CN109040096A - CAN bus data acquire cipher processing method and equipment - Google Patents

CAN bus data acquire cipher processing method and equipment Download PDF

Info

Publication number
CN109040096A
CN109040096A CN201810961918.0A CN201810961918A CN109040096A CN 109040096 A CN109040096 A CN 109040096A CN 201810961918 A CN201810961918 A CN 201810961918A CN 109040096 A CN109040096 A CN 109040096A
Authority
CN
China
Prior art keywords
data
bus
server
encryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810961918.0A
Other languages
Chinese (zh)
Inventor
王建设
宋长安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Tianqi Hydrogen Electric Equipment Co Ltd
Original Assignee
Jiangsu Tianqi Hydrogen Electric Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Tianqi Hydrogen Electric Equipment Co Ltd filed Critical Jiangsu Tianqi Hydrogen Electric Equipment Co Ltd
Priority to CN201810961918.0A priority Critical patent/CN109040096A/en
Publication of CN109040096A publication Critical patent/CN109040096A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40052High-speed IEEE 1394 serial bus
    • H04L12/40104Security; Encryption; Content protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

A kind of CAN bus data provided by the invention acquire cipher processing method, are related to CAN bus data collecting field, including acquiring the data in CAN bus in real time;The encrypted data that data in collected CAN bus are encrypted;Encrypted data are transmitted to server.CAN bus data provided by the invention acquire cipher processing method, by collected CAN bus data in real time, be timely uploaded to server, enhance timeliness, the safety of data, promote the efficiency of transmission of data.

