CN111740825A - CAN bus multi-network node authentication method and system - Google Patents

CAN bus multi-network node authentication method and system Download PDF

Info

Publication number
CN111740825A
CN111740825A CN202010696758.9A CN202010696758A CN111740825A CN 111740825 A CN111740825 A CN 111740825A CN 202010696758 A CN202010696758 A CN 202010696758A CN 111740825 A CN111740825 A CN 111740825A
Authority
CN
China
Prior art keywords
node
term key
vehicle
control unit
electronic control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010696758.9A
Other languages
Chinese (zh)
Inventor
李芳�
王丽芳
张之森
吴艳
王立业
陶成轩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Electrical Engineering of CAS
Original Assignee
Institute of Electrical Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Electrical Engineering of CAS filed Critical Institute of Electrical Engineering of CAS
Priority to CN202010696758.9A priority Critical patent/CN111740825A/en
Publication of CN111740825A publication Critical patent/CN111740825A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R16/00Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
    • B60R16/02Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
    • B60R16/023Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements for transmission of signals between vehicle parts or subsystems
    • B60R16/0231Circuits relating to the driving or the functioning of the vehicle
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40006Architecture of a communication node
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Automation & Control Theory (AREA)
  • Mechanical Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention relates to an authentication method and system for CAN bus multi-network nodes. The method comprises the steps of obtaining a random number of each node of a vehicle-mounted electronic control unit and a random number of a gateway node in a current cycle of a vehicle, and obtaining a long-term key of the vehicle-mounted electronic control unit and a long-term key in the gateway node; generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; performing HMAC-SHA256 algorithm encryption by using the first short-term key and the second short-term key according to the random number of the gateway node to obtain a first ciphertext and a second ciphertext; and respectively authenticating the memorability identity of each node of the vehicle-mounted electronic control unit and the gateway node. The invention realizes the identity authentication between multiple nodes and between multiple nodes by the gateway, and protects the information security and the attack resistance.

Description

CAN bus multi-network node authentication method and system
Technical Field
The invention relates to the field of CAN bus identity authentication, in particular to an authentication method and system for CAN bus multi-network nodes.
Background
With the development of intellectualization, network security becomes a non-negligible factor for automobiles, and new challenges are met by vehicle-mounted networks. The onboard Electronic Control Unit (ECU) is also exposed to a number of unsafe-factor attack threats, the attack being the steps taken by an attacker to obtain the desired result (e.g. reading data).
At present, the security problem of the CAN bus CAN be prevented by methods such as information encryption and identity authentication, and the identity authentication problem of the bus is mainly limited to the authentication method of the MAC at present, for example, after a message authentication code is attached to a message, although intensive MAC calculation is avoided and the risk of reducing or even damaging the normal operation of the ECU is avoided, eavesdropping and replay attack are easily caused, and a node may be maliciously attacked after being stolen.
A Message Authentication Code (MAC) Authentication method is used in the reference "A Defence-in-Depth Approach to Securing the Wireless device Infrastructure". The value of the MAC is subjected to a hash operation after the node number and the key are xored, however, the 32-bit truncated MAC cannot protect the CAN bus. In a thesis, namely 'identity authentication method research based on a vehicle-mounted CAN bus network', an identity authentication scheme based on a dynamic password is designed aiming at the actual network environment of a CAN bus on the basis of the existing identity authentication method. In the scheme provided by the document, an asynchronous identity authentication mode is adopted, and the generated password has a validity period, but the scheme is limited to one-to-one authentication, and when the gateway authenticates a plurality of nodes or nodes, the time consumed by authentication is greatly prolonged. In a CAN bus identity authentication method and an identity authentication system, the CAN bus identity authentication method and the identity authentication system realize login control of a key system and signature of key data based on an identification authentication technology, and the CAN bus is used for communication between a first control end of a vehicle and a second control end of the vehicle. In the method, if the malicious forged node in the first step steals the information sent by the ECUA and continuously plays the same message to the bus, replay attack is easy to perform in the subsequent steps, so that replay attack cannot be perfectly avoided only through one-step authentication.
In summary, the current method for authenticating the identity in the CAN bus cannot well protect the CAN bus, and mostly only provides the identity authentication of one-to-one node, and does not realize the mutual authentication among a plurality of nodes.
Disclosure of Invention
The invention aims to provide an authentication method and an authentication system for CAN bus multi-network nodes, which realize identity authentication between multiple nodes and between gateways and multiple nodes, and protect the safety of information and the resistance to attack.
In order to achieve the purpose, the invention provides the following scheme:
an authentication method of a CAN bus multi-network node comprises the following steps:
acquiring a random number of each node of a vehicle-mounted electronic control unit and a random number of a gateway node in a current period of a vehicle, and a long-term key of the node of the vehicle-mounted electronic control unit and a long-term key in the gateway node; the long-term key of the vehicle-mounted electronic control unit node is the same as the long-term key in the gateway node; the cycle of the vehicle is from starting to flameout and stopping;
generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is on a gateway node;
according to the random number of the gateway node, performing HMAC-SHA256 algorithm encryption by using the first short-term key to obtain a first ciphertext;
according to the random number of the gateway node, the second short-term key is used for carrying out HMAC-SHA256 algorithm encryption to obtain a second ciphertext;
judging whether the first ciphertext is the same as the second ciphertext at the gateway node to obtain a first judgment result;
if the first judgment result shows that the first ciphertext is different from the second ciphertext, authentication fails, and a message of authentication failure is sent to each node of the vehicle-mounted electronic control unit;
if the first judgment result shows that the first ciphertext is the same as the second ciphertext, the authentication is successful, and a message of the successful authentication is sent to each node of the vehicle-mounted electronic control unit;
judging whether the gateway node is legal or not according to the message of successful authentication to obtain a second judgment result;
if the second judgment result shows that the gateway node is legal, information transmission is carried out according to the vehicle-mounted electronic control unit node and the gateway node;
and if the second judgment result shows that the gateway node is illegal, an alarm is sent out.
Optionally, the generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key specifically includes:
encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit;
TEA encryption is carried out on the random number of each node of the vehicle-mounted electronic control unit, and the encrypted random number is sent to the gateway node;
performing TEA decryption on the encrypted random number at the gateway node to obtain a random number corresponding to each node of the vehicle-mounted electronic control unit;
and encrypting by using the long-term secret key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term secret key.
Optionally, the generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key further includes:
performing TEA encryption of the second short-term key on the random number of the gateway node, and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
Optionally, the generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key further includes:
generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
Optionally, if the first determination result indicates that the first ciphertext is different from the second ciphertext, the authentication fails, and the message of the authentication failure is sent to each node of the vehicle-mounted electronic control unit, which specifically includes:
performing TEA encryption according to the message of authentication failure and the third short-term key, and sending the encrypted message of authentication failure to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted message with the authentication failure by using a third short-term key on each node of the vehicle-mounted electronic control unit.
Optionally, if the first determination result indicates that the first ciphertext is the same as the second ciphertext, the authentication is successful, and the successfully authenticated message is sent to each node of the vehicle-mounted electronic control unit, which specifically includes:
performing TEA encryption according to the successfully authenticated message and the third short-term key, and sending the successfully authenticated message to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted successfully-authenticated message by using a third short-term key on each node of the vehicle-mounted electronic control unit.
An authentication system of a CAN-bus multi-network node, comprising:
the data acquisition module is used for acquiring the random number of each node of the vehicle-mounted electronic control unit and the random number of the gateway node in the current cycle of the vehicle, and the long-term key of the node of the vehicle-mounted electronic control unit and the long-term key in the gateway node; the long-term key of the vehicle-mounted electronic control unit node is the same as the long-term key in the gateway node; the cycle of the vehicle is from starting to flameout and stopping;
the first short-term key and second short-term key generation module is used for generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is on a gateway node;
the first ciphertext determining module is used for performing HMAC-SHA256 algorithm encryption by using the first short-term key according to the random number of the gateway node to obtain a first ciphertext;
a second ciphertext determining module, configured to perform HMAC-SHA256 algorithm encryption by using the second short-term key according to the random number of the gateway node, to obtain a second ciphertext;
the first judgment module is used for judging whether the first ciphertext is the same as the second ciphertext at the gateway node to obtain a first judgment result;
the authentication failure module is used for failing authentication if the first judgment result shows that the first ciphertext is different from the second ciphertext, and sending a message of failure authentication to each node of the vehicle-mounted electronic control unit;
the authentication success module is used for successfully authenticating if the first judgment result shows that the first ciphertext is the same as the second ciphertext, and sending a message of successful authentication to each node of the vehicle-mounted electronic control unit;
the second judgment module is used for judging whether the gateway node is legal or not according to the message of successful authentication to obtain a second judgment result;
the information transmission module is used for transmitting information according to the vehicle-mounted electronic control unit node and the gateway node if the second judgment result shows that the gateway node is legal;
and the alarm module is used for sending out an alarm if the second judgment result shows that the gateway node is illegal.
Optionally, the first short-term key and the second short-term key generating module specifically include:
the first short-term key determining unit is used for encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit;
the random number encryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA encryption on the random number of each node of the vehicle-mounted electronic control unit and sending the encrypted random number to the gateway node;
the random number decryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA decryption on the encrypted random number at the gateway node to obtain a random number corresponding to each node of the vehicle-mounted electronic control unit;
and the second short-term key determining unit is used for encrypting by using the long-term key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term key.
Optionally, the method further includes:
the random number encryption module of the gateway node is used for performing TEA encryption of the second short-term key on the random number of the gateway node and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit;
and the random number decryption module of the gateway node is used for performing TEA decryption of the first short-term key on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
Optionally, the method further includes:
the third short-term key generation module is used for generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
according to the authentication method and system for the CAN bus multi-network node, identity authentication is performed among a plurality of nodes or node gateways of the ECU in each vehicle period, and a method of HMAC-SHA256 based on a secret key and a node number is adopted to perform mutual identity authentication among the nodes, so that next-step message transmission is guaranteed. Because the number of bytes of data of the CAN bus is only 8 bytes, TEA symmetric encryption transmission is adopted, the fact that only one frame of information is used for each interactive authentication information is guaranteed, and the response speed is improved. The invention realizes the identity authentication between one multi-node and between the gateways and the multi-nodes, reduces the load rate of the bus, reduces the expenditure of the CAN bus and ensures the safety of the system. Because most messages in the authentication process have the service life of only one time, in the next initialization authentication process, if replay attack is carried out, the messages are replayed or the messages intercepted last time, but the random number is changed, the password is correspondingly changed, and the messages can be identified by the network node certainly, and a danger alarm is sent. In the whole identity authentication stage, the time of ignition starting is instant, the action time is extremely short, and the difficulty is also extremely high for an attacker to crack the password in the short time. And the long-term key can be updated regularly, so that the security risk is further reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a schematic flow chart of an authentication method for a CAN bus multi-network node according to the present invention;
fig. 2 is a schematic structural diagram of an authentication system of a CAN bus multi-network node according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention aims to provide an authentication method and an authentication system for CAN bus multi-network nodes, which realize identity authentication between multiple nodes and between gateways and multiple nodes, and protect the safety of information and the resistance to attack.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Fig. 1 is a schematic flow chart of an authentication method for a CAN bus multi-network node provided by the present invention, and as shown in fig. 1, the authentication method for a CAN bus multi-network node provided by the present invention includes:
s101, obtainingThe method comprises the steps that a random number of each node of a vehicle-mounted electronic control unit and a random number of a gateway node in a current cycle of a vehicle, a long-term key of the vehicle-mounted electronic control unit node and a long-term key in the gateway node are taken; the long-term key of the vehicle-mounted electronic control unit node is the same as that of the gateway node and is Lm(ii) a The cycle of the vehicle is from start-up to shut-down.
S102, generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is at the gateway node. The first short-term key and the second short-term key are valid for the current period of the vehicle.
S102 specifically comprises the following steps:
and encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit.
As a specific example, after authentication begins, each ECU node generates a random number R in the nodea1,Rb1,Rc1Etc. combining the random number Ra1,Rb1,Rc1Ciphertext T encrypted by equal TEAa1,Tb1,Tc1Waiting for the transmission to the gateway node, while in each node, the random number R is transmitteda1,Rb1,Rc1Equal and long term key LmCarrying out XOR operation to obtain corresponding ECUA,ECUB,ECUCFirst short-term key S of a peer nodea1,Sb1,Sc1And the like. The method specifically comprises the following steps:
Figure BDA0002591462450000081
Ra1=T(Ra1|Lm)。
and TEA encryption is carried out on the random number of each node of the vehicle-mounted electronic control unit, and the encrypted random number is sent to the gateway node.
And performing TEA decryption on the encrypted random number at the gateway node to obtain the random number corresponding to each node of the vehicle-mounted electronic control unit.
And encrypting by using the long-term secret key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term secret key.
The receiving party (gateway node) receives the ciphertext Ta1,Tb1,Tc1After that, TEA decryption is carried out to obtain a random number Ra2,Rb2,Rc2Etc. combining the random number Ra2,Rb2,Rc2Equal and long term key LmCarrying out XOR operation to obtain corresponding ECUA,ECUB,ECUCSecond short-term key S of the peera2,Sb2,Sc2And the like. The second short-term key serves as a temporary key for communication with the respective node in subsequent steps of the authentication process. The method specifically comprises the following steps:
Ra2=D(Ta1|Lm);
Figure BDA0002591462450000082
after S102, further comprising:
and performing TEA encryption of the second short-term key on the random number of the gateway node, and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit.
Using the formula TSa2=T(R2|Sa2) Encryption is performed.
And performing TEA decryption on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
Using the formula R1=D(TSa2|Sa1) Decryption is performed.
S103, according to the random number of the gateway node, HMAC-SHA256 algorithm encryption is carried out by using the first short-term key, and a first ciphertext is obtained.
ECUA,ECUB,ECUCWhen ECU unit receives gateway node random number R1Each ECU node sends a random number R1Exclusive OR operation is carried out with the node number N of the node, and a short-term key S is useda1,Sb1,Sc1Performing HMAC-SHA256 algorithm encryption to obtain a first ciphertext H1And sending the first ciphertext to the gateway node for verification. The cipher text encrypted by the HMAC-SHA256 algorithm is 256 bits and 32 bytes, one data frame of the bus can transmit 8 bytes at most, and the highest 8 bytes are selected for transmission. The method specifically comprises the following steps:
Figure BDA0002591462450000091
H1=H(Xa1|Sa1)。
and S104, performing HMAC-SHA256 algorithm encryption by using the second short-term key according to the random number of the gateway node to obtain a second ciphertext.
The gateway node is based on the random number R1XOR operation is performed with the random number stored by the gateway, and then the short-term secret key S is storeda2,Sb2,Sc2Performing HMAC-SHA256 algorithm encryption to obtain ciphertext H2. Network node will cipher text H1And H2And (6) carrying out comparison. The method specifically comprises the following steps:
Figure BDA0002591462450000092
H2=H(Xa2|Sa2)。
s103 and S104 guarantee timeliness through short-term key encrypted messages, and guarantee information security through HMAC-SHA256 encryption.
And S105, judging whether the first ciphertext is the same as the second ciphertext at the gateway node to obtain a first judgment result. The first judgment result is verification between the nodes of the vehicle-mounted electronic control unit.
Such as an ECUAIf the message X1 before encryption passes the non-authentication, the first part is 0111111
The gateway node passes the message through a third short-term secret key S1Message T after TEA encryption2To each ECU node.
T2=T(X1|S1)。
Each ECU node receives the encrypted message T2Then, passing short-term key S1Decryption is performed. And judging the legality of each other.
X1=D(T2|S1)。
S106, if the first judgment result shows that the first ciphertext is different from the second ciphertext, authentication fails, and a message of authentication failure is sent to each node of the vehicle-mounted electronic control unit.
S107, if the first judgment result shows that the first ciphertext is the same as the second ciphertext, the authentication is successful, and the message of the successful authentication is sent to each node of the vehicle-mounted electronic control unit.
S108, judging whether the gateway node is legal or not according to the message of successful authentication to obtain a second judgment result.
And S109, if the second judgment result shows that the gateway node is legal, transmitting information according to the vehicle-mounted electronic control unit node and the gateway node.
And S110, if the second judgment result shows that the gateway node is illegal, giving an alarm.
As a specific embodiment, after S102, the method further includes:
generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
Because the messages encrypted by each ECU are broadcast in the bus, each ECU can also receive the messages broadcast by other ECUsSuch as an ECUACan receive ECUB,ECUCAnd (5) encrypting the message T of the node. ECU (electronic control Unit)AAfter receiving messages of other nodes, the random number R of other nodes is obtained through decryptionb1,Rc1Etc. in the node, random numbers and long-term keys LmObtaining a third short-term secret key S after XOR1
Rb1=D(Tb1|Lm);
Figure BDA0002591462450000101
The receiving party (gateway node) receives the ciphertext Ta1,Tb1,Tc1After that, TEA decryption is carried out to obtain a random number Ra2,Rb2,Rc2Etc. combining the random number Ra2,Rb2,Rc2Equal and long term key LmPerforming XOR operation to obtain a third short-term secret key S1. And the third short-term key is used as a temporary key for communication of subsequent messages and each node in the authentication process.
Figure BDA0002591462450000111
According to the third short-term key, if the first judgment result indicates that the first ciphertext is different from the second ciphertext, the authentication fails, and a message of the authentication failure is sent to each node of the vehicle-mounted electronic control unit, which specifically includes:
and performing TEA encryption according to the message of authentication failure and the third short-term key, and sending the encrypted message of authentication failure to each node of the vehicle-mounted electronic control unit.
And performing TEA decryption on the encrypted message with the authentication failure by using a third short-term key on each node of the vehicle-mounted electronic control unit.
According to the third short-term key, if the first judgment result indicates that the first ciphertext is the same as the second ciphertext, the authentication is successful, and a message of the successful authentication is sent to each node of the vehicle-mounted electronic control unit, which specifically includes:
and performing TEA encryption according to the successfully authenticated message and the third short-term key, and sending the encrypted successfully authenticated message to each node of the vehicle-mounted electronic control unit.
And performing TEA decryption on the encrypted successfully-authenticated message by using a third short-term key on each node of the vehicle-mounted electronic control unit.
The invention provides an authentication method of CAN bus multi-network nodes, which adopts asynchronous identity authentication based on a challenge/response mode. The method is characterized in that a short-term key generation process is firstly carried out for initialization, the significance is one time, the valid period of a generated password is only in the initialization authentication stage at this time, a vehicle is started to be flameout and stopped for one period, the initialization stage is one time and only one time in the period of each vehicle, namely the ignition stage by using a vehicle key. And performing handshake between the two parties, wherein the sender generates a challenge value every time, the challenge value is a generated random number, and if any node is a disguised node, the node is identified as an illegal node by the gateway.
Fig. 2 is a schematic structural diagram of an authentication system for a CAN bus multi-network node provided by the present invention, and as shown in fig. 2, the authentication system for a CAN bus multi-network node provided by the present invention includes: the system comprises a data acquisition module 201, a first short-term key and second short-term key generation module 202, a first ciphertext determination module 203, a second ciphertext determination module 204, a first judgment module 205, an authentication failure module 206, an authentication success module 207, a second judgment module 208, an information transmission module 209 and an alarm module 210.
The data acquisition module 201 is configured to acquire a random number of each node of a vehicle-mounted electronic control unit and a random number of a gateway node in a current cycle of a vehicle, and a long-term key of the vehicle-mounted electronic control unit node and a long-term key in the gateway node; the long-term key of the vehicle-mounted electronic control unit node is the same as the long-term key in the gateway node; the cycle of the vehicle is from start-up to shut-down.
The first short-term key and second short-term key generation module 202 is used for generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is at the gateway node.
The first ciphertext determining module 203 is configured to perform HMAC-SHA256 algorithm encryption by using the first short-term key according to the random number of the gateway node, so as to obtain a first ciphertext.
The second ciphertext determining module 204 is configured to perform HMAC-SHA256 algorithm encryption by using the second short-term key according to the random number of the gateway node, so as to obtain a second ciphertext.
The first determining module 205 is configured to determine, at the gateway node, whether the first ciphertext is the same as the second ciphertext, to obtain a first determination result.
The authentication failure module 206 is configured to fail authentication if the first determination result indicates that the first ciphertext is different from the second ciphertext, and send a message of authentication failure to each node of the vehicle-mounted electronic control unit.
The authentication success module 207 is configured to, if the first determination result indicates that the first ciphertext is the same as the second ciphertext, succeed in authentication and send a message of successful authentication to each node of the vehicle-mounted electronic control unit.
The second judging module 208 is configured to judge whether the gateway node is legal according to the successfully authenticated packet, so as to obtain a second judgment result.
The information transmission module 209 is configured to perform information transmission according to the vehicle-mounted electronic control unit node and the gateway node if the second determination result indicates that the gateway node is legal.
The alarm module 210 is configured to send an alarm if the second determination result indicates that the gateway node is illegal.
The first short-term key and the second short-term key generation module specifically include: the device comprises a first short-term key determining unit, a random number encryption unit of each node of the vehicle-mounted electronic control unit, a random number decryption unit of each node of the vehicle-mounted electronic control unit and a second short-term key determining unit.
The first short-term key determining unit is used for encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit.
And the random number encryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA encryption on the random number of each node of the vehicle-mounted electronic control unit and sending the encrypted random number to the gateway node.
And the random number decryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA decryption on the encrypted random number at the gateway node to obtain the random number corresponding to each node of the vehicle-mounted electronic control unit.
And the second short-term key determining unit is used for encrypting by using the long-term key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term key.
The invention provides an authentication system of CAN bus multi-network node, which also comprises: a random number encryption module of the gateway node and a random number decryption module of the gateway node.
And the random number encryption module of the gateway node is used for performing TEA encryption of the second short-term key on the random number of the gateway node and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit.
And the random number decryption module of the gateway node is used for performing TEA decryption of the first short-term key on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
The invention provides an authentication system of CAN bus multi-network node, which also comprises: a third short-term key generation module.
The third short-term key generation module is used for generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (10)

1. An authentication method for a CAN bus multi-network node is characterized by comprising the following steps:
acquiring a random number of each node of a vehicle-mounted electronic control unit and a random number of a gateway node in a current period of a vehicle, and a long-term key of the node of the vehicle-mounted electronic control unit and a long-term key in the gateway node; the long-term key of the vehicle-mounted electronic control unit node is the same as the long-term key in the gateway node; the cycle of the vehicle is from starting to flameout and stopping;
generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is on a gateway node;
according to the random number of the gateway node, performing HMAC-SHA256 algorithm encryption by using the first short-term key to obtain a first ciphertext;
according to the random number of the gateway node, the second short-term key is used for carrying out HMAC-SHA256 algorithm encryption to obtain a second ciphertext;
judging whether the first ciphertext is the same as the second ciphertext at the gateway node to obtain a first judgment result;
if the first judgment result shows that the first ciphertext is different from the second ciphertext, authentication fails, and a message of authentication failure is sent to each node of the vehicle-mounted electronic control unit;
if the first judgment result shows that the first ciphertext is the same as the second ciphertext, the authentication is successful, and a message of the successful authentication is sent to each node of the vehicle-mounted electronic control unit;
judging whether the gateway node is legal or not according to the message of successful authentication to obtain a second judgment result;
if the second judgment result shows that the gateway node is legal, information transmission is carried out according to the vehicle-mounted electronic control unit node and the gateway node;
and if the second judgment result shows that the gateway node is illegal, an alarm is sent out.
2. The method according to claim 1, wherein the generating a first short-term key and a second short-term key according to the random number of each node of the on-board ecu and the long-term key specifically comprises:
encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit;
TEA encryption is carried out on the random number of each node of the vehicle-mounted electronic control unit, and the encrypted random number is sent to the gateway node;
performing TEA decryption on the encrypted random number at the gateway node to obtain a random number corresponding to each node of the vehicle-mounted electronic control unit;
and encrypting by using the long-term secret key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term secret key.
3. The method of claim 1, wherein the generating a first short-term key and a second short-term key according to the random number of each node of the on-board ecu and the long-term key further comprises:
performing TEA encryption of the second short-term key on the random number of the gateway node, and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
4. The method of claim 1, wherein the generating a first short-term key and a second short-term key according to the random number of each node of the on-board ecu and the long-term key further comprises:
generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
5. The method according to claim 4, wherein if the first determination result indicates that the first ciphertext is different from the second ciphertext, the authentication fails, and the message indicating the authentication failure is sent to each node of the vehicle-mounted electronic control unit, specifically comprising:
performing TEA encryption according to the message of authentication failure and the third short-term key, and sending the encrypted message of authentication failure to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted message with the authentication failure by using a third short-term key on each node of the vehicle-mounted electronic control unit.
6. The method according to claim 4, wherein if the first determination result indicates that the first ciphertext is the same as the second ciphertext, the successfully authenticating is performed, and a successfully authenticated message is sent to each node of the on-vehicle electronic control unit, specifically including:
performing TEA encryption according to the successfully authenticated message and the third short-term key, and sending the successfully authenticated message to each node of the vehicle-mounted electronic control unit;
and performing TEA decryption on the encrypted successfully-authenticated message by using a third short-term key on each node of the vehicle-mounted electronic control unit.
7. An authentication system for a CAN bus multi-network node, comprising:
the data acquisition module is used for acquiring the random number of each node of the vehicle-mounted electronic control unit and the random number of the gateway node in the current cycle of the vehicle, and the long-term key of the node of the vehicle-mounted electronic control unit and the long-term key in the gateway node; the long-term key of the vehicle-mounted electronic control unit node is the same as the long-term key in the gateway node; the cycle of the vehicle is from starting to flameout and stopping;
the first short-term key and second short-term key generation module is used for generating a first short-term key and a second short-term key according to the random number of each node of the vehicle-mounted electronic control unit and the long-term key; the first short-term key is arranged on each node of the vehicle-mounted electronic control unit; the second short-term key is on a gateway node;
the first ciphertext determining module is used for performing HMAC-SHA256 algorithm encryption by using the first short-term key according to the random number of the gateway node to obtain a first ciphertext;
a second ciphertext determining module, configured to perform HMAC-SHA256 algorithm encryption by using the second short-term key according to the random number of the gateway node, to obtain a second ciphertext;
the first judgment module is used for judging whether the first ciphertext is the same as the second ciphertext at the gateway node to obtain a first judgment result;
the authentication failure module is used for failing authentication if the first judgment result shows that the first ciphertext is different from the second ciphertext, and sending a message of failure authentication to each node of the vehicle-mounted electronic control unit;
the authentication success module is used for successfully authenticating if the first judgment result shows that the first ciphertext is the same as the second ciphertext, and sending a message of successful authentication to each node of the vehicle-mounted electronic control unit;
the second judgment module is used for judging whether the gateway node is legal or not according to the message of successful authentication to obtain a second judgment result;
the information transmission module is used for transmitting information according to the vehicle-mounted electronic control unit node and the gateway node if the second judgment result shows that the gateway node is legal;
and the alarm module is used for sending out an alarm if the second judgment result shows that the gateway node is illegal.
8. The system of claim 7, wherein the first short-term key and the second short-term key generation module specifically comprise:
the first short-term key determining unit is used for encrypting the random number of each node of the vehicle-mounted electronic control unit by using the long-term key to obtain a first short-term key of each node of the vehicle-mounted electronic control unit;
the random number encryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA encryption on the random number of each node of the vehicle-mounted electronic control unit and sending the encrypted random number to the gateway node;
the random number decryption unit of each node of the vehicle-mounted electronic control unit is used for performing TEA decryption on the encrypted random number at the gateway node to obtain a random number corresponding to each node of the vehicle-mounted electronic control unit;
and the second short-term key determining unit is used for encrypting by using the long-term key according to the random number corresponding to each node of the vehicle-mounted electronic control unit to obtain a second short-term key.
9. The CAN-bus multi-network-node authentication system of claim 7, further comprising:
the random number encryption module of the gateway node is used for performing TEA encryption of the second short-term key on the random number of the gateway node and sending the encrypted random number of the gateway node to each node of the vehicle-mounted electronic control unit;
and the random number decryption module of the gateway node is used for performing TEA decryption of the first short-term key on the encrypted random number of the gateway node on each node of the vehicle-mounted electronic control unit to obtain the random number of the gateway node.
10. The CAN-bus multi-network-node authentication system of claim 7, further comprising:
the third short-term key generation module is used for generating a third short-term key according to the random numbers of all the vehicle-mounted electronic control unit nodes and the long-term key; the third short-term key is on each node of the onboard electronic control unit and the gateway node.
CN202010696758.9A 2020-07-20 2020-07-20 CAN bus multi-network node authentication method and system Pending CN111740825A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010696758.9A CN111740825A (en) 2020-07-20 2020-07-20 CAN bus multi-network node authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010696758.9A CN111740825A (en) 2020-07-20 2020-07-20 CAN bus multi-network node authentication method and system

Publications (1)

Publication Number Publication Date
CN111740825A true CN111740825A (en) 2020-10-02

Family

ID=72655016

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010696758.9A Pending CN111740825A (en) 2020-07-20 2020-07-20 CAN bus multi-network node authentication method and system

Country Status (1)

Country Link
CN (1) CN111740825A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794734A (en) * 2021-09-26 2021-12-14 上汽通用五菱汽车股份有限公司 Vehicle-mounted CAN bus encryption communication method, control device and readable storage medium
CN114024750A (en) * 2021-11-05 2022-02-08 北京天融信网络安全技术有限公司 Gateway access authentication method and device
CN114268449A (en) * 2021-11-02 2022-04-01 浙江零跑科技股份有限公司 Important CAN encryption method
CN115242410A (en) * 2022-09-22 2022-10-25 合肥工业大学 Vehicle-interior network identity authentication method based on quantum random number generator

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070189528A1 (en) * 2006-02-14 2007-08-16 Yutaka Ueda Wireless LAN transmitting and receiving apparatus and key distribution method
JP2010124376A (en) * 2008-11-21 2010-06-03 Mitsubishi Electric Corp Authentication apparatus and encryption processing device
CN102904713A (en) * 2011-07-25 2013-01-30 深圳市金溢科技有限公司 Key exchange method for secret key encryption communication system
CN107800675A (en) * 2016-09-07 2018-03-13 深圳市腾讯计算机系统有限公司 A kind of data transmission method, terminal and server
CN111432374A (en) * 2020-02-28 2020-07-17 深圳开源互联网安全技术有限公司 Method and device for authenticating identity of network-connected automobile network node and readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070189528A1 (en) * 2006-02-14 2007-08-16 Yutaka Ueda Wireless LAN transmitting and receiving apparatus and key distribution method
JP2010124376A (en) * 2008-11-21 2010-06-03 Mitsubishi Electric Corp Authentication apparatus and encryption processing device
CN102904713A (en) * 2011-07-25 2013-01-30 深圳市金溢科技有限公司 Key exchange method for secret key encryption communication system
CN107800675A (en) * 2016-09-07 2018-03-13 深圳市腾讯计算机系统有限公司 A kind of data transmission method, terminal and server
CN111432374A (en) * 2020-02-28 2020-07-17 深圳开源互联网安全技术有限公司 Method and device for authenticating identity of network-connected automobile network node and readable storage medium

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794734A (en) * 2021-09-26 2021-12-14 上汽通用五菱汽车股份有限公司 Vehicle-mounted CAN bus encryption communication method, control device and readable storage medium
CN114268449A (en) * 2021-11-02 2022-04-01 浙江零跑科技股份有限公司 Important CAN encryption method
CN114268449B (en) * 2021-11-02 2023-08-29 浙江零跑科技股份有限公司 Important CAN encryption method
CN114024750A (en) * 2021-11-05 2022-02-08 北京天融信网络安全技术有限公司 Gateway access authentication method and device
CN114024750B (en) * 2021-11-05 2023-11-28 北京天融信网络安全技术有限公司 Gateway access authentication method and device
CN115242410A (en) * 2022-09-22 2022-10-25 合肥工业大学 Vehicle-interior network identity authentication method based on quantum random number generator
CN115242410B (en) * 2022-09-22 2022-11-29 合肥工业大学 Vehicle-interior network identity authentication method based on quantum random number generator

Similar Documents

Publication Publication Date Title
CN107846395B (en) Method, system, medium, and vehicle for securing communications on a vehicle bus
CN106533655B (en) Method for safe communication of ECU (electronic control Unit) in vehicle interior network
CN109600350B (en) System and method for secure communication between controllers in a vehicle network
US8526606B2 (en) On-demand secure key generation in a vehicle-to-vehicle communication network
CN111740825A (en) CAN bus multi-network node authentication method and system
US9015489B2 (en) Securing passwords against dictionary attacks
KR101508497B1 (en) Data certification and acquisition method for vehicle
US6732270B1 (en) Method to authenticate a network access server to an authentication server
CN115396121B (en) Security authentication method for security chip OTA data packet and security chip device
CN108243181A (en) A kind of car networking terminal, data ciphering method and car networking server
CN102299930A (en) Method for ensuring security of client software
KR101675332B1 (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
WO2008043292A1 (en) An authentication method, device and system for multicast and broadcast service
CN112396735B (en) Internet automobile digital key safety authentication method and device
CN107517194B (en) Return source authentication method and device of content distribution network
CN103795728A (en) EAP authentication method capable of hiding identities and suitable for resource-constrained terminal
CN113781678A (en) Vehicle Bluetooth key generation and authentication method and system under network-free environment
Halabi et al. A lightweight synchronous cryptographic hash chain solution to securing the vehicle CAN bus
CN111031061A (en) Verification method and gateway equipment
CN111147257A (en) Identity authentication and information confidentiality method, monitoring center and remote terminal unit
KR101481403B1 (en) Data certification and acquisition method for vehicle
KR102219086B1 (en) HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems
KR20170032210A (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
Tashiro et al. A secure protocol consisting of two different security-level message authentications over CAN
Cultice et al. A PUF based CAN security framework

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20201002

RJ01 Rejection of invention patent application after publication