Development Of High-trust IoT Smart Home Based On Android

With the rapid development of Io T technology,Io T application scenarios emerge one after another,such as smart home,smart grid,smart city,smart medical care,Internet of vehicles and so on.Among them,the smart home industry is related to people’s living and transportation,but there are some security problems hidden in many brands of smart home products.First of all,there is the problem of universality in Application software design,which is reflected in the fact that users can add hardware devices of the same brand at will without authentication,so that users can control others’ devices beyond their authority.Secondly,when using App to control the hardware,there is often a lack of authentication and information security encryption on both the software and hardware sides,resulting in the hardware can be controlled by others or the control information can be stolen by others.Moreover,the future development of smart home will appear in the form of a whole,such as intelligent communities,should be generated in the form of batch one-time.The following design is made for these problems.First of all,in order to solve the problem of universality of software,software and control are separated.The App designed in this paper needs configuration files to dynamically generate the control interface.At the same time,the logical authentication process of configuration file is realized.This solves the problem of universality of the App and improves the way in which users can add controls themselves in traditional apps.At the same time,the configuration file also needs security protection and cannot be generated by the user.Therefore,the fingerprint information of the phone is added for encryption and authentication.Secondly,in order to cooperate with the configuration file generation,this paper designs the XML forest file generation algorithm in the server.In order to encrypt mobile phone fingerprint information,a chaotic Hash encryption algorithm is designed.For the transmission of configuration file security to achieve the function of mixed encryption.To limit permissions,the configuration file can only be generated by the server.The file format needs to conform to App framework logic,so XML text is used.The configuration file contains both authentication information and control information.In order to reduce the number of files,the paper modified the XML tree structure to the forest structure,which is conducive to reducing the fragmentation of data.The authentication information in the configuration file cannot be saved in plaintext.In this paper,chaotic Hash encryption algorithm is designed to encrypt the configuration information,improve the Hash process and add the key to participate in the Hash coupling to improve the ability of anti-brute force cracking,and avoid the disadvantages of collision between traditional MD and SHA Hash algorithms.Furthermore,ESP8266,the hardware end of smart home,designs two kinds of security protocols to communicate with App.One is to get the timestamp from the NTP server,and the other is ECDH based on elliptic curve encryption.The aim is to solve the problem that the control instruction is fixed and single and easy to be stolen and attacked.Dynamic instructions based on timestamp,simple instructions are improved and combined with timestamp and salt for Hash encryption to generate dynamic instructions.Based on the secure communication protocol of elliptic curve,ECDH is used to reach the key agreed by both parties,and dynamic instructions are generated by using different keys each time to complete the communication between App and ESP8266.Such a design would enable dynamic instructions that would prevent the middleman from replaying attacks based on a listening message.