Description

CAN bus data acquire cipher processing method and equipment
Technical field
The present invention relates to CAN bus data collecting fields more particularly to a kind of CAN bus data to acquire cipher processing method And equipment.
Background technique
CAN is the abbreviation of controller local area network, is by research and develop and produce the famous German BOSCH of automobile electronics Company's exploitation, and international standard is eventually become, the serial communication protocol of ISO International standardization.The high-performance of CAN bus and can It has been accepted by property, and has been widely used in industrial automation, ship, Medical Devices, industrial equipment etc..CAN bus Have become the STD bus of many national automobile computer control devices and built-in industrial control area net(CAN).
The collected data of each module of vehicle, which are transmitted, by CAN bus has become more and more car gages outfits, CAN bus data acquisition equipment is the data that transmit CAN bus mostly in hardware end immediate data solution in the prior art Analysis, be then packaged into after a certain size file with USB copy data or by 4G network by packed data file packet again It unpacks transmission, but CAN bus data acquisition equipment time delay in this way is very big, greatly reduces data transmission Efficiency, and cost is high, is unfavorable for the popularization and application of CAN bus technology.
Summary of the invention
In view of the above problems, a kind of CAN bus data acquisition cipher processing method provided by the invention and equipment, To solve in the prior art, CAN bus data acquisition equipment time delay is big, transmission efficiency is low, cost is high, safety is not high Problem.
To achieve the above object, technical solution provided by the invention are as follows:
CAN bus data provided by the invention acquire cipher processing method, comprising:
Data in acquisition CAN bus in real time;
The encrypted data that data in collected CAN bus are encrypted;
Encrypted data are transmitted to server.
CAN bus data provided by the invention acquire cipher processing method, it is preferable that " acquire CAN in real time in the step Before data in bus " further include:
Receive the parameter of server by utilizing public key encryption;
Using the parameter of private key decryption public key encryption, key is obtained using parameter and the encryption function operation set;
The step " the encrypted data for being encrypted the data in collected CAN bus " specifically: The data in collected CAN bus are subjected to the encrypted data that symmetric cryptography obtains using key.
CAN bus data provided by the invention acquire cipher processing method, it is preferable that " receive server in the step Utilize the parameter of public key encryption " before further include:
The step " parameter for receiving server by utilizing public key encryption " are as follows: receive the parameter of server by utilizing public key encryption And server identity information;
The step " using the parameter of private key decryption public key encryption, is obtained using parameter and the encryption function operation set To key " are as follows: utilize the parameter and server identity information of private key decryption public key encryption, authentication server identity information;
If server identity Information Authentication passes through, key is obtained using parameter and the encryption function operation set.
CAN bus data provided by the invention acquire cipher processing method, it is preferable that " utilize private key solution in the step The parameter of close public key encryption obtains key using parameter and the encryption function operation set " after,
Utilize server public key encryption key;
Encrypted key is sent to server.
CAN bus data provided by the invention acquire cipher processing method, it is preferable that the step is " public using server Key encryption key " are as follows: utilize server public key encryption key and equipment identity information;
The step " encrypted key is sent to server " are as follows: send out encrypted key and equipment identity information Give server.
A kind of CAN bus data provided by the invention acquire encryption processing apparatus, comprising: CAN bus data acquisition chip, Processor, network communication device and discrete data generator;The discrete data generator, the CAN bus data acquire core Piece, the network communication device are electrically connected with the processor;The processor executable program instructions, described program refer to Enable includes that above-mentioned CAN bus data acquire cipher processing method.
CAN bus data provided by the invention acquire encryption processing apparatus, it is preferable that further include controller;The control Device and the processor are electrically connected.
CAN bus data provided by the invention acquire encryption processing apparatus, it is preferable that further include electrically connecting with CAN bus The isolating chip connect, the isolating chip and the CAN bus data acquisition chip are electrically connected.
The technical scheme has the following advantages or beneficial effects:
CAN bus data acquisition cipher processing method, device and equipment provided by the invention, by using asymmetric encryption The mode combined with symmetric cryptography prevents server from acquiring data in encryption equipment communication process with CAN bus data and is usurped Change, it is ensured that safety;Meanwhile by collected CAN bus data in real time, be timely uploaded to server, enhance data Timeliness promotes the efficiency of transmission of data.
Detailed description of the invention
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, the present invention and its feature, outer Shape and advantage will become more apparent.Identical label indicates identical part in all the attached drawings.Not deliberately according to than Example draws attached drawing, it is preferred that emphasis is shows the gist of the present invention.
Fig. 1 is a kind of flow diagram of CAN bus data acquisition cipher processing method provided by the invention;
Fig. 2 is the another flow diagram of CAN bus data acquisition cipher processing method provided by the invention;
Fig. 3 is the another flow diagram of CAN bus data acquisition cipher processing method provided by the invention;
Fig. 4 is the structural schematic diagram of CAN bus data acquisition encryption processing apparatus provided by the invention.
Specific embodiment
The present invention is further illustrated with specific embodiment with reference to the accompanying drawing, but not as limit of the invention It is fixed.
Embodiment 1:
As shown in Figure 1, CAN bus data provided by the invention acquire cipher processing method, comprising:
S101: the data in acquisition CAN bus in real time;
S102: the encrypted data that the data in collected CAN bus are encrypted;
S103: encrypted data are transmitted to server.
By the way that the CAN bus digital data stream on real-time collected automobile is uploaded to server in real time, solve existing Have CAN bus data acquisition equipment in technology need to collect unpack after a certain amount of data are packaged transmit caused by time delay Problem, while in server-side processes related data, solve cost caused by needing processing locality equipment in the prior art High problem enhances the timeliness of data, promotes the efficiency of transmission of data, reduces production cost.
By by the CAN bus data flow on real-time collected automobile it is real-time encrypted after be uploaded to server again, thus The safety for ensuring data influences server and sentences to vehicle condition after preventing the CAN bus data of acquisition to be maliciously tampered It is disconnected.
As shown in Fig. 2, before step S101 acquires the data in CAN bus in real time further include:
S201: the parameter of server by utilizing public key encryption is received;
S202: it using the parameter of private key decryption public key encryption, is obtained using parameter and the encryption function operation set close Key;
Step S102: the encrypted data that the data in collected CAN bus are encrypted specifically: S203: the data in collected CAN bus are subjected to the encrypted data that symmetric cryptography obtains using key.
After factory, user is solid in CAN bus data acquisition encryption processing apparatus by way of software or hardware setting Change has public key, private key, and public key is configured into server.The server identity information and server public key of server can be directly It connects and is solidificated in CAN bus data acquisition encryption processing apparatus, can also be written by forms such as other software and hardwares.Server benefit With the public key of CAN bus data acquisition encryption processing apparatus, the parameter that encryption server determines, and encrypted parameter is sent Encryption processing apparatus is acquired to CAN bus data;The CAN bus data acquisition encryption processing apparatus for receiving the parameter of encryption utilizes Private key is decrypted to obtain parameter, parameter and predefined encryption function is calculated, the final result is as key; It is sent to server after carrying out symmetric cryptography to the data in collected CAN bus using key pair CAN, server by utilizing is same The key of sample is decrypted to obtain data.Encryption biography is carried out to the parameter for generating key by using the mode of asymmetric encryption It is defeated, it is ensured that the safety of parameter;Data are transmitted by the way of symmetric cryptography simultaneously, on the basis of guaranteeing data security, are mentioned High encryption/decryption speed, effectively ensures the actual effect of data transmission.
As shown in figure 3, step S201 " parameter for receiving server by utilizing public key encryption " is more particularly:
The parameter and server identity information of S301 reception server by utilizing public key encryption;
Step S202 " using the parameter of private key decryption public key encryption, is obtained using parameter and the encryption function operation set To key " it is more particularly:
Parameter and server identity information of the S302 using private key decryption public key encryption, authentication server identity information;
If S303 server identity Information Authentication passes through, key is obtained using parameter and the encryption function operation set.
Server uses server identity information and parameter when acquiring encryption processing apparatus Transfer Parameters to data together Data acquisition encryption processing apparatus is sent to after public key encryption, data are acquired after encryption processing apparatus receives and are decrypted using private key, Then authentication server identity information;If server identity Information Authentication passes through, parameter and the encryption function set are utilized Operation obtains key;If server identity Information Authentication does not pass through, illustrate that the parameter is insincere, it may be possible to which other equipment are pretended to be The identity server that disguises oneself as security consideration abandons the parameter.
As shown in Fig. 2, in step S202: using the parameter of private key decryption public key encryption, being added using parameter with what is set After close functional operation obtains key,
S204: server public key encryption key is utilized;
S205: encrypted key is sent to server.
It sends server after key is encrypted using server public key to, is obtained after the decryption of server by utilizing privacy key Key easily and safely transmits key at this point, server and CAN bus data acquisition encryption processing apparatus know key, So that server and CAN bus data acquisition encryption processing apparatus are able to carry out symmetric cryptography transmission.
As shown in figure 3, step S204 " utilizing server public key encryption key " is more particularly: S304 using server public affairs Key encryption key and equipment identity information;
Step S205 " encrypted key is sent to server " is more particularly: S305 for encrypted key and sets Standby identity information is sent to server.
When data acquisition encryption processing apparatus passes the keys to server, by key together with the identity information one of the equipment And after being encrypted with server public key, it is sent to server;Server is decrypted using privacy key after the receipt, and verifying is set Standby identity information;If equipment identity information verifying does not pass through, illustrate to have equipment that the identity data that disguise oneself as is pretended to be to acquire encryption Equipment abandons the key for security consideration.
It can be seen that the CAN bus data that the embodiment of the present invention 1 provides acquire cipher processing method, by using non-right The mode for claiming encryption to combine with symmetric cryptography prevents server and CAN bus data from acquiring number in encryption equipment communication process According to being tampered, it is ensured that safety;Meanwhile by collected CAN bus data in real time, be timely uploaded to server, enhance The timeliness of data promotes the efficiency of transmission of data.
Embodiment 2:
As shown in figure 4, the CAN bus data that the embodiment of the present invention 3 provides acquire encryption processing apparatus, comprising: CAN bus Data acquisition chip 1, processor 2, network communication device 3, discrete data generator 4 and controller 6;Discrete data generator 4, CAN bus data acquisition chip 1, network communication device be equal 3, controller 6 and processor 2 are electrically connected;Journey can be performed in processor 2 Sequence instruction, described program instruction include the CAN bus data acquisition cipher processing method that embodiment 1 provides.
By the acquisition CAN bus data flow in real time of CAN bus data acquisition chip 1, discrete data generator 4 is to collecting CAN bus data flow is encrypted, and encrypted CAN bus data flow is sent to by network communication device 3 by being connected to the network The encrypted CAN bus data flow received is decrypted in server, server.It is total to can control CAN by controller 6 Line number can be the entity control device of external button keyboard, be also possible to have according to the work of acquisition encryption processing apparatus There is the touch screen etc. of control software, it will not be described here.The connection of asymmetric encryption twice in embodiment 1 also utilizes net simultaneously Network communication device 3, discrete data generator 4 are completed.The workflow task that each functional component is completed by processor 2 according to The CAN bus data acquisition cipher processing method that embodiment 1 provides executes program instructions.
It should be noted that network communication device 3 is generally radio network communication devices, the shifting of telecom operators can be Dynamic network, if 4g is communicated, but it is not excluded that other, which can be realized, realizes the technological means communicated with server.
It further, further include the isolating chip 5 being electrically connected with CAN bus, isolating chip 5 and CAN bus data Acquisition chip 1 is electrically connected.
By the way that isolating chip 5 is arranged between CAN bus and CAN bus data acquisition chip 1, CAN bus is enabled to It is isolated between CAN bus data acquisition chip 1, CAN bus data acquisition chip is avoided to interfere number of buses when acquiring data According to.CAN bus data acquisition chip 1 unidirectional acquisition data simultaneously, do not upload data to CAN bus, do not interfere bus completely Data, it is ensured that bus safety.
It should be noted that the electric connection illustrated in embodiment 3 can be the electric connection for relying on circuit board, it can also To be the electric connection for relying on electric wire, specific signified connection type be skilled artisans appreciate that, be it is clear, Explicitly, here, the application does not repeat it.
It should be appreciated by those skilled in the art that those skilled in the art combine the prior art and above-described embodiment can be real The existing change case, it will not be described here.Such change case does not affect the essence of the present invention, and it will not be described here.
Presently preferred embodiments of the present invention is described above.It is to be appreciated that the invention is not limited to above-mentioned Particular implementation, devices and structures not described in detail herein should be understood as gives reality with the common mode in this field It applies;Anyone skilled in the art makes many possible changes and modifications not departing from technical solution of the present invention, or Equivalent example modified to equivalent change, this is not affected the essence of the present invention.Therefore, all without departing from skill of the present invention The content of art scheme, according to the technical essence of the invention any simple modification made to the above embodiment, equivalent variations and repair Decorations, all of which are still within the scope of protection of the technical scheme of the invention.

Claims (8)

1. a kind of CAN bus data acquire cipher processing method characterized by comprising
Data in acquisition CAN bus in real time;
The encrypted data that data in collected CAN bus are encrypted;
Encrypted data are transmitted to server.
2. CAN bus data as described in claim 1 acquire cipher processing method, which is characterized in that " real-time in the step Acquire the data in CAN bus " before further include:
Receive the parameter of server by utilizing public key encryption;
Using the parameter of private key decryption public key encryption, key is obtained using parameter and the encryption function operation set;
The step " the encrypted data for being encrypted the data in collected CAN bus " specifically: utilize Data in collected CAN bus are carried out the encrypted data that symmetric cryptography obtains by key.
3. CAN bus data as claimed in claim 2 acquire cipher processing method, which is characterized in that
The step " parameter for receiving server by utilizing public key encryption " are as follows: receive the parameter and clothes of server by utilizing public key encryption Business device identity information;
The step " using the parameter of private key decryption public key encryption, is obtained close using parameter and the encryption function operation set Key " are as follows: utilize the parameter and server identity information of private key decryption public key encryption, authentication server identity information;
If server identity Information Authentication passes through, key is obtained using parameter and the encryption function operation set.
4. CAN bus data as claimed in claim 2 acquire cipher processing method, which is characterized in that " utilized in the step Private key decrypts the parameter of public key encryption, obtains key using parameter and the encryption function operation set " after,
Utilize server public key encryption key;
Encrypted key is sent to server.
5. CAN bus data as claimed in claim 4 acquire cipher processing method, which is characterized in that the step " utilizes clothes Business device public key encryption key " are as follows: utilize server public key encryption key and equipment identity information;
The step " encrypted key is sent to server " are as follows: be sent to encrypted key and equipment identity information Server.
6. a kind of CAN bus data acquire encryption processing apparatus characterized by comprising CAN bus data acquisition chip, place Manage device, network communication device and discrete data generator;The discrete data generator, the CAN bus data acquisition chip, The network communication device is electrically connected with the processor;The processor executable program instructions, described program instruction Cipher processing method is acquired including CAN bus data described in Claims 1 to 4 any one.
7. CAN bus data as claimed in claim 6 acquire encryption processing apparatus, which is characterized in that further include controller;Institute It states controller and the processor is electrically connected.
8. CAN bus data as claimed in claim 6 acquire encryption processing apparatus, which is characterized in that further include and CAN bus The isolating chip of electric connection, the isolating chip and the CAN bus data acquisition chip are electrically connected.
CN201810961918.0A 2018-08-22 2018-08-22 CAN bus data acquire cipher processing method and equipment Pending CN109040096A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810961918.0A CN109040096A (en) 2018-08-22 2018-08-22 CAN bus data acquire cipher processing method and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810961918.0A CN109040096A (en) 2018-08-22 2018-08-22 CAN bus data acquire cipher processing method and equipment

Publications (1)

Publication Number Publication Date
CN109040096A true CN109040096A (en) 2018-12-18

Family

ID=64627895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810961918.0A Pending CN109040096A (en) 2018-08-22 2018-08-22 CAN bus data acquire cipher processing method and equipment

Country Status (1)

Country Link
CN (1) CN109040096A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601718A (en) * 2015-01-30 2015-05-06 西华大学 Remote real-time monitoring method of big-bus operating status, fuel consumption and exhaust gas emission and monitoring system thereof
CN106161449A (en) * 2016-07-19 2016-11-23 青松智慧(北京)科技有限公司 Transmission method without key authentication and system
CN106357681A (en) * 2016-11-02 2017-01-25 合肥工业大学 Security access and secret communication method of vehicle-mounted remote diagnostic services
CN107105060A (en) * 2017-05-27 2017-08-29 天津恒天新能源汽车研究院有限公司 A kind of method for realizing electric automobile information security
CN206575461U (en) * 2017-03-30 2017-10-20 上海岑延汽车电子科技有限公司 The data acquisition of vehicle-mounted ECU is with downloading equipment
US10009325B1 (en) * 2017-12-07 2018-06-26 Karamba Security End-to-end communication security

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601718A (en) * 2015-01-30 2015-05-06 西华大学 Remote real-time monitoring method of big-bus operating status, fuel consumption and exhaust gas emission and monitoring system thereof
CN106161449A (en) * 2016-07-19 2016-11-23 青松智慧(北京)科技有限公司 Transmission method without key authentication and system
CN106357681A (en) * 2016-11-02 2017-01-25 合肥工业大学 Security access and secret communication method of vehicle-mounted remote diagnostic services
CN206575461U (en) * 2017-03-30 2017-10-20 上海岑延汽车电子科技有限公司 The data acquisition of vehicle-mounted ECU is with downloading equipment
CN107105060A (en) * 2017-05-27 2017-08-29 天津恒天新能源汽车研究院有限公司 A kind of method for realizing electric automobile information security
US10009325B1 (en) * 2017-12-07 2018-06-26 Karamba Security End-to-end communication security

Similar Documents

Publication Publication Date Title
CN102572314B (en) Image sensor and payment authentication method
CN102916869B (en) Instant messaging method and system
CN102725995B (en) Method for establishing secure communication channel between nodes, equipment and operating method
JP2003337868A5 (en) Service providing system, apparatus terminal and processing method thereof, authentication apparatus and method, service providing apparatus and method, and program
CA2450601A1 (en) System and method for compressing secure e-mail for exchange with a mobile data communication device
CN105790927B (en) A kind of bus graded encryption system
CN105471815A (en) Internet-of-things data security method and Internet-of-things data security device based on security authentication
CN106301793B (en) A kind of method of PLC certifications and secure communication
CN110188558A (en) A kind of data processing method and relevant device
CN106888452A (en) The wireless encryption transceiver and method of data are transmitted wirelessly from computer at least one field apparatus
TWI553504B (en) A cloud encryption system and method
CN106411501A (en) Method and system for generating permission token and equipment
CN105516210A (en) System and method for terminal security access authentication
CN110572476B (en) Remote control method, device and equipment
CN102811203A (en) User identity identification method, system and user terminal in Internet
CN103701589A (en) Information transmission method and device based on virtual desktop system and relevant equipment
CN109040096A (en) CAN bus data acquire cipher processing method and equipment
CN110278077A (en) A kind of method, apparatus for obtaining electric energy meter data information, electronic equipment and storage medium
CN114285890B (en) Cloud platform connection method, device, equipment and storage medium
CN102411746B (en) Payment affirmation method, device and service platform equipment
CN104378383A (en) Online distribution line monitoring data terminal and safe and encrypted communication method of distribution lines
CN114338833A (en) Cross-heterogeneous protocol cooperative transmission method, system, terminal equipment and storage medium
CN202872816U (en) Instant messaging system
CN111818517A (en) Multi-channel secure communication module, communication system and method
CN112492274B (en) National secret encryption transmission equipment based on common network camera

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181218