
Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device
For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set
The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data
Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;
The checking sequence is: Wherein K is the
The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K
New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close
Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and
The integrality of data.
Above-mentioned technical proposal is connect, the sensing data acquisition module, is additionally operable to obtain two positioned at body different parts
The real time acceleration data of embedded accelerometer sensor capture in wearable device;
The bit quantization processing module, it is additionally operable to quantify by the data bit of the numerical relation based on consecutive number strong point
Algorithm directly carries out bit quantization processing to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using
Respective Bit String is encrypted the shared key of generation, and calculates the cryptographic Hash of encrypted content with verification of data integrity,
Ciphertext and cryptographic Hash are each sent to other side by latter two right wearable device;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies
The cryptographic Hash of plaintext, if being verified, oneself existing random bit is serially added the Bit String received, generate new session
Key.
The beneficial effect comprise that:The present invention utilizes the sensor of common configuration in wearable device, allows user
Initial key can be quickly and efficiently generated in a device, and human action can be utilized to produce during using wearable device
Raw sensing data produces real-time cipher key.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the overall plan flow chart of the embodiment of the present invention;
Fig. 2 is collaborative share key product process figure of the embodiment of the present invention based on human body gesture and action;
Fig. 3 is real-time cipher key generation method of the embodiment of the present invention based on human action.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples
The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only to explain the present invention, not
For limiting the present invention.
For combining human body to the communication security requirements wearable device and its consideration of ardware feature, the present invention at present
The embedded accelerometer sensor of action and Wearable proposes following methods.
1. perception random digit generation method and its key establishing method based on human body gesture and action
Main flow is mainly with data based on the key generation scheme for wearable device utilized to sensor at present
Based on common trait is excavated.Such scheme, which generally requires, carries out a series of change, processing, feature mining to sensing data
Deng, therefore have certain power consumption in data handling procedure.
The data of identical (or similar) are obtained in accelerometer sensor so as to generate pair realizing to utilize in distinct device
In the scheme for claiming key, a more direct efficiently method is to allow equipment with the associated movement of identical track, that is, allows user
Different equipment (e.g., wrist-watch, wearable portable sphygmomanometer) is shaken with carrying out randomness jointly, so as to produce with phase
Like the acceleration information of track.And this method can have been reduced or remitted and consumed energy caused by most of progress data handling procedure, and
This method has lightweight advantage, therefore is particularly suitable for using in the Sensor Network of body domain.
Meanwhile this random-number generating method is not based on the pseudo-random function generation of mathematics, but it is based on physical characteristic
True random number, therefore, its random unpredictability is more preferable.
This method it is specific as follows:
1) after sensing data is obtained, carry out simply handling data first.(note:Due to being used in experiment
Equipment for operation Android operation system equipment, Android sensor exploitation official document in illustrates such as to obtain in Android device
Accurate acceleration information, the initial data of acquisition need to first pass through high-pass filtering processing to reduce or remit the interference of gravity, therefore below
The data for regarding initial data to handle by high-pass filtering).Data carry out simple gliding smoothing filtering scheme, the program first
Data can be done with simple smoothing processing, some lofty data are carried out simple smooth.
Wherein SMA is that the smooth value calculated is, n is smoothing parameter (number of samples taken when i.e. smooth every time), in this hair
Bright middle n is arranged to 2 (i.e. each data point only carries out average smooth with previous data point), and M is that the upper limit of sample indexes
Value (this M~M- (n-1) individual sample point of sampling when calculating), PiFor i-th of sample point, SMAprevFor it is preceding once calculate it is flat
Sliding value.
Simple gliding smoothing filtering scheme can also solve when user shake at random in device procedures be likely to occur it is short
The regular shake of temporary property, and this kind of regular action is easier successfully to be imitated by potential adversary, therefore in our follow-up meetings
This kind of data are excluded.
2) before bit quantity is carried out to data, because the running orbit of user's equipment room when shaking equipment is not necessarily complete
Unanimously, therefore the obtained bit value of two equipment rooms may be variant.To this, we have proposed error correction filtering scheme.The program
Feature is that (0.15 this threshold value is the optimal value obtained in experimentation to bit of the adjacent difference of discarding less than 0.15, should
It is too short that value can effectively filter out the key length that most of inconsistent data point and will not making simultaneously finally gives).This
Be due to these consecutive points difference it is smaller, and the random noise in motion process can have more in the less sample of these differences
Big influence, so as to cause the data of two equipment rooms inconsistent, can effectively it be filtered using the error correction filtering scheme
Fall the impacted bit in this part, improve data consistency.
In addition, the situation of the issuable rule sexual act said before when user is shaking equipment at random also can
It is resolved.Due to the effect of the smooth filtering scheme of simple average, difference between the sample point of these adjacent rules can be by
In carried out average smooth processing and become very close (i.e. difference becomes very little).In this case, these data points will
By it is proposed that error correction filtering scheme processing procedure screen out, so as to ensure that the bit data finally given comes from
The shake action of user's randomness.
3) after above-mentioned filtering error correction filtering scheme is completed, can to sensing data carry out bit quantization (see below-
The data bit of numerical relation based on consecutive number strong point quantifies algorithm).
4) after equipment completes above procedure, by the sample abandoned between distinct device in progress error correction filter process can
Can be different, therefore two equipment need to hold consultation, and because negotiations process is related to intercommunication, therefore we with reference to
The security negotiation scheme that can resist opponent that Mathur is proposed, specific negotiations process are as follows:
A) sequence number for the sample point that oneself is abandoned in above-mentioned 2) step is sent to equipment 2 by equipment 1;
B) equipment 2 is screened according to the sequence received, and the sequence after the completion of screening obtained by equipment 2 is key.Examine
Considering opponent may be distorted to data in the transmission process of equipment 1 and (e.g., be deleted, increase), so as to cause final equipment
The key of a short length is can only obtain, and the key of short length is easily under attack.Therefore we provide, work as equipment
2 (depend on the encipherment scheme actually used) when finding that final key length is less than certain threshold value, that is, are considered as this time and consult to lose
Lose and terminate communication.
Otherwise, the sequence number of its sample point abandoned in above-mentioned 2) step is equally sent to equipment 1 by equipment 2, transmission
Content also includes one to sending the sequence obtained by data carry out HMAC operations, and the sequence is used for verification of data integrity and set
Standby 1 identity.
Wherein K generates key by equipment 2;M is transmission sequence;K ' is the new key that is generated by K;‖ is to combine to transport
Operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly.
C) equipment 1 carries out screening out the sample point for needing to abandon also according to the sequence received, is total to after the completion of screening
Enjoy key.Then key authentication HMAC sequences are utilized, it is effective so as to verify the identity of data sender's (i.e. equipment 1)
The integrality of property and data.
After negotiations process as above is completed, an identical safe key is just co-owned between two equipment.
Abandoned it should be noted that the key that equipment 1 generates is the sample point abandoned according to equipment 1,2;And equipment
1st, 2 initial data is quantified after user is shaken jointly and error correction is filtered, it is ensured that two equipment exist
The step for have sufficiently high accuracy rate.If the key difference of generation is larger, need to re-start.
2. the sensing data bit quantization algorithm of the difference relationship based on consecutive number strong point
The algorithm of existing sensing data bit quantization algorithm main flow is the calculation for the basic sample statistics that Muthur is proposed
Method.The main thought of the algorithm is the value for counting all sample points in certain window value first, and calculate one it is appropriate
The upper bound and floor value.To sensing data carry out quantizing process in, those more than the upper bound or less than lower bound and meet to
(physical condition depends on the demand of practical solution) sample point of fixed condition can correspondingly be quantified as bit 1 or 0.Considering
Under the present invention is by the use of human action data as the real background of data source, we have proposed a more suitably bit quantization to calculate
Method.
Because the generation of key acts from the randomness shake of user, therefore, bit quantity is being carried out to sensing data
During change, it should consider allow the bit data after quantifying that the randomness of user action can be reflected (i.e. by human body as far as possible
The randomness of action is converted into the randomness of quantized data, so as to ensure the security of data).
Based on above thought, we have proposed the calculation of the sensing data bit quantization of the numerical relation based on consecutive number strong point
Method.The algorithm is based on the quantity difference size for comparing current data point and previous data point, if current sample point is less than previous
Individual sample point, the then bit value quantified from current sample point are 1;Otherwise it is 0.
The algorithm is mainly characterized by, and the difference relationship between one section of adjacent ratio feature can reflect equipment at this
The situation of equipment acceleration or deceleration in the section time.Such as, if a series of sample point difference is just, equipment is entered in this time
Row accelerates.And the randomness of the shake action of user can be considered as adding for this unpredictability on by shake equipment
Speed or retarded motion, therefore the data after algorithm quantization can merge the randomness of physical action well, so as to improve
Information Security.
3. the real-time cipher key lightweight generation method based on human action
It is presently mainly base to carry out bit quantization in the sensing data to human action so as to generate the scheme of real-time cipher key
In the thought of feature extraction.As said before, this kind of thought may have when from the sensing data of body gait applying
Certain security deficiency, this is due to comparatively the feature of body gait compares fixation, this also means that have it is certain can
Energy property is successfully simulated.Therefore, caused key is also threatened by certain impersonation attack.
Based on the deficiency of current existing program, the present invention proposes one using raw sensory data caused by human action
The random bit string of high security is generated so as to generate the method for real-time cipher key, method is specific as follows:
1) the embedded accelerometer sensor in the wearable device of body different parts captures real-time acceleration information.
2) to initial data without it is any processing directly carry out bit quantization processing, quantizing process use it is proposed that base
The optimized algorithm of algorithm in 2.
The main process of the optimized algorithm is as follows:Compared based on the difference relationship between adjacent data point, it is little to difference
All sample points in 0.15 carry out bit quantization:If current sample point is less than previous sample point and difference is not more than 0.15, amount
Change value is 1;If current sample point is more than previous sample point and difference is not less than -0.15, quantized value 0.0.15 threshold value is real
The optimal value verified during testing, the value can ensure to have enough data to be quantified as cipher key source while also protect
Having demonstrate,proved the data after quantifying has enough securities.
The main thought of the algorithm is as follows:Embedded sensors in equipment can operationally be mingled with acquired data
Each noise like (e.g., uncertain noise of hardware inherent characteristic etc.), this noise like can influence the acceleration number of degrees of sensor acquisition
According to, but actually the disturbance degree of the data of these noises pair depends on the size of actual acceleration information.That is, if equipment is real
The acceleration on border is very big, and the proportion that noise is influenceed is relatively small.On the other hand, if the actual acceleration magnitude of equipment not
Greatly, this noise like can just play the influence of larger proportion scope in these samples.Therefore, it is proposed that optimized algorithm it is special
Meaning screened the less sample point of this kind of difference as quantized samples source because these sample sources gather when by noise shadow
Sound is larger, so as to improve the unpredictability of data and randomness.
After above procedure is completed, two different equipment each possess different random bit strings.
3) respective Bit String is encrypted using the shared key generated for two equipment rooms, and is calculated in encryption
The cryptographic Hash of appearance is as verification of data integrity.Ciphertext and cryptographic Hash are each sent to other side by latter two right equipment.
4) decryption obtains in plain text after equipment receives ciphertext, and verifies the cryptographic Hash of plaintext.If being verified, oneself
Existing random bit serially adds the Bit String being subject to, and generates new session key.
Above procedure can automate progress in real time in user action process (such as walking, motion) process, be continuously generated
New key.So as to the real-time of implementation.
The lightweight that Behavior-based control action perceives in Internet of Things wearable device of the embodiment of the present invention based on the above method
Real-time cipher key generates system, including:
Sensing data acquisition module, the sensing of the acceleration transducer embedded in the wearable device different for obtaining user
Data, the sensing data are that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices
According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference
Less than the bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm pair by the data bit of the numerical relation based on consecutive number strong point
Sensing data after corrected filtering carries out bit quantization;
Negotiation module, held consultation for two wearable devices, to co-own an identical safe key, specific association
Business's process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root
Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device
For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set
The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data
Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;
The checking sequence is: Wherein K is the
The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K
New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close
Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and
The integrality of data.
Above-mentioned technical proposal is connect, the sensing data acquisition module, is additionally operable to obtain two positioned at body different parts
The real time acceleration data of embedded accelerometer sensor capture in wearable device;
The bit quantization processing module, it is additionally operable to quantify by the data bit of the numerical relation based on consecutive number strong point
Algorithm directly carries out bit quantization processing to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using
Respective Bit String is encrypted the shared key of generation, and calculates the cryptographic Hash of encrypted content with verification of data integrity,
Ciphertext and cryptographic Hash are each sent to other side by latter two right wearable device;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies
The cryptographic Hash of plaintext, if being verified, oneself existing random bit is serially added the Bit String received, generate new session
Key.
To sum up, the present invention is realized following excellent based on the utilization to universal built-in accelerometer sensor in wearable device
Point:1st, randomly generate but high efficiency:We have proposed one to allow user to carry out the dynamic of randomness to these portable wearable devices
Work, posture etc. (including common shake), so as to efficiently by producing randomness symmetric key from belt sensor;2nd, it is random to perceive
Quantization homogeneity:An it is proposed that lightweight based on the size of the difference relation between more adjacent sensing data point
5 bit quantization method;3rd, key produces strategy and method:The present invention proposes the real-time dynamic key generation side of a lightweight
Method, this method directly can be used as real-time cipher key by the use of the initial data in sensor to generate the random number of high security.
It should be appreciated that for those of ordinary skills, can according to the above description be improved or converted,
And all these modifications and variations should all belong to the protection domain of appended claims of the present invention.
Claims (6)
1. the lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, its feature exist
In comprising the following steps:
S1, the sensing data for obtaining the acceleration transducer embedded in the different wearable device of user, the sensing data is not
Through randomness common shake produces the acceleration information with similar track to same wearable device;
S2, the sensing data to acquisition carry out high-pass filtering, and carry out gliding smoothing filtration treatment;S3, to different wearable devices
Sensing data carry out error correction filtering, specially abandon adjacent difference be less than threshold value bit-pattern point;
S4, algorithm quantified to the sensing data after corrected filtering by the data bit of the numerical relation based on consecutive number strong point
Carry out bit quantization;
S5, two wearable devices are held consultation, and to co-own an identical safe key, specific negotiations process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device is according to receipts
To bit-pattern point sequence sensing data is screened, the screening of the second wearable device complete obtained by sensing data to be close
Key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearable device will
Its bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes carrying out to sending data
Checking sequence obtained by HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;Should
Verify that sequence is:HMAC (K, m)=H ((K ' ⊕ opad) ‖ H ((K ' ⊕ ipad) ‖ m)), wherein K is generated by the second wearable device
Key;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is the new key that is generated by K;‖ is knot
Close operator;⊕ is xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, and shared key is obtained after the completion of screening,
Then received checking sequence is verified using the shared key, to verify the identity validity of the first wearable device and data
Integrality.
2. according to the method for claim 1, it is characterised in that in step S4, the numerical relation based on consecutive number strong point
Data bit quantifies algorithm:Compare the quantity difference size of current data point and previous data point, if current sample
Point is less than previous sample point, then the bit value that current sample point quantifies is 1, is otherwise 0.
3. method according to claim 1 or 2, it is characterised in that in step S3, specially abandon adjacent difference and be less than
0.15 bit-pattern point.
4. according to the method for claim 1, it is characterised in that this method also includes step:
The real time acceleration that S6, the embedded accelerometer sensor obtained in two wearable devices of body different parts capture
Data;
S7, by the data bit of the numerical relation based on consecutive number strong point to quantify algorithm straight to the real time acceleration data of acquisition
Tap into the processing of row bit quantization;
S8, two different wearable devices each possess different random bit strings, using the shared key generated to each
From Bit String be encrypted, and it is each with verification of data integrity, latter two right wearable device to calculate the cryptographic Hash of encrypted content
Other side is sent to from ciphertext and cryptographic Hash;
If decryption obtains in plain text after S9, one of wearable device receive ciphertext, and verifies the cryptographic Hash of plaintext, if checking is logical
Cross, then oneself existing random bit is serially added the Bit String received, generate new session key.
A kind of 5. lightweight real-time cipher key life that Behavior-based control action perceives in Internet of Things wearable device based on claim 1
Into system, it is characterised in that including:
Sensing data acquisition module, the sensing number of the acceleration transducer embedded in the wearable device different for obtaining user
According to the sensing data is that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices
According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference and be less than
The bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm to through entangling by the data bit of the numerical relation based on consecutive number strong point
Miss the sensing data after filter and carry out bit quantization;
Negotiation module, hold consultation for two wearable devices, to co-own an identical safe key, specifically consulted
Journey includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device is according to receipts
To bit-pattern point sequence sensing data is screened, the screening of the second wearable device complete obtained by sensing data to be close
Key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearable device will
Its bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes carrying out to sending data
Checking sequence obtained by HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;Should
Verify that sequence is:HMAC (K, m)=H ((K ' ⊕ opad) ‖ H ((K ' ⊕ ipad) ‖ m)), wherein K is generated by the second wearable device
Key;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is the new key that is generated by K;‖ is knot
Close operator;⊕ is xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, and shared key is obtained after the completion of screening,
Then received checking sequence is verified using the shared key, to verify the identity validity of the first wearable device and data
Integrality.
6. system according to claim 5, it is characterised in that
The sensing data acquisition module, it is additionally operable to obtain the embedded acceleration in two wearable devices of body different parts
The real time acceleration data of flowmeter sensor capture;
The bit quantization processing module, it is additionally operable to quantify algorithm by the data bit of the numerical relation based on consecutive number strong point
Bit quantization processing is directly carried out to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using having generated
Shared key respective Bit String is encrypted, and calculate the cryptographic Hash of encrypted content with verification of data integrity, then
Ciphertext and cryptographic Hash are each sent to other side by two wearable devices;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies in plain text
Cryptographic Hash, if being verified, oneself existing random bit is serially added the Bit String received, it is close to generate new session
Key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710485266.3A CN107360570B (en) | 2017-06-23 | 2017-06-23 | Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710485266.3A CN107360570B (en) | 2017-06-23 | 2017-06-23 | Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107360570A true CN107360570A (en) | 2017-11-17 |
CN107360570B CN107360570B (en) | 2019-12-20 |
Family
ID=60273144
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710485266.3A Active CN107360570B (en) | 2017-06-23 | 2017-06-23 | Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107360570B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989309A (en) * | 2018-07-16 | 2018-12-11 | 苏州大学张家港工业技术研究院 | Encryption communication method and its encrypted communication device based on narrowband Internet of Things |
CN110753342A (en) * | 2019-10-18 | 2020-02-04 | 武汉大学 | Body area network equipment authentication and key agreement method based on channel characteristics |
CN111555872A (en) * | 2020-04-30 | 2020-08-18 | 平安科技(深圳)有限公司 | Communication data processing method, device, computer system and storage medium |
CN112104643A (en) * | 2020-09-11 | 2020-12-18 | 重庆邮电大学 | Encryption and decryption method for physical parameter characteristic value disturbance based on physical layer protocol data extraction random number |
CN113938274A (en) * | 2021-10-13 | 2022-01-14 | 北京积木信创数据技术有限公司 | Data security transmission method for wearable equipment |
CN114867027A (en) * | 2021-02-04 | 2022-08-05 | 中国科学院信息工程研究所 | Communication method and system applied to mobile equipment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102984704A (en) * | 2012-12-24 | 2013-03-20 | 中国地质大学(武汉) | Authentication and key agreement method and system between light-weight smart mobile phones |
CN103283175A (en) * | 2010-12-28 | 2013-09-04 | 日本电气株式会社 | Method of generating key |
-
2017
- 2017-06-23 CN CN201710485266.3A patent/CN107360570B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103283175A (en) * | 2010-12-28 | 2013-09-04 | 日本电气株式会社 | Method of generating key |
CN102984704A (en) * | 2012-12-24 | 2013-03-20 | 中国地质大学(武汉) | Authentication and key agreement method and system between light-weight smart mobile phones |
Non-Patent Citations (3)
Title |
---|
MOHAMMAD MASDARI等: "Key management in wireless Body Area Network: Challenges and issues", 《ELSEVIER》 * |
WEITAO XU等: "Gait-Key: A Gait-Based Shared Secret Key Generation Protocol for Wearable Devices", 《ACM TRANSACTIONS ON SENSOR NETWORKS》 * |
任伟等: "物联网自治安全适配层模型以及T2ToI中T2T匿名认证协议", 《计算机研究与发展》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989309A (en) * | 2018-07-16 | 2018-12-11 | 苏州大学张家港工业技术研究院 | Encryption communication method and its encrypted communication device based on narrowband Internet of Things |
CN108989309B (en) * | 2018-07-16 | 2021-10-08 | 苏州大学张家港工业技术研究院 | Encryption communication method and encryption communication device based on narrow-band Internet of things |
CN110753342A (en) * | 2019-10-18 | 2020-02-04 | 武汉大学 | Body area network equipment authentication and key agreement method based on channel characteristics |
CN110753342B (en) * | 2019-10-18 | 2022-05-13 | 武汉大学 | Body area network equipment authentication and key agreement method based on channel characteristics |
CN111555872A (en) * | 2020-04-30 | 2020-08-18 | 平安科技(深圳)有限公司 | Communication data processing method, device, computer system and storage medium |
CN112104643A (en) * | 2020-09-11 | 2020-12-18 | 重庆邮电大学 | Encryption and decryption method for physical parameter characteristic value disturbance based on physical layer protocol data extraction random number |
CN114867027A (en) * | 2021-02-04 | 2022-08-05 | 中国科学院信息工程研究所 | Communication method and system applied to mobile equipment |
CN113938274A (en) * | 2021-10-13 | 2022-01-14 | 北京积木信创数据技术有限公司 | Data security transmission method for wearable equipment |
CN113938274B (en) * | 2021-10-13 | 2024-03-22 | 北京积木信创数据技术有限公司 | Data security transmission method for wearable equipment |
Also Published As
Publication number | Publication date |
---|---|
CN107360570B (en) | 2019-12-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107360570A (en) | The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device | |
US11101986B2 (en) | Authentication processing service | |
CN105812126B (en) | Lightweight backup and the efficient restoration methods of healthy block chain data encryption key | |
CN112232527B (en) | Safe distributed federal deep learning method | |
CN104392534B (en) | Electronic voting method and device based on finger vein feature recognition | |
Lewis et al. | Real time motion-based authentication for smartwatch | |
Jiang et al. | Shake to communicate: Secure handshake acceleration-based pairing mechanism for wrist worn devices | |
Revadigar et al. | Accelerometer and fuzzy vault-based secure group key generation and sharing protocol for smart wearables | |
CN106059775B (en) | CFL manages mode implementation method concentratedly | |
CN107592311A (en) | Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network | |
CN106161035B (en) | CFL personal privacy protection mode implementation method | |
CN108989309A (en) | Encryption communication method and its encrypted communication device based on narrowband Internet of Things | |
CN108717666A (en) | Personalized vehicle insurance computational methods, system and terminal based on block chain | |
CN105608356A (en) | Password generation method and device, password authentication method and device as well as terminal | |
CN105450419A (en) | Method, device and system | |
Sun et al. | Accelerometer-based key generation and distribution method for wearable IoT devices | |
CN107370601A (en) | A kind of intelligent terminal, system and method for integrating a variety of safety certifications | |
KR20190125223A (en) | Electronic voting system and method thereof | |
Pourbemany et al. | A survey of wearable devices pairing based on biometric signals | |
Zhao et al. | Secure and usable handshake based pairing for wrist-worn smart devices on different users | |
CN105307164B (en) | A kind of authentication method of wearable device | |
CN107257283B (en) | Fingerprint verification method based on quantum figure state | |
Khadem et al. | An improved WBSN key-agreement protocol based on static parameters and hash functions | |
CN116168789A (en) | Multi-center medical data generation system and method | |
Chen et al. | LiReK: A lightweight and real-time key establishment scheme for wearable embedded devices by gestures or motions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210415 Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee after: Yami Technology (Guangzhou) Co., Ltd Address before: 430074 No. 388 Lu Lu, Hongshan District, Hubei, Wuhan Patentee before: CHINA University OF GEOSCIENCES (WUHAN CITY) |