CN111683081B - Method and device for secure transmission of data - Google Patents

Method and device for secure transmission of data Download PDF

Info

Publication number
CN111683081B
CN111683081B CN202010500301.6A CN202010500301A CN111683081B CN 111683081 B CN111683081 B CN 111683081B CN 202010500301 A CN202010500301 A CN 202010500301A CN 111683081 B CN111683081 B CN 111683081B
Authority
CN
China
Prior art keywords
index
messages
message
keys
dividing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010500301.6A
Other languages
Chinese (zh)
Other versions
CN111683081A (en
Inventor
庄登祥
朱帆
薛晶晶
王俊平
吕雷兵
于宁
许昕
刘备
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202010500301.6A priority Critical patent/CN111683081B/en
Publication of CN111683081A publication Critical patent/CN111683081A/en
Application granted granted Critical
Publication of CN111683081B publication Critical patent/CN111683081B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40006Architecture of a communication node
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN

Abstract

The application discloses a method and a device for data safety transmission, and relates to the technical field of automatic driving and intelligent vehicle connection. The specific implementation scheme is as follows: a sending end detects a message to be sent and acquires current state information; generating a first index based on the state information; inquiring a first secret key from a preset shared secret key book according to the first index; encrypting the message by adopting a symmetric encryption algorithm based on the first key to obtain an encrypted message; the encrypted message is sent over a communication link. The receiving end receives the encrypted message and acquires the current state information; generating a second index based on the state information; querying a second key from the shared key according to the second index; and decrypting the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain the message. This embodiment improves the security of data transmission.

Description

Method and device for secure transmission of data
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to the technical field of automatic driving.
Background
With the development of automatic driving technology, the automatic driving capability increasingly meets the application, and the market has to have extremely high requirements on the safety of the automatic driving vehicle. Particularly in scenarios involving passenger transport applications, such as autonomous buses. The safety of the automatic driving vehicle comprises not only functional safety but also information transmission safety. However, a communication link of the autonomous driving vehicle, particularly a Controller Area Network (CAN), has a leak, and once an attacker obtains an access right of the Controller, the attacker CAN send a forged message to enable the autonomous driving vehicle to be out of a normal driving state, thereby causing a great risk. How to ensure the transmission safety of the communication link is a problem to be solved urgently.
Disclosure of Invention
The disclosure provides a method, an apparatus, a device and a storage medium for secure transmission of data.
According to a first aspect of the present disclosure, there is provided a method for secure transmission of data, comprising: responding to the detected message to be sent, and acquiring current state information; generating a first index based on the state information; inquiring a first secret key from a preset shared secret key book according to the first index; encrypting the message by adopting a symmetric encryption algorithm based on the first key to obtain an encrypted message; the encrypted message is sent over a communication link.
According to a second aspect of the present disclosure, there is provided a method for secure transmission of data, comprising: acquiring current state information in response to receiving the encrypted message; generating a second index based on the state information; querying a second key from the shared key according to the second index; and decrypting the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain the message.
According to a third aspect of the present disclosure, there is provided an apparatus for secure transmission of data, comprising: an acquisition unit configured to acquire current state information in response to detection of a message to be transmitted; a generation unit configured to generate a first index based on the state information; a query unit configured to query a preset shared key book for a first key according to a first index; the encryption unit is configured to encrypt the message by adopting a symmetric encryption algorithm based on the first secret key to obtain an encrypted message; a transmitting unit configured to transmit the encrypted message over a communication link.
According to a fourth aspect of the present disclosure, there is provided an apparatus for secure transmission of data, comprising: an acquisition unit configured to acquire current state information in response to receiving the encrypted message; a generation unit configured to generate a second index based on the state information; a querying unit configured to query the shared key for the second key according to the second index; and the decryption unit is configured to decrypt the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain the message.
According to a fifth aspect of the present disclosure, there is provided a system for secure transmission of data, comprising: a transmitting end configured to perform the method of any one of the first aspects; a receiving end configured to perform the method of any one of the second aspects.
According to a sixth aspect of the present disclosure, there is provided an electronic apparatus, characterized by comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the first and second aspects.
According to a seventh aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions, characterized in that the computer instructions are for causing a computer to perform the method of any one of the first and second aspects.
According to an eighth aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of the first aspects.
According to the technology of the application, the problem that the data is tampered in the data transmission process is solved, and the safety of data transmission is improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present disclosure may be applied;
FIG. 2 is a flow diagram for one embodiment of a method for secure transmission of data, according to the present disclosure;
FIG. 3 is a flow diagram of yet another embodiment of a method for secure transmission of data according to the present disclosure;
FIG. 4 is a schematic diagram of one application scenario of a method for secure transmission of data according to the present disclosure;
FIG. 5 is a block diagram of one embodiment of an apparatus for secure transfer of data, according to the present disclosure;
FIG. 6 is a schematic block diagram illustrating an apparatus for secure transfer of data according to yet another embodiment of the present disclosure;
FIG. 7 is a schematic block diagram of a computer system suitable for use with an electronic device implementing embodiments of the present disclosure.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 shows an exemplary system architecture 100 to which embodiments of the method for secure transmission of data or the apparatus for secure transmission of data of the present application may be applied.
As shown in fig. 1, the system architecture 100 may include an unmanned vehicle 101.
The driverless vehicle 101 may have mounted therein a drive control device 1011, a communication link 1012, a laser radar 1013, and a chassis 1014. Communication link 1012 may include various connection types, such as a wired communication link (e.g., CAN) or a wireless communication link (e.g., WIFI), among others.
A driving control device (also called master) 1011 is responsible for intelligent control of the unmanned vehicle 101. The driving control device 1011 may be a separately provided Controller, such as a Programmable Logic Controller (PLC), a single chip microcomputer, an industrial Controller, or the like; or the equipment consists of other electronic devices which have input/output ports and have the operation control function; but also a computer device installed with a vehicle driving control type application.
The laser radar 1013 collects external environment information in real time, generates three-dimensional point cloud data, and transmits the three-dimensional point cloud data to the driving control device 1011. The chassis 1014 collects information such as the speed and the gear of the vehicle and transmits the information to the driving control device 1011. The driving control apparatus 1011 senses the environment around the vehicle by the laser radar 1013, thereby performing path planning of the vehicle. The driving control device 1011 also sends control commands to the chassis via the information collected by the chassis 1014 and the path planning information to control the driving direction and speed of the vehicle.
It should be noted that in practice, at least one sensor, such as a camera, a gravity sensor, a wheel speed sensor, etc., may also be installed in the unmanned vehicle 101. In some cases, the unmanned vehicle 101 may further include GNSS (Global Navigation Satellite system) equipment, SINS (Strap-down Inertial Navigation system S7 stem), and the like.
It should be noted that the method for secure data transmission provided in the embodiment of the present application is generally performed by the driving control device 1011 and the chassis 1014. Accordingly, means for safe transmission of data are generally provided in the driving control apparatus 1011 and the chassis 1014.
The driving control device 1011 and the chassis 1014 can both send messages and receive messages, and the end for sending messages is a sending end and the end for receiving messages is a receiving end. Steering control 1011 and chassis 1014 may function as both a transmitting side and a receiving side. The transmitting end and the receiving end form a system for data secure transmission. The transmitting end in the system performs steps 201-205 as shown in flow 200. The receiving end in the system performs steps 301-304 as shown in flow 300.
It should be understood that the number of steering control devices, communication links, chassis and lidar shown in fig. 1 is merely illustrative. There may be any number of steering control devices, communication links, chassis, and lidar, as desired for implementation.
With continued reference to fig. 2, a flow 200 of one embodiment of a method for secure transmission of data according to the present application is shown as applied to a transmitting end. The method for data secure transmission comprises the following steps:
step 201, in response to detecting a message to be sent, obtaining current state information.
In this embodiment, the execution subject (transmitting end, for example, the chassis shown in fig. 1) of the method for secure data transmission may generate a message according to the collected information, and prepare to transmit the message to the driving control device (receiving end). Alternatively, the sending end may also be a driving control device, and the driving control device may generate a control instruction into a message and prepare to send the message to the chassis (receiving end). The execution body acquires current state information after detecting that the message has been generated. The status information may include 2 types: 1. time increment, 2, number of messages sent. The time increment refers to the time increment from the time when the unmanned vehicle starts to time when being powered on to the current time. Whether the chassis or the driving control equipment is used, the number is counted when the message is sent. Similarly, the number of received messages can be counted when the messages are received.
Step 202, a first index is generated based on the state information.
In this embodiment, the index used for searching the key may be determined based on the time increment or the number of the transmitted packets, and in order to distinguish from the index found by the receiving end, the index generated by the transmitting end is referred to as a first index, and the index generated by the receiving end is referred to as a second index. The chassis and the driving control equipment (hereinafter referred to as the master control) store a shared key book, the shared key book is a set of all keys stored in sequence, and the corresponding keys can be inquired in an index inquiry mode, and the keys need to be strictly kept secret by both sides and are strictly forbidden to be leaked. If both parties generate the same index, the same key can be found in the shared key book, and correct decryption can be realized. The first index may be generated in 2 ways.
1. Generating an index based on the time increment: the automatic driving vehicle has a time service system, and the chassis and the master control calculate and query indexes according to the time service. In order to avoid the influence of time difference of time service, the synchronization accuracy of the transmitting and receiving parties is improved. The method adopts time increment calculation input, namely, the system is electrified initially, a chassis inquiry party and a master control inquiry party remember the current time, time increment is calculated once, and a first index is calculated according to the following formula:
index=round(dt/n)
where dt represents the time increment, n represents the number of keys in the shared key book, and the round () function represents the rounding. Rounding can be up rounding or down rounding, and the chassis and the master control are appointed to be in the same mode. The number of the keys can be designed according to the sending amount of the messages in a preset time in the chassis, for example, 100 keys are sent in one hour, and 100 keys can be set in the key book.
Optionally, the chassis and the master may also agree that the first index is a remainder obtained by dividing the time increment by the number of keys in the shared key book.
Optionally, the time increment is converted into a hash value based on a preset hash function, and then the hash value is divided by the number of keys in the shared key book, and the remainder is used as the first index. Any hash function known in the art may be used, and is not limited herein.
Although there will be a time difference between the time service to the chassis and the master, the calculated index is the same and the key is the same since the time increments are the same.
In some optional implementations of this embodiment, the method further includes: in response to receiving a time synchronization request including a standard delta, setting the standard delta to a base value of the time delta; the time increment is calculated in real time on the basis of the time increment. The timing system can send a time synchronization request comprising a standard increment at regular time. For synchronizing the chassis and master time increments. The chassis and the master control set the standard increment as a basic value of the time increment, and then calculate the time increment in real time on the basic value of the time increment. For example, 20ms receives a time synchronization request once, and after time increment synchronization, the chassis and the master control count themselves and calculate the time increment before the next time synchronization request arrives. Through periodic time increment synchronization, the accumulated error can be reduced, the time synchronization of the chassis and the master control is improved, and therefore the same key is found.
2. Generating an index based on the number of the sent messages: the chassis sends messages and the master control receives messages, and the sending counting and the receiving counting are respectively carried out. Similarly, the chassis receives the message and the master control sends the message, and respectively performs receiving counting and sending counting, so that the information synchronization of the receiving end and the sending end can be realized, and the index synchronization is realized. The formula for obtaining the first index from the number of messages sent is as follows.
index=round(cnt/n)
Wherein cnt represents the number of messages to be sent, n represents the number of keys in the shared key book, and round () function represents the rounding. Rounding can be up rounding or down rounding, and the chassis and the master control are appointed to be in the same mode.
Optionally, a remainder obtained by dividing the number of the transmitted messages by the number of the keys in the shared key book is used as the first index.
Optionally, the number of the sent packets is converted into a hash value based on a preset hash function, and then the hash value is divided by the number of the keys in the shared key book, and a remainder is used as a first index.
In some optional implementations of this embodiment, the method further includes: counting the total number of the sent messages at preset time intervals; generating a counting synchronization message with a preset identifier according to the total number of the sent messages; sending the count synchronization message over the communication link in an unencrypted manner.
In order to ensure that the counts are strictly the same, the number of messages sent by the sending end and the number of messages received by the receiving end need to be synchronized at regular time. Under normal conditions, the main control has larger data processing amount and higher reliability than a chassis, so the number of messages sent by the chassis can be used as a standard to synchronize the main control and the chassis. For example, the chassis CAN send unencrypted counting messages at a timing of 20ms, and a unique CAN id identifier (a receiving end CAN judge that the messages do not need to be decrypted according to the unique CAN id identifier) is used for checking the message count of the master controller and the chassis count, and if the checking results are different, the master controller CAN synchronize the messages consistent with the chassis. By calibrating the number of messages at regular time, the accumulated error can be reduced, and the synchronization accuracy is improved, so that the synchronization of the indexes of the receiving end and the transmitting end is realized.
It should be noted that the reason why the number of transmitted messages is transmitted in an unencrypted form is that if the count is not synchronized, the encrypted number of transmitted messages is not decrypted without fail, and thus the count cannot be synchronized. In addition, although the message quantity sent is sent in a non-encrypted form, even if an attacker intercepts and forges the message, only the key is inconsistent, decryption is failed, and finally the security protection of the automatic driving vehicle is triggered, but the automatic driving vehicle is not hijacked by the attacker.
In actual application, other query mechanisms can be designed and stored in the key query mechanism library, and two parties agree to adopt the same query mechanism.
Step 203, the first key is queried from the preset shared key according to the first index.
In this embodiment, the shared key book includes an index and a corresponding key. The first key may be queried based on the first index.
And step 204, encrypting the message by adopting a symmetric encryption algorithm based on the first key to obtain an encrypted message.
In the present embodiment, the same key can be used for both encryption and decryption of information by using the encryption method of the one-key cryptosystem, which is called symmetric encryption. Different encryption algorithms may be selected for different communication links. For example, since the CAN has a limit on the message length, an Encryption algorithm with a short ciphertext length, such as DES (Data Encryption Standard), is fast and suitable for encrypting a large amount of Data.
Step 205, the encrypted message is sent over a communication link.
In this embodiment, the communication link may be a CAN or other wired or wireless network. The receiving end may be a chassis or a master. The dynamic encryption mode is adopted, so that the safety can be improved, and the encrypted message is prevented from being cracked due to the leakage of the key book. Even if a hacker obtains the key book, the hacker does not know which key the sender uses for encryption and cannot crack the key book. Thereby improving the security of data transmission.
With continued reference to fig. 3, a flow 300 of one embodiment of a method for secure transmission of data according to the present application is shown as applied to a receiving end. The method for data secure transmission comprises the following steps:
step 301, in response to receiving the encrypted message, obtains current state information.
In the present embodiment, the execution subject (receiving end, for example, the chassis shown in fig. 1) of the method for secure transmission of data may receive the encrypted message from the driving control apparatus (transmitting end). Alternatively, the receiving end may also be a driving control device, and receives an encrypted message from the chassis (receiving end). And when the message is received, acquiring the state information of the current moment. The status information may include 2 types: 1. time increment, 2, number of received messages. The time increment refers to the time increment from the time when the unmanned vehicle starts to time when being powered on to the current time. Whether the chassis or the driving control equipment receives the message, the message is counted.
Step 302, generating a second index based on the state information.
In this embodiment, the second index may be generated with reference to the time increment based index generation process of step 202. A second index may also be generated based on the number of messages received. The chassis sends messages and the master control receives messages, and the sending counting and the receiving counting are respectively carried out. Similarly, the chassis receives the message and the master control sends the message, and the chassis respectively performs receiving counting and sending counting. The formula for obtaining the second index from the number of received messages is as follows.
index=round(cnt/n)
Wherein cnt represents the number of received messages, n represents the number of keys in the shared key book, and the round () function represents the rounding. Rounding can be up rounding or down rounding, and the chassis and the master control are appointed to be in the same mode.
Optionally, a remainder obtained by dividing the number of received messages by the number of keys in the shared key book is used as the second index.
Optionally, the number of received packets is converted into a hash value based on a preset hash function, and then the hash value is divided by the number of keys in the shared key book, and a remainder is used as a second index.
In some optional implementations of this embodiment, the method further includes: in response to receiving the counting synchronization message, setting the total number of sent messages in the counting synchronization message as a basic value of the number of received messages; and calculating the number of the received messages in real time on the basis of the number of the received messages.
In order to ensure that the counts are strictly the same, the number of messages sent by the sending end and the number of messages received by the receiving end need to be synchronized at regular time. Under normal conditions, the data volume processed by the main control is larger, the reliability is not high than that of the chassis, so the number of messages sent by the chassis can be used as a standard, and the main control and the chassis are synchronous. For example, the chassis CAN send unencrypted counting messages at a timing of 20ms, and a unique CAN id identifier (a receiving end CAN judge that the messages do not need to be decrypted according to the unique CAN id identifier) is used for checking the message count of the master controller and the chassis count, and if the checking results are different, the master controller CAN synchronize the messages consistent with the chassis.
It should be noted that the reason why the number of transmitted messages is transmitted in an unencrypted form is that if the count is not synchronized, the encrypted number of transmitted messages is not decrypted without fail, and thus the count cannot be synchronized. In addition, although the message quantity sent is sent in a non-encrypted form, even if an attacker intercepts and forges the message, only the key is inconsistent, decryption is failed, and finally safety protection of the automatic driving vehicle is triggered, but the attacker does not hijack the automatic driving vehicle.
In actual application, other query mechanisms can be designed and stored in the key query mechanism library, and two parties agree to adopt the same query mechanism.
Step 303, the second key is queried locally from the shared key according to the second index.
In this embodiment, the shared key book includes an index and a corresponding key. The second key may be queried based on the second index. If the calculated first index and the second index are the same, the resulting first key and the second key are also the same. Otherwise, different keys are obtained, and the decryption cannot be correctly performed.
And 304, decrypting the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain the message.
In this embodiment, the queried key is used to decrypt the encrypted message, and if the second key is the same as the first key, the message can be correctly resolved, otherwise, the message cannot be resolved. The dynamic encryption mode is adopted, so that the safety can be improved, and the encrypted message is prevented from being cracked due to the leakage of the secret key book. Even if a hacker obtains the key book, the hacker does not know which key the sender uses for encryption and cannot crack the key book. Thereby improving the security of data transmission.
With continued reference to fig. 4, fig. 4 is a schematic diagram of an application scenario of the method for secure transmission of data according to the present embodiment. In the application scenario of fig. 4, the chassis is a transmitting end, the driving control device is a receiving end, the communication link is a CAN bus, and the data transmission process is as follows:
1. when a sending end detects that a message is sent, generating an index1 according to the current state (such as time increment), and inquiring a key1 corresponding to the index1 from a key book;
2. the sending end encrypts an original sending message by using a DES encryption algorithm based on the key1 to obtain an encrypted message;
3. the sending end sends the encrypted message through the CAN, and the receiving end receives the encrypted message through the CAN;
4. the receiving end can also generate an index2 according to the current state (such as time increment) of the receiving end, and inquire a key2 corresponding to the index2 from the key book;
5. and the receiving end decrypts the message by using a DES decryption algorithm based on the key2 to obtain the original message.
Because DES is a symmetric encryption and decryption algorithm, the scheme requires that the keys key1 and key2 are strictly the same, otherwise decryption fails.
With further reference to fig. 5, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for secure data transmission, which corresponds to the method embodiment shown in fig. 2, and which may be applied in various electronic devices.
As shown in fig. 5, the apparatus 500 for data secure transmission of the present embodiment includes: acquisition section 501, generation section 502, inquiry section 503, encryption section 504, and transmission section 505. The obtaining unit 501 is configured to obtain current state information in response to detecting a message to be sent; a generating unit 502 configured to generate a first index based on the state information; a querying unit 503 configured to query the first key from a preset shared key book according to the first index; an encryption unit 504 configured to encrypt the message by using a symmetric encryption algorithm based on the first key to obtain an encrypted message; a sending unit 505 configured to send the encrypted message over a communication link.
In this embodiment, the specific processing of the acquiring unit 501, the generating unit 502, the querying unit 503, the encrypting unit 504 and the sending unit 505 of the apparatus 500 for secure data transmission may refer to step 201, step 202, step 203, step 204 and step 205 in the corresponding embodiment of fig. 2.
In some optional implementations of this embodiment, the status information includes: a time increment; the generating unit 502 is further configured to: generating the first index in any one of the following ways: dividing the time increment by the number of keys in the shared key book, and rounding the result to be used as a first index; or dividing the time increment by the number of the keys in the shared key book, and taking the remainder as a first index; or converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
In some optional implementations of this embodiment, the apparatus 500 further includes a time increment synchronization unit (not shown in the drawings) configured to: in response to receiving a time synchronization request including a standard delta, setting the standard delta to a base value of the time delta; the time increment is calculated in real time on the basis of the time increment.
In some optional implementations of this embodiment, the state information includes: the number of messages to be sent; the generating unit 502 is further configured to: generating the first index in any one of the following ways: dividing the number of the sent messages by the number of the keys in the shared key book, and rounding the result to be used as a first index; or dividing the number of the sent messages by the number of the keys in the shared key book, and taking the remainder as a first index; or converting the number of the sent messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
In some optional implementations of this embodiment, the apparatus 500 further includes a message quantity synchronization unit (not shown in the drawings), configured to: counting the total number of the sent messages at preset time intervals; generating a counting synchronization message with a preset identifier according to the total number of the sent messages; the count synchronization message is sent over the communication link in an unencrypted manner.
With further reference to fig. 6, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for secure data transmission, which corresponds to the method embodiment shown in fig. 3, and which may be applied in various electronic devices.
As shown in fig. 6, the apparatus 600 for data secure transmission of the present embodiment includes: an acquisition unit 601, a generation unit 602, an inquiry unit 603, and a decryption unit 604. The obtaining unit 601 is configured to obtain current state information in response to receiving the encrypted message; a generating unit 602 configured to generate a second index based on the state information; a querying unit 603 configured to query a second key from the shared secret key book according to the second index; a decryption unit 604 configured to decrypt the encrypted message by using a symmetric encryption algorithm based on the second key to obtain a message.
In this embodiment, the specific processing of the obtaining unit 601, the generating unit 602, the querying unit 603 and the decrypting unit 604 of the apparatus 600 for secure data transmission may refer to step 301, step 302, step 303 and step 304 in the corresponding embodiment of fig. 2.
In some optional implementations of this embodiment, the status information includes: a time increment; the generating unit 602 is further configured to: generating the second index in any one of the following ways: dividing the time increment by the number of the keys in the shared key book, and rounding the result to be used as a second index; or dividing the time increment by the number of the keys in the shared key book, and taking the remainder as a second index; or converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
In some optional implementations of this embodiment, the apparatus 600 further includes a time increment synchronization unit (not shown in the drawings) configured to: in response to receiving a time synchronization request including a standard increment, setting the standard increment to a base value of the time increment; the time increment is calculated in real time on the basis of the time increment.
In some optional implementations of this embodiment, the status information includes: the number of received messages; the generating unit 602 is further configured to: generating the second index in any one of the following ways: dividing the number of the received messages by the number of the keys in the shared key book, and rounding the result to be used as a second index; or dividing the number of the received messages by the number of the keys in the shared key book, and taking the remainder as a second index; or converting the number of the received messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
In some optional implementations of this embodiment, the apparatus 600 further includes a message quantity synchronization unit (not shown in the drawings), configured to: in response to receiving the counting synchronization message, setting the total number of sent messages in the counting synchronization message as a basic value of the number of received messages; and calculating the number of the received messages in real time on the basis of the number of the received messages.
There is also provided, in accordance with an embodiment of the present application, an electronic device, a readable storage medium, and a computer program product.
Fig. 7 is a block diagram of an electronic device for a method for secure data transmission according to an embodiment of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the applications described and/or claimed herein.
As shown in fig. 7, the electronic apparatus includes: one or more processors 701, a memory 702, and interfaces for connecting the various components, including a high-speed interface and a low-speed interface. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). In fig. 7, one processor 701 is taken as an example.
The memory 702 is a non-transitory computer readable storage medium as provided herein. Wherein the memory stores instructions executable by at least one processor to cause the at least one processor to perform the method for secure transfer of data provided herein. The non-transitory computer readable storage medium of the present application stores computer instructions for causing a computer to perform the method for secure transmission of data provided herein.
The memory 702 is a non-transitory computer-readable storage medium, and may be used to store non-transitory software programs, non-transitory computer-executable programs, and modules, such as program instructions/modules corresponding to the method for secure transmission of data in the embodiment of the present application (for example, the obtaining unit 501, the generating unit 502, the querying unit 503, the encrypting unit 504, and the sending unit 505 shown in fig. 5). The processor 701 executes various functional applications of the server and data processing by executing non-transitory software programs, instructions, and modules stored in the memory 702, that is, implements the method for secure transmission of data in the above method embodiments.
The memory 702 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the electronic device for secure transmission of data, and the like. Further, the memory 702 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 702 may optionally include memory located remotely from the processor 701, which may be connected to an electronic device for secure transfer of data via a communications link. Examples of such communication links include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The electronic device of the method for secure transmission of data may further include: an input device 703 and an output device 704. The processor 701, the memory 702, the input device 703 and the output device 704 may be connected by a bus or other means, as exemplified by a bus connection in fig. 7.
The input device 703 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic apparatus for secure transmission of data, such as a touch screen, keypad, mouse, track pad, touch pad, pointer stick, one or more mouse buttons, track ball, joystick, or other input device. The output devices 704 may include a display device, auxiliary lighting devices (e.g., LEDs), and tactile feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.
Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a communications link browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
According to the technical scheme of the embodiment of the application, the data transmission safety is improved by encrypting in a dynamic key mode.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (23)

1. A method for data secure transmission is applied to a transmitting end and comprises the following steps:
responding to the detected message to be sent, acquiring current state information, wherein the state information comprises the number of the sent messages or the time increment from the time when the unmanned vehicle is powered on to the current time, the chassis sends the unencrypted messages for counting at regular time, the counted messages are used for master control to check the message count of the master control and the chassis count, and if the check results are different, the master control synchronizes into the messages consistent with the chassis;
generating a first index based on the state information, including: dividing the time increment by the number of keys in a shared key book and taking the whole result as a first index, or dividing the number of the sent messages by the number of keys in the shared key book and taking the whole result as the first index;
inquiring a first secret key from a preset shared secret key according to the first index;
encrypting the message by adopting a symmetric encryption algorithm based on the first key to obtain an encrypted message, wherein different encryption algorithms are selected for different communication links;
and sending the encrypted message through a communication link.
2. The method of claim 1, wherein the status information comprises: a time increment;
the generating the first index based on the state information may further generate the first index in any one of the following manners:
dividing the time increment by the number of keys in the shared key book, and taking the remainder as a first index; or
And converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
3. The method of claim 2, wherein the method further comprises:
in response to receiving a time synchronization request including a standard delta, setting the standard delta to a base value of the time delta;
the time increment is calculated in real time over a base value of the time increment.
4. The method of claim 1, wherein the status information comprises: the number of messages to be sent;
the generating the first index based on the state information may further generate the first index in any one of the following manners:
dividing the number of the sent messages by the number of the keys in the shared key book, and taking the remainder as a first index; or
And converting the number of the sent messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
5. The method of claim 4, wherein the method further comprises:
counting the total number of the sent messages at preset time intervals;
generating a counting synchronization message with a preset identifier according to the total number of the sent messages;
sending the count synchronization message over the communication link in an unencrypted manner.
6. A method for data secure transmission is applied to a receiving end and comprises the following steps:
acquiring current state information in response to receiving an encrypted message generated by a transmitting end according to the method of any one of claims 1-5;
generating a second index based on the state information;
querying a second key from the shared key according to the second index;
and decrypting the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain the message, wherein different decryption algorithms are selected for different communication links.
7. The method of claim 6, wherein the status information comprises: a time increment;
the generating a second index based on the state information comprises:
generating the second index in any one of the following ways:
dividing the time increment by the number of keys in the shared key book, and rounding the result to be used as a second index; or
Dividing the time increment by the number of keys in the shared key book, and taking the remainder as a second index; or
And converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
8. The method of claim 7, wherein the method further comprises:
in response to receiving a time synchronization request including a standard delta, setting the standard delta to a base value of the time delta;
calculating a time increment in real time over a base value of the time increment.
9. The method of claim 6, wherein the status information comprises: the number of received messages;
the generating a second index based on the state information comprises:
generating the second index in any one of the following ways:
dividing the number of the received messages by the number of the keys in the shared key book, and rounding the result to be used as a second index; or
Dividing the number of the received messages by the number of the keys in the shared key book, and taking the remainder as a second index; or
And converting the number of the received messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
10. The method of claim 9, wherein the method further comprises:
in response to receiving a counting synchronization message, setting the total number of sent messages in the counting synchronization message as a basic value of the number of received messages;
and calculating the number of the received messages in real time on the basis value of the number of the received messages.
11. An apparatus for secure transmission of data, comprising:
the acquisition unit is configured to acquire current state information in response to the detection of a message to be sent, wherein the state information comprises the number of the sent messages or the time increment from the start of timing to the current moment when the unmanned vehicle is powered on, the chassis sends unencrypted messages for counting at regular time, the counted messages are used for master control to check the message count of the master control and the chassis count, and if the check results are different, the master control synchronizes to the messages consistent with the chassis;
a generating unit configured to generate a first index based on the state information, including: dividing the time increment by the number of keys in a shared key book and taking the whole result as a first index, or dividing the number of the sent messages by the number of keys in the shared key book and taking the whole result as the first index;
the inquiring unit is configured to inquire a first key from a preset shared key book according to the first index;
an encryption unit configured to encrypt the packet using a symmetric encryption algorithm based on the first key, resulting in an encrypted packet, wherein different encryption algorithms are selected for different communication links;
a sending unit configured to send the encrypted message over a communication link.
12. The apparatus of claim 11, wherein the status information comprises: a time increment;
the generation unit is further configured to:
generating the first index in any one of the following ways:
dividing the time increment by the number of keys in the shared key book, and taking the remainder as a first index; or
And converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
13. The apparatus of claim 12, wherein the apparatus further comprises a time increment synchronization unit configured to:
in response to receiving a time synchronization request including a standard increment, setting the standard increment to a base value of a time increment;
the time increment is calculated in real time over a base value of the time increment.
14. The apparatus of claim 11, wherein the status information comprises: the number of messages to be sent;
the generation unit is further configured to:
generating the first index in any one of the following ways:
dividing the number of the sent messages by the number of the keys in the shared key book, and taking the remainder as a first index; or
And converting the number of the sent messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a first index.
15. The apparatus of claim 14, wherein the apparatus further comprises a message number synchronization unit configured to:
counting the total number of the sent messages at preset time intervals;
generating a counting synchronization message with a preset identifier according to the total number of the sent messages;
sending the count synchronization message over the communication link in an unencrypted manner.
16. An apparatus for secure transmission of data, comprising:
an obtaining unit configured to obtain current status information in response to receiving an encrypted message sent by the apparatus according to any one of claims 11 to 15;
a generation unit configured to generate a second index based on the state information;
a querying unit configured to query a second key from the shared secret key book according to the second index;
and the decryption unit is configured to decrypt the encrypted message by adopting a symmetric encryption algorithm based on the second key to obtain a message, wherein different decryption algorithms are selected for different communication links.
17. The apparatus of claim 16, wherein the status information comprises: a time increment;
the generation unit is further configured to:
generating the second index in any one of the following ways:
dividing the time increment by the number of keys in the shared key book, and rounding the result to be used as a second index; or
Dividing the time increment by the number of keys in the shared key book, and taking the remainder as a second index; or
And converting the time increment into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
18. The apparatus of claim 17, wherein the apparatus further comprises a time increment synchronization unit configured to:
in response to receiving a time synchronization request including a standard delta, setting the standard delta to a base value of the time delta;
calculating a time increment in real time over a base value of the time increment.
19. The apparatus of claim 16, wherein the status information comprises: the number of received messages;
the generation unit is further configured to:
generating the second index in any one of the following ways:
dividing the number of the received messages by the number of the keys in the shared key book, and rounding the result to be used as a second index; or
Dividing the number of the received messages by the number of the keys in the shared key book, and taking the remainder as a second index; or
And converting the number of the received messages into a hash value based on a preset hash function, dividing the hash value by the number of the keys in the shared key book, and taking the remainder as a second index.
20. The apparatus of claim 19, wherein the apparatus further comprises a message number synchronization unit configured to:
in response to receiving a counting synchronization message, setting the total number of sent messages in the counting synchronization message as a basic value of the number of received messages;
and calculating the number of the received messages in real time on the basis value of the number of the received messages.
21. A system for secure transmission of data, comprising:
a transmitting end configured to perform the method of any one of claims 1-5;
a receiving end configured to perform the method of any one of claims 6-10.
22. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-10.
23. A non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1-10.
CN202010500301.6A 2020-06-04 2020-06-04 Method and device for secure transmission of data Active CN111683081B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010500301.6A CN111683081B (en) 2020-06-04 2020-06-04 Method and device for secure transmission of data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010500301.6A CN111683081B (en) 2020-06-04 2020-06-04 Method and device for secure transmission of data

Publications (2)

Publication Number Publication Date
CN111683081A CN111683081A (en) 2020-09-18
CN111683081B true CN111683081B (en) 2022-10-18

Family

ID=72434842

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010500301.6A Active CN111683081B (en) 2020-06-04 2020-06-04 Method and device for secure transmission of data

Country Status (1)

Country Link
CN (1) CN111683081B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112564889B (en) * 2020-12-04 2021-11-09 深圳市安室智能有限公司 Data encryption transmission method and related product
CN113612599B (en) * 2021-05-27 2023-09-26 国网浙江省电力有限公司台州供电公司 Lightweight electric power Internet of things communication encryption method based on preset key book
CN113328919B (en) * 2021-05-28 2023-10-10 江苏徐工工程机械研究院有限公司 CAN bus identifier, communication method and communication system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105897579A (en) * 2015-10-21 2016-08-24 乐卡汽车智能科技(北京)有限公司 Data transmission method and device
CN106853810A (en) * 2016-12-29 2017-06-16 北京车和家信息技术有限责任公司 Method, device, car body control module, vehicle and system that vehicle remote is controlled
CN109495175A (en) * 2018-11-07 2019-03-19 长沙天仪空间科技研究院有限公司 A kind of satellite-based laser communication system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101931623B (en) * 2010-07-06 2013-06-12 华南理工大学 Safety communication method suitable for remote control with limited capability at controlled end
US20180205729A1 (en) * 2017-01-13 2018-07-19 GM Global Technology Operations LLC Method and apparatus for encryption, decryption and authentication
CN108965218B (en) * 2017-05-25 2020-09-29 华为技术有限公司 Controller area network bus secure communication method, device and system
CN107809436B (en) * 2017-11-10 2020-04-21 北京世纪鼎点软件有限公司 Authority authentication method, encryption method, device and system for network video access
CN111193588B (en) * 2019-07-30 2021-06-08 腾讯科技(深圳)有限公司 Information processing method and device based on process and storage medium
CN110888933B (en) * 2019-10-31 2021-08-20 支付宝(杭州)信息技术有限公司 Information providing method, device and system and information acquisition method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105897579A (en) * 2015-10-21 2016-08-24 乐卡汽车智能科技(北京)有限公司 Data transmission method and device
CN106853810A (en) * 2016-12-29 2017-06-16 北京车和家信息技术有限责任公司 Method, device, car body control module, vehicle and system that vehicle remote is controlled
CN109495175A (en) * 2018-11-07 2019-03-19 长沙天仪空间科技研究院有限公司 A kind of satellite-based laser communication system

Also Published As

Publication number Publication date
CN111683081A (en) 2020-09-18

Similar Documents

Publication Publication Date Title
CN111683081B (en) Method and device for secure transmission of data
EP3916604A1 (en) Method and apparatus for processing privacy data of block chain, device, storage medium and coputer program product
JP6783587B2 (en) Lightweight, cyber-security two-way aircraft ground-to-ground data communication system (ACARS) transmission
US9374222B2 (en) Secure communication of data between devices
US11212671B2 (en) Method and system for securing communication links using enhanced authentication
WO2021022794A1 (en) Rdma-based data transmission method, network card, server and medium
CN110572400A (en) Vehicle OBD interface authentication method and device, electronic equipment and storage medium
CN110610101A (en) Data storage method, device, equipment and storage medium
CN112906037A (en) Communication encryption system, method and device
CN110011892A (en) A kind of communication means and relevant apparatus of Virtual Private Network
CN104102187B (en) Technique and/or manufacture and/or the anti-intervention for executing equipment are controlled
US10439807B2 (en) Communication device, communication system, and communication method
CN111448812A (en) Information transmission method, storage medium, information transmission system, and unmanned aerial vehicle
Yu et al. pSafety: privacy-preserving safety monitoring in online ride hailing services
CN111698086A (en) Method and device for data transmission
CN109104401B (en) Secure real-time based data transmission
JP6743898B2 (en) Communication device, communication method, communication system, and communication program
CN104243420A (en) Data encryption method for communication between integrated circuit factory automation system and equipment
CN103973674A (en) Method and device for synchronizing host and backup information
KR102220775B1 (en) System and method for encryption processing in terminal
CN114938304B (en) Method and system for safely transmitting industrial Internet of things data
US11528131B1 (en) Sharing access to data externally
CN116707937A (en) Encryption communication method, device, vehicle and storage medium
CN115484078A (en) Time synchronization method, device, electronic equipment and storage medium
Sharma et al. Secured event data recorder (edr) system for analysis of data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant