CN113507495B - Vehicle-mounted Ethernet secure communication method and system based on block chain - Google Patents

Vehicle-mounted Ethernet secure communication method and system based on block chain Download PDF

Info

Publication number
CN113507495B
CN113507495B CN202110597139.9A CN202110597139A CN113507495B CN 113507495 B CN113507495 B CN 113507495B CN 202110597139 A CN202110597139 A CN 202110597139A CN 113507495 B CN113507495 B CN 113507495B
Authority
CN
China
Prior art keywords
ecu
node
communication
block chain
source
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110597139.9A
Other languages
Chinese (zh)
Other versions
CN113507495A (en
Inventor
孙恒
彭肯恩
翁健
刘志全
邱培超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan University
Original Assignee
Jinan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan University filed Critical Jinan University
Priority to CN202110597139.9A priority Critical patent/CN113507495B/en
Publication of CN113507495A publication Critical patent/CN113507495A/en
Application granted granted Critical
Publication of CN113507495B publication Critical patent/CN113507495B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a block chain-based vehicle-mounted Ethernet secure communication method and a system, wherein the method comprises the following steps: the vehicle ECU sends the connection request to the main node through the sub-node, the sub-node adds the block chain network, encrypts the byte code of the connection request by using the public key of the main node gateway to obtain a ciphertext, signs the ciphertext by using the private key of the sub-node, and sends the connection request ciphertext and the signature to the main node; the source ECU sends the signed communication request to the main node through the source sub-node; the main node judges the effectiveness of communication by using the block chain and sends the communication permission to a legal ECU; the ECU of both communication parties directly receives and transmits communication data. The invention adopts three layers of structures of connection request, communication request and communication permission to ensure the safety and high efficiency of vehicle-mounted network communication, and solves the problems of no mutual trust and insufficient information sharing among ECUs by using the non-tamper property and the openness of the block chain.

Description

Vehicle-mounted Ethernet secure communication method and system based on block chain
Technical Field
The invention relates to the technical field of vehicle-mounted communication, in particular to a block chain-based vehicle-mounted Ethernet secure communication method and system.
Background
With the popularization of automobiles and the abundance of the types and functions of the on-board devices, the communication security between the on-board Electronic Control Units (ECUs) becomes a main concern of automobile communication. At present, a large number of vehicle-mounted ECU devices do not have a safety authentication mechanism, so that the trust problem among the ECUs is more serious, and the integrity and the authenticity of an ECU message are difficult to ensure. Meanwhile, when network message transmission of tens of millions or even hundreds of millions in a vehicle is faced, a centralized vehicle-mounted network communication management mechanism and the existing encryption scheme based on the block chain are limited to CAN bus communication, and the safety needs of next generation vehicle-mounted Ethernet due to the consumption of huge resources and extremely serious safety threats are needed to provide stable safety guarantee.
Disclosure of Invention
In order to overcome the defects and shortcomings in the prior art, the invention provides a block chain-based vehicle-mounted Ethernet secure communication method and system, which effectively solve the problems of insufficient security and efficiency, no mutual trust among ECUs and insufficient information sharing of the current vehicle-mounted Ethernet on the basis of ensuring the prevention of any unauthorized access and maintaining efficient identity authentication.
In order to achieve the purpose, the invention adopts the following technical scheme:
the invention provides a block chain-based vehicle-mounted Ethernet secure communication method, which comprises the following steps:
the method comprises the following steps that a central gateway of vehicle-mounted communication is used as a main node of a block chain network, a domain controller connected with the central gateway is used as a sub-node of the block chain network, and all vehicle ECUs are connected to the block chain network through the connected sub-nodes;
the vehicle ECU sends the connection request to the main node through the sub-node, the sub-node adds the connection request into the block chain network, the sub-node uses the public key of the main node gateway to encrypt the byte code of the connection request to obtain a ciphertext, and after the ciphertext is signed by using the private key of the sub-node, the connection request ciphertext and the signature are sent to the main node;
after receiving the connection request sent by the child node, the main node verifies the signature by using the public key of the corresponding child node, decrypts the connection request ciphertext by using the private key of the main node to obtain the plaintext byte code of the connection request, and verifies the legality of the byte code information;
the source ECU transmits the signed communication request to the main node through the source sub-node, the source sub-node encrypts the byte code of the communication request by using the public key of the main node after receiving the communication request transmitted by the source ECU, and transmits the ciphertext signed by using the private key of the source sub-node to the main node;
the main node judges the effectiveness of communication by using the block chain and sends the communication permission to a legal ECU;
the source ECU encrypts the communication data by using the public key of the target ECU, signs the ciphertext by using the private key of the source ECU, and sends the communication ciphertext and the digital signature to the target ECU;
after receiving the communication message, the target ECU verifies the digital signature of the source ECU by using the public key of the source ECU, and decrypts the encrypted message by using the private key of the target ECU to obtain communication data;
the target ECU encrypts the response message to be transmitted by using the public key of the source ECU, and directly sends the response ciphertext and the digital signature to the source ECU after signing the ciphertext by using the private key of the target ECU;
after receiving the response message, the source ECU verifies the digital signature of the target ECU by using the public key of the target ECU, and decrypts the encrypted message by using the private key of the source ECU, thereby realizing a complete and safe communication process.
As a preferred technical solution, the connection request includes an ECU ID, a child node ID, a timestamp, an expiration date, and a public key.
As a preferred technical solution, the validity of the bytecode information is checked, and when it is determined that the bytecode information of the connection request is valid, the master node generates an XML file corresponding to the ECU according to the ECU ID, the child node ID, the ECU public key, the current timestamp, and the certificate validity period in the request message, and stores the XML file as an ECU certificate having a valid duration to the blockchain.
As a preferred technical solution, the master node takes the connection request, the communication request, and the ECU certificate as transactions, adds the transactions to a transaction list according to a time arrival order, obtains ordered transactions from the list, generates a new block, adds the new block to a block chain, and synchronizes to all nodes.
Preferably, the communication request includes an ECU ID of both communication parties and a source ECU public key.
As a preferred technical solution, the ciphertext is signed by using a private key of the source child node and then transmitted to the master node, the master node verifies the signature by using a public key of the source child node after receiving a communication request transmitted by the source child node, if the source child node is legal in identity and has the authority of requesting communication, the master node decrypts the ciphertext to obtain a bytecode of the communication request transmitted by the source ECU and a digital signature of the source ECU, and the master node verifies the digital signature of the source ECU by using the public key of the source ECU to verify the validity of the source ECU.
As a preferred technical solution, the master node judges the validity of communication by using a block chain, the master node queries an ECU certificate in the block chain according to the ECU IDs of both communication parties, and judges the validity of communication by the validity period of the ECU certificate, if both the ECU certificates of both communication parties are valid, the master node sends a communication permission and a public key of both communication parties' ECUs to the source child node and the destination child node, after receiving data, the source child node sends the communication permission and the public key of the destination ECU to the source ECU, and the destination child node sends the communication permission and the public key of the source ECU to the destination ECU.
As a preferred technical solution, the communication permission is sent to a legal ECU, when the ECU sends and receives a message, the communication permission and a data message are sent to a target ECU, after receiving the communication permission, the target ECU checks the valid time of the communication permission, and if it is determined that the communication permission is invalid, the connection is disconnected.
The invention also provides a block chain-based vehicle-mounted Ethernet secure communication system, wherein the block chain is provided with a main node and sub-nodes, a central gateway of vehicle-mounted communication is used as the main node of the block chain network, a domain controller connected with the central gateway is used as the sub-node of the block chain network, and all ECUs are connected to the block chain network through the connected sub-nodes;
the main node of the block chain network is used for storing a key of the main node, public keys of all the sub-nodes and the ECU and complete uplink data of the block chain network, authenticating all the sub-nodes, generating a new block and uplink the new block;
the subnodes of the block chain network are used for storing the keys of the subnodes, the public keys of the main nodes and the complete uplink data of the block chain network and broadcasting new blocks;
when the ECU is connected to the block chain network, the connection request is sent to the sub-nodes of the block chain network connected with the ECU, then the sub-nodes of the block chain network use the public key of the main node of the block chain network to encrypt the connection request, the ciphertext is signed and then sent to the main node of the block chain network, if the connection request is legal, the main node of the block chain network generates an ECU certificate with effective duration for the ECU, and the certificate is linked and stored.
As a preferred technical solution, the specific construction process for generating the new block is as follows: the main node takes the connection request, the communication request and the ECU certificate as transactions, adds the transactions to a transaction list according to the time arrival sequence, obtains the ordered transactions from the list and generates a new block.
Compared with the prior art, the invention has the following advantages and beneficial effects:
(1) the technical scheme of the invention adopts the block chain network to carry out the ECU identity authentication, solves the safety authentication problem of the vehicle-mounted ECU equipment, enhances the authentication capability of the vehicle-mounted Ethernet to the ECU, and effectively prevents any unauthorized access to the ECU.
(2) The invention adopts three layers of structures of connection request, communication request and communication permission to ensure the safety and high efficiency of vehicle-mounted network communication, and solves the problems of no mutual trust and insufficient information sharing among ECUs by using the non-tamper property and the openness of the block chain.
(3) The invention utilizes the vehicle-mounted Ethernet to build the block chain, realizes the unification of the vehicle-mounted network and the block chain network, is suitable for various vehicles, and has strong expansibility.
Drawings
FIG. 1 is a schematic flow chart of a block chain-based vehicular Ethernet secure communication method according to the present invention;
fig. 2 is a schematic structural diagram of the vehicular ethernet network according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Examples
As shown in fig. 1, the present embodiment provides a block chain-based secure communication method for a vehicle-mounted ethernet network, where in the present embodiment, a block chain network includes: a central gateway of vehicle-mounted communication is used as a main node of a block chain network; the domain controller connected with the central gateway is used as a child node of the block chain network; all ECUs are connected to the blockchain network through connected sub-nodes.
The block chain-based vehicle-mounted Ethernet secure communication method of the embodiment specifically comprises the following steps:
s1: as shown in fig. 2, the ECU sends a connection request to the master node via the child node, and joins the block chain network; the connection request comprises an ECU ID, a sub-node ID, a timestamp, a valid period and a public key, the sub-node domain controller encrypts the byte code of the connection request by using the public key of the main node gateway to obtain a ciphertext, and the connection request ciphertext and the signature are sent to the main node after the ciphertext is signed by using the private key of the sub-node domain controller.
In this embodiment, after receiving a connection request sent by a child node, the host node verifies the signature using the public key corresponding to the domain controller of the child node, and decrypts the connection request ciphertext using the private key of the host node to obtain the plaintext bytecode of the connection request. And then, carrying out validity check on the byte code information, wherein if the sub-node ID is not stored in the block chain network, or the timestamp is earlier than the generation time of the previous block, or the timestamp is later than the current time of the main node, the connection request is illegal and discarded. If the connection request message is legal, the main node generates an XML file corresponding to the ECU according to the ECU ID, the child node ID, the ECU public key, the current timestamp and the certificate validity period in the request message, wherein the file is the ECU certificate with valid duration, and the certificate is stored in the block chain.
In this embodiment, the master node takes the connection request, the communication request, and the ECU certificate as transactions, adds the transactions to a transaction list according to a time arrival order, obtains ordered transactions from the list every 10 seconds, packs them to generate a new block, finally adds the new block to the block chain, and synchronizes all the nodes.
S2: and the source ECU transmits the signed communication request to the main node through the source sub-node, wherein the communication request comprises the ECU ID of both communication parties and the public key of the source ECU.
After receiving the communication request sent by the source ECU, the source child node encrypts the byte code of the communication request by using the public key of the main node, and sends the ciphertext signature to the main node by using the private key of the source child node.
S3: the main node judges the effectiveness of communication by using the block chain and sends the communication permission to a legal ECU.
In this embodiment, after receiving a communication request sent by a source child node, a master node verifies a signature by using a public key of the source child node, and if the source child node is legal in identity and has the authority of requesting communication, the master node decrypts a ciphertext to obtain a bytecode of the communication request sent by a source ECU and a digital signature of the source ECU, and then verifies the digital signature of the source ECU by using the public key of the source ECU, so as to verify the validity of the source ECU; and if the source child node and the source ECU are illegal in identity or the source child node does not have the authority of requesting communication, the master node rejects the communication request.
After verifying the digital signature of the source ECU, the main node inquires an ECU certificate in the block chain according to the ECU IDs of both communication parties, and judges the validity of communication according to the validity period of the ECU certificate. If the certificates of the ECUs of the two communication parties are valid, the main node sends the communication permission and the public keys of the ECUs of the two communication parties to the source sub-node and the destination sub-node. After receiving the data, the source child node sends the communication license and the public key of the destination ECU to the source ECU, and the destination child node sends the communication license and the public key of the source ECU to the destination ECU. And if the ECU certificate is invalid or the ECU certificate does not exist, the main node refuses the communication request.
In this embodiment, the communication permission is a certificate with valid time, that is, the ECU certificate in step S1, when the ECU transmits and receives the message, it needs to send the communication permission and the data message to the destination ECU, and after receiving the communication permission, the destination ECU checks the valid time of the communication permission, and if the communication permission is invalid, the connection is disconnected.
S4: the ECU of both communication parties directly receives and transmits communication data.
In the embodiment, the source ECU encrypts communication data by using a public key of the destination ECU, signs a ciphertext by using a private key of the source ECU, and then directly sends the communication ciphertext and the digital signature to the destination ECU; after receiving the communication message, the target ECU verifies the digital signature of the source ECU by using the public key of the source ECU, and decrypts the encrypted message by using the private key of the target ECU to obtain communication data.
In this embodiment, the destination ECU encrypts the response message to be transmitted using the public key of the source ECU, and directly sends the response ciphertext and the digital signature to the source ECU after signing the ciphertext using the private key of the destination ECU; after receiving the response message, the source ECU verifies the digital signature of the target ECU by using the public key of the target ECU, and decrypts the encrypted message by using the private key of the source ECU, thereby realizing a complete and safe communication process.
Example 2
The embodiment provides a block chain-based vehicle-mounted Ethernet secure communication system, wherein a block chain is provided with a main node and sub-nodes, a central gateway of vehicle-mounted communication is used as the main node of the block chain network, a domain controller connected with the central gateway is used as the sub-nodes of the block chain network, and all ECUs are connected to the block chain network through the connected sub-nodes;
in this embodiment, the master node of the blockchain network is configured to store a key of the master node, public keys of all the child nodes and the ECU, and complete uplink data of the blockchain network, authenticate all the child nodes, generate a new block, and uplink the new block;
in this embodiment, the child node of the blockchain network is configured to store a key of the child node, a public key of the master node, and complete uplink data of the blockchain network, and broadcast a new block;
in this embodiment, when the ECU is connected to the blockchain network, the connection request is sent to a child node of the blockchain network connected to the ECU, then the child node of the blockchain network encrypts the connection request using a public key of the master node of the blockchain network, signs a ciphertext and sends the ciphertext to the master node of the blockchain network, and if the connection request is legal, the master node of the blockchain network generates an ECU certificate with an effective duration for the ECU and stores the certificate in an uplink manner.
In this embodiment, the specific construction process for generating the new block is as follows: the main node takes the connection request, the communication request and the ECU certificate as transactions, adds the transactions to a transaction list according to the time arrival sequence, obtains the ordered transactions from the list and generates a new block.
The above embodiments are preferred embodiments of the present invention, but the present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications which do not depart from the spirit and principle of the present invention should be construed as equivalents thereof, and all such changes, modifications, substitutions, combinations, and simplifications are intended to be included in the scope of the present invention.

Claims (10)

1. A block chain-based vehicle-mounted Ethernet secure communication method is characterized by comprising the following steps:
the method comprises the following steps that a central gateway of vehicle-mounted communication is used as a main node of a block chain network, a domain controller connected with the central gateway is used as a sub-node of the block chain network, and all vehicle ECUs are connected to the block chain network through the connected sub-nodes;
the vehicle ECU sends the connection request to the main node through the sub-node, the sub-node adds the connection request into the block chain network, the sub-node uses the public key of the main node gateway to encrypt the byte code of the connection request to obtain a ciphertext, and after the ciphertext is signed by using the private key of the sub-node, the connection request ciphertext and the signature are sent to the main node;
after receiving the connection request sent by the child node, the main node verifies the signature by using the public key of the corresponding child node, decrypts the connection request ciphertext by using the private key of the main node to obtain the plaintext byte code of the connection request, and verifies the legality of the byte code information;
the source ECU transmits the signed communication request to the main node through the source sub-node, the source sub-node encrypts the byte code of the communication request by using the public key of the main node after receiving the communication request transmitted by the source ECU, and transmits the ciphertext signed by using the private key of the source sub-node to the main node;
the main node judges the communication validity by using the block chain, the main node sends the communication permission and the public key of the ECU of both communication sides to the source sub-node and the destination sub-node, after receiving the data, the source sub-node sends the communication permission and the public key of the destination ECU to the source ECU, and the destination sub-node sends the communication permission and the public key of the source ECU to the destination ECU;
the source ECU encrypts the communication data by using the public key of the target ECU, signs the ciphertext by using the private key of the source ECU, and sends the communication ciphertext and the digital signature to the target ECU;
after receiving the communication message, the target ECU verifies the digital signature of the source ECU by using the public key of the source ECU, and decrypts the encrypted message by using the private key of the target ECU to obtain communication data;
the target ECU encrypts the response message to be transmitted by using the public key of the source ECU, and directly sends the response ciphertext and the digital signature to the source ECU after signing the ciphertext by using the private key of the target ECU;
after receiving the response message, the source ECU verifies the digital signature of the target ECU by using the public key of the target ECU, and decrypts the encrypted message by using the private key of the source ECU, thereby realizing a complete and safe communication process.
2. The block chain based secure communication method for vehicle ethernet according to claim 1, wherein the connection request comprises an ECU ID, a child node ID, a timestamp, a validity period, and a public key.
3. The block chain-based vehicular ethernet secure communication method according to claim 2, wherein the bytecode information is legally checked, and when it is determined that the bytecode information of the connection request is legal, the master node generates an XML file corresponding to the ECU according to the ECU ID, the child node ID, the ECU public key, the current timestamp, and the certificate validity period in the request message, and stores the XML file as the ECU certificate having the validity period in the block chain.
4. The block chain-based vehicular ethernet secure communication method according to claim 3, wherein the master node takes the connection request, the communication request and the ECU certificate as transactions, adds the transactions to a transaction list according to a time arrival order, obtains ordered transactions from the list, generates a new block, adds the new block to the block chain, and synchronizes to all nodes.
5. The block chain-based vehicular ethernet secure communication method according to claim 1, wherein the communication request includes a both-communication-party ECU ID and a source ECU public key.
6. The block chain-based vehicle-mounted Ethernet secure communication method according to claim 1, wherein the private key of the source child node is used for sending a ciphertext signature to the master node, the master node checks the signature by using the public key of the source child node after receiving the communication request sent by the source child node, if the source child node is legal in identity and has the authority of requesting communication, the master node decrypts the ciphertext to obtain the bytecode of the communication request sent by the source ECU and the digital signature of the source ECU, and the master node checks the digital signature of the source ECU by using the public key of the source ECU to verify the validity of the source ECU.
7. The block chain-based vehicular ethernet network secure communication method according to claim 3, wherein the master node determines the validity of communication using the block chain, and the master node queries an ECU certificate in the block chain according to the ECU IDs of both communication parties, and determines the validity of communication by the validity period of the ECU certificate.
8. The block chain-based vehicular ethernet secure communication method according to claim 1, wherein the communication permission is sent to a legitimate ECU, the ECU sends the communication permission and a data message to a destination ECU when receiving and sending messages, the destination ECU checks the validity time of the communication permission after receiving the communication permission, and disconnects the connection if the communication permission is determined to be invalid.
9. A block chain-based vehicle-mounted Ethernet secure communication system is characterized in that a block chain is provided with a main node and sub-nodes, a central gateway of vehicle-mounted communication is used as the main node of the block chain network, a domain controller connected with the central gateway is used as the sub-node of the block chain network, and all ECUs are connected to the block chain network through the connected sub-nodes;
the main node of the block chain network is used for storing a key of the main node, public keys of all the sub-nodes and the ECU and complete uplink data of the block chain network, authenticating all the sub-nodes, generating a new block and uplink the new block;
the subnodes of the block chain network are used for storing the keys of the subnodes, the public keys of the main nodes and the complete uplink data of the block chain network and broadcasting new blocks;
when the ECU is connected to the block chain network, the connection request is sent to a sub-node of the block chain network connected with the ECU, then the sub-node of the block chain network encrypts the connection request by using a public key of a main node of the block chain network, a ciphertext signature is sent to the main node of the block chain network, and if the connection request is legal, the main node of the block chain network generates an ECU certificate with effective duration for the ECU and stores the certificate in a chain mode;
the master node judges the communication validity by using the blockchain, the master node sends the communication permission and the public key of the ECU of both communication sides to the source sub-node and the destination sub-node, after receiving the data, the source sub-node sends the communication permission and the public key of the destination ECU to the source ECU, and the destination sub-node sends the communication permission and the public key of the source ECU to the destination ECU.
10. The block chain-based vehicular ethernet secure communication system according to claim 9, wherein the specific construction process for generating the new block is as follows: the main node takes the connection request, the communication request and the ECU certificate as transactions, adds the transactions to a transaction list according to the time arrival sequence, obtains the ordered transactions from the list and generates a new block.
CN202110597139.9A 2021-05-31 2021-05-31 Vehicle-mounted Ethernet secure communication method and system based on block chain Active CN113507495B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110597139.9A CN113507495B (en) 2021-05-31 2021-05-31 Vehicle-mounted Ethernet secure communication method and system based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110597139.9A CN113507495B (en) 2021-05-31 2021-05-31 Vehicle-mounted Ethernet secure communication method and system based on block chain

Publications (2)

Publication Number Publication Date
CN113507495A CN113507495A (en) 2021-10-15
CN113507495B true CN113507495B (en) 2022-03-25

Family

ID=78008847

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110597139.9A Active CN113507495B (en) 2021-05-31 2021-05-31 Vehicle-mounted Ethernet secure communication method and system based on block chain

Country Status (1)

Country Link
CN (1) CN113507495B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418690A (en) * 2018-02-11 2018-08-17 深圳市图灵奇点智能科技有限公司 The method and apparatus that block chain contract is signed by the auxiliary that onboard system is realized

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3474488A4 (en) * 2016-06-17 2019-11-06 KDDI Corporation System, certification authority, vehicle-mounted computer, vehicle, public key certificate issuance method, and program
JP6684930B2 (en) * 2016-09-18 2020-04-22 深▲セン▼前▲海▼▲達▼▲闥▼▲雲▼端智能科技有限公司Cloudminds (Shenzhen) Robotics Systems Co., Ltd. Blockchain-based identity authentication method, device, node and system
CN107798532A (en) * 2017-09-29 2018-03-13 深圳市轱辘车联数据技术有限公司 A kind of car-mounted terminal method of payment, terminal and computer-readable medium
CN108737430B (en) * 2018-05-25 2020-07-17 全链通有限公司 Encryption communication method and system for block chain node
CN110768938A (en) * 2018-07-27 2020-02-07 上海汽车集团股份有限公司 Vehicle safety communication method and device
CN110084055A (en) * 2019-05-08 2019-08-02 联陆智能交通科技(上海)有限公司 The anti-tamper system of car data and data access method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418690A (en) * 2018-02-11 2018-08-17 深圳市图灵奇点智能科技有限公司 The method and apparatus that block chain contract is signed by the auxiliary that onboard system is realized

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"车联网安全综述";李兴华等;《信息安全学报》;20190515;全文 *

Also Published As

Publication number Publication date
CN113507495A (en) 2021-10-15

Similar Documents

Publication Publication Date Title
CN111372248B (en) Efficient anonymous identity authentication method in Internet of vehicles environment
WO2022105176A1 (en) Internet-of-vehicles authentication method and apparatus based on blockchain network, and device and medium
CN111684764B (en) Cryptographic method and system for digital certificate revocation using blind activation codes
CN112039870B (en) Privacy protection-oriented vehicle-mounted network authentication method and system based on block chain
CN112929179B (en) Vehicle networking equipment identity authentication and key agreement method based on block chain
US11190363B2 (en) Cryptographic methods and systems using activation codes for digital certificate revocation
CN110958607B (en) Internet of vehicles certificate management method for preventing privacy disclosure
Park et al. An Efficient Anonymous Authentication Protocol for Secure Vehicular Communications.
CN113572795B (en) Vehicle safety communication method, system and vehicle-mounted terminal
CN115102695A (en) Vehicle networking certificate authentication method based on block chain
Cho et al. Efficient certificate management in blockchain based internet of vehicles
CN114430552A (en) Internet of vehicles v2v efficient communication method based on message pre-authentication technology
Chen et al. IOV privacy protection system based on double-layered chains
CN113507495B (en) Vehicle-mounted Ethernet secure communication method and system based on block chain
CN116828451A (en) Block chain-based network connection motorcade identity authentication method, device and medium
Bayrak et al. A secure and privacy protecting protocol for VANET
CN112866240A (en) Safety communication method and equipment for Internet of vehicles
Kim et al. Anonymous and traceable communication using tamper-proof device for vehicular ad hoc networks
Daimi et al. Securing Vehicle’s Electronic Control Units
Wei et al. Authenticated can communications using standardized cryptographic techniques
CN117376904B (en) Communication method for vehicle group
CN114944953B (en) Certificate-free anonymous authentication method for road condition monitoring in Internet of vehicles environment
CN114978687B (en) Efficient anonymous authentication method based on blockchain technology in Internet of vehicles environment
CN111865607B (en) Encryption certificate state online query method, communication method and system for V2X
Shao et al. Research on C-V2X short-range communication security authentication technology based on domestic commercial cryptography algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant