KR101828234B1 - Electronic Control Unit - Google Patents
Electronic Control Unit Download PDFInfo
- Publication number
- KR101828234B1 KR101828234B1 KR1020160041422A KR20160041422A KR101828234B1 KR 101828234 B1 KR101828234 B1 KR 101828234B1 KR 1020160041422 A KR1020160041422 A KR 1020160041422A KR 20160041422 A KR20160041422 A KR 20160041422A KR 101828234 B1 KR101828234 B1 KR 101828234B1
- Authority
- KR
- South Korea
- Prior art keywords
- index key
- unit
- changing
- random number
- electronic control
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40052—High-speed IEEE 1394 serial bus
- H04L12/40104—Security; Encryption; Content protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Lock And Its Accessories (AREA)
Abstract
The present invention relates to an encryption system of an electronic control unit for a vehicle, and in particular, it synchronizes the time of an internal timer with a time of an internal timer to change an index key based on an output signal of an internal timer.
Description
And more particularly to an encryption technique between an electronic control unit (ECU) in a vehicle.
Vehicle electronic control devices transmit and receive data by using an Ethernet communication method. Ethernet has been developed based on an open networking architecture that is easily scalable at low cost. Therefore, in order to secure basic data confidentiality when using Ethernet communication, it is necessary to rely on higher protocol processing. Recently, MAC Sec technology has been released, but this also requires additional protocol procedures.
Due to the physical limitations of the vehicle electronic control unit, all functions other than essential functions are removed when the software is mounted. Therefore, it is difficult for the vehicle electronic control apparatus to secure the airtightness by utilizing the higher protocol.
Korean Patent Laid-Open Publication No. 10-2013-0040065 published on April 23, 2013 discloses an electronic apparatus and an encryption method thereof. The present invention provides a technique for generating a cipher text using a search term used for data search for key management for a public key and a private key applied to encryption.
However, this encryption method does not solve the problem of securing the airtightness of the above-described vehicle electronic control device.
It is an object of the present invention to allow an electronic control unit for a vehicle to add an encryption key self-updating function to an existing encryption system.
The proposed technique is also proposed to secure confidentiality without an upper protocol in the vehicle electronic control device.
Furthermore, the proposed technique aims to prevent a vehicle accident by preventing hacking in data communication between vehicle electronic control devices.
According to one aspect, the vehicle electronic control apparatus includes a parameter DB for storing a parameter table indexed for each parameter, a random number generating unit for generating a random number, an index key generating unit for generating an index key based on a random number, An encryption unit for encrypting data according to the selected parameter, and an index key changing unit for changing the index key according to a predetermined change criterion.
According to still another aspect, the vehicular electronic control apparatus includes a change sequence storage section for storing sequence information including a change condition of the index key and a method of changing the index key, and the index key changing section changes the index key according to the sequence information.
According to another aspect, the vehicle electronic control apparatus includes a time synchronizing section for synchronizing the time of the internal timer with the grand master, and the index key selecting section includes an index key changing section for changing the index key based on the output signal of the internal timer do.
According to another aspect, the parameter table includes a hash method and a shuffling method.
According to another aspect of the present invention, there is provided a decoding apparatus for decoding an encryption statement according to a selected parameter table.
According to one aspect, an encryption method of an automotive electronic control apparatus includes a random number generation step of generating a random number, an index key generation step of generating an index key based on a random number,
An index key changing step of changing an index key according to a preset change criterion, a parameter selecting step of selecting a parameter corresponding to the index key, and an encrypting step of encrypting data according to the selected parameter.
In another aspect, the encryption method includes an index key changing step of changing an index key based on an output signal of an internal timer synchronized in time with a grand master.
According to another aspect of the present invention, a method for decoding an electronic control unit for a vehicle includes receiving a random number, selecting an index key based on a received random number, selecting an index key, A parameter selecting step of selecting a parameter based on the index key, and a decoding step of decrypting the encrypted statement in accordance with the selected parameter.
According to one aspect, an encryption system of an automotive electronic control apparatus includes a random number generation unit for generating a random number, an index key generation unit for generating an index key based on a random number generated by the random number generation unit, and changing an index key based on an output signal of the internal timer An index key selection unit and an encryption unit for encrypting data according to a parameter corresponding to the changed index key; a random number reception unit for receiving a random number generated from the encryption-side vehicle electronic control unit; An index key selection unit for selecting an index key based on an output signal of the internal timer based on the output signal of the index timer and a decryption unit for decrypting the encryption key according to the parameter corresponding to the changed index key, .
According to the proposed invention, it is possible to synchronize the system of the vehicle electronic control apparatus with the time synchronization, and update the encryption key according to the synchronized time. This encryption key update can ensure airtightness in communication between the vehicle electronic control apparatuses without a separate key management protocol.
Also, the proposed technique can secure confidentiality by updating the encryption key in the encryption side device and the decryption side device by using IEEE1588 and IEEE 802.1AS.
1 is a block diagram showing the configuration of a vehicle electronic control apparatus according to an embodiment.
2 is a block diagram showing a configuration of a vehicle electronic control apparatus according to another embodiment.
3 is a block diagram showing a configuration of a vehicle electronic control apparatus according to another embodiment.
FIG. 4 is a table illustrating a security parameter index table according to an embodiment.
5 is a flowchart showing an encryption method of a vehicle electronic control apparatus according to an embodiment.
6 is a flowchart illustrating a method of decoding a vehicle electronic control apparatus according to an embodiment.
7 is a block diagram showing the configuration of an encryption system between vehicle electronic control apparatuses according to an embodiment.
8 is a flowchart showing a configuration of an encryption system of an electronic control unit for a vehicle according to another embodiment.
The foregoing and further aspects of the invention will become apparent through the following examples. The configurations of the selectively described embodiments or selectively described embodiments of the present invention may be freely combined with each other if they are not explicitly contradictory to those of ordinary skill in the art, I understand.
1 is a block diagram showing a schematic configuration of an electronic control unit for a vehicle according to an embodiment. 1, the vehicle electronic control apparatus includes a
In an aspect, the
In one embodiment, the random
In one embodiment, the index
The index key can be generated from the random number by using other known operations. As will be described later, the index key generating
In one embodiment, the
In one embodiment, the
2 is a block diagram showing a configuration of an electronic control unit for a vehicle according to another embodiment.
As shown in the figure, the index
In an aspect, the index
In one embodiment, the change
In one embodiment, the change condition may be a condition for changing the index key according to the position of the electronic control unit for the vehicle.
In another embodiment, the change condition may be a condition for changing the index key according to the type of data to be sent.
In one embodiment, the change condition of the sequence information may be change time information, and the change method may be change position information. For example, the sequence information is configured as follows.
{
For example, the change time is configured in seconds, and the offset of the change position may be any positive value or negative value. The modification time and offset values can be configured in various ways without limitation.
According to an aspect, the index
In an aspect, the
In an additional aspect, the index
In one embodiment, the index
3 is a block diagram showing a configuration of an electronic control unit for a vehicle according to another embodiment.
As shown, the vehicular electronic control apparatus according to one embodiment may include a communication unit, a random
In one embodiment, the communication unit transmits and receives data with the electronic control unit for another vehicle. In one embodiment, the encryption statement output from the
In one embodiment, the random
In an aspect, the
4 shows a parameter table according to one embodiment. As shown in the figure, the index table corresponds to each parameter.
In one aspect, the parameter table comprises a hash method and a shuffling method. For example, the hashing method may be MD5, SHA-1, HMAC, LCR. The shuffling method may be, for example, ROTATE-L-N, ROTATE-R-N, XOR, As shown in FIG. 4, the parameter table can be configured in various combinations of the hash method and the shuffling method described above. The index key shown in FIG. 4 is an embodiment, and may be a letter or a combination of numbers.
In one embodiment, the
5 is a flowchart showing a configuration of a method for encrypting a vehicle electronic control apparatus according to an embodiment.
The encryption method according to one aspect first includes a random number generation step of generating a random number.
And then generating an index key based on the random number.
And thereafter, an index key changing step of changing the index key according to a preset reference. In one embodiment, the index key changing step changes the index key according to the sequence information.
And thereafter, a parameter selection step of selecting a parameter corresponding to the index key.
And then encrypting the data according to the selected parameter.
In an aspect, the encryption method of the vehicle electronic control apparatus may include an index key changing step of changing an index key based on an output signal of an internal timer synchronized in time with the grand master.
6 is a flowchart showing a configuration of a method for decrypting a vehicle electronic control apparatus according to an embodiment. The decoding method according to an embodiment first includes receiving a random number.
And then generating an index key based on the received random number.
And thereafter, an index key changing step of changing the index key according to a preset reference. In one embodiment, the index key changing step changes the index key according to the sequence information including the change condition of the index key and the method of changing the index key. The details are as described above.
And thereafter, a parameter selection step of selecting a parameter based on the index key.
And then decrypting the encrypted statement according to the selected parameter.
In an aspect, an encryption method of an automotive electronic control apparatus includes an index key changing step of changing an index key based on an output signal of an internal timer synchronized with a time of a grand master.
7 is a block diagram showing an encryption system of an electronic control unit for a vehicle according to an embodiment. As shown in the figure, the encryption system of the vehicle electronic control apparatus is composed of a grand master, an encryption-side vehicle electronic control apparatus, and a decryption-side vehicle electronic control apparatus. In one embodiment, the electronic control unit for vehicles communicating with each other is a side for encrypting data on the encryption side and a side for decrypting ciphertext on the decryption side. Therefore, one vehicle electronic control apparatus may be an encryption side or a decryption side. In one embodiment, both vehicle electronic control apparatuses communicating with each other are time synchronized with the clock of the grand master.
8 is a flowchart showing a configuration of an encryption system of an electronic control unit for a vehicle according to another embodiment.
The vehicle electronic control apparatus includes a
In one embodiment, the
In one embodiment, the
In one embodiment, the
In one aspect, the encryption-side vehicle electronic control apparatus includes a random
In one embodiment, the random
In one embodiment, the index
The
The decryption-side vehicle electronic control apparatus according to an aspect includes a random
The random
The index
The
It will be apparent to those skilled in the art that various modifications, changes, and substitutions are possible, without departing from the essential characteristics and spirit of the invention as disclosed in the accompanying claims. will be. Therefore, the embodiments disclosed in the present invention and the accompanying drawings are intended to illustrate and not to limit the technical spirit of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments and the accompanying drawings . The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.
100: a random number generation unit 200: an index key generation unit
201: Index key changing unit 300: Parameter selecting unit
400: Encryption unit 401: Decryption unit
500: Parameter DB 501: Change sequence storage unit
600: time synchronization unit 700: random number reception unit
Claims (9)
A random number generator for generating a random number;
An index key generation unit for generating an index key based on a random number;
A change sequence storage unit for storing sequence information including a condition for changing the index key and a method for changing the same between devices communicating with each other;
A parameter selection unit for selecting a parameter corresponding to the index key;
And an encryption unit for encrypting the data according to the selected parameter,
Wherein the index key generating unit comprises: an index key changing unit for changing the index key according to the sequence information similarly preset between the communicating apparatuses;
And an electronic control unit.
And a time synchronization unit for synchronizing the time of the internal timer with that of the grand master,
The index key changing unit
A time base change unit for changing an index key based on an output signal of the internal timer;
And an electronic control unit.
A vehicle electronic control apparatus comprising a hash method and a shuffling method.
A decryption unit for decrypting the encryption statement according to the selected parameter;
And an electronic control unit for controlling the vehicle.
An index key generating step of generating an index key based on a random number;
An index key changing step of changing an index key in accordance with sequence information including a change condition and a change method of an index key previously set in advance among communication devices;
A parameter selecting step of selecting a parameter corresponding to the index key;
An encryption step of encrypting data according to the selected parameter;
And an encryption step of encrypting the electronic control device.
An index key changing step of changing an index key based on an output signal of an internal timer synchronized in time with a grand master;
And an encryption step of encrypting the electronic control device.
An index key generating step of generating an index key based on the received random number;
An index key changing step of changing an index key in accordance with sequence information including a change condition and a change method of an index key previously set in advance among communication devices;
A parameter selecting step of selecting a parameter corresponding to the index key;
A decoding step of decoding data according to the selected parameter;
And decrypting the electronic control device.
A random number generator for generating a random number,
An index key generating unit for generating an index key based on the random number generated by the random number generating unit and changing an index key according to sequence information including a changing condition and a changing method of the same preset index key, And
And an encryption unit encrypting data according to the parameter corresponding to the changed index key;
A random number receiver for receiving the generated random number from the encryption-side vehicle electronic controller,
An index key generating unit for generating an index key based on the received random number and changing an index key according to sequence information including a changing condition and a changing method of the same preset index key among communication devices;
And a decryption unit decrypting the encrypted statement according to the parameter corresponding to the changed index key.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160041422A KR101828234B1 (en) | 2016-04-05 | 2016-04-05 | Electronic Control Unit |
PCT/KR2017/003742 WO2017176052A1 (en) | 2016-04-05 | 2017-04-05 | Vehicle electronic control system, unit, and method on basis of time synchronization |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160041422A KR101828234B1 (en) | 2016-04-05 | 2016-04-05 | Electronic Control Unit |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170114482A KR20170114482A (en) | 2017-10-16 |
KR101828234B1 true KR101828234B1 (en) | 2018-02-12 |
Family
ID=60000577
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160041422A KR101828234B1 (en) | 2016-04-05 | 2016-04-05 | Electronic Control Unit |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR101828234B1 (en) |
WO (1) | WO2017176052A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101888548B1 (en) * | 2018-05-08 | 2018-08-14 | (주)위즈네트 | Random number generation method, random number generation device and communication apparatus comprising the device |
CN111866015B (en) * | 2020-07-29 | 2022-04-29 | 中国联合网络通信集团有限公司 | Vehicle information updating method and device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003198534A (en) * | 2001-11-30 | 2003-07-11 | Hynix Semiconductor Inc | Apparatus for encrypting data and method thereof |
JP2006227916A (en) * | 2005-02-17 | 2006-08-31 | Canon Inc | Information processor, information search method, program, and storage medium |
KR101549034B1 (en) * | 2012-08-17 | 2015-09-01 | 고려대학교 산학협력단 | Method for guarantying the confidentiality and integrity of a data in Controller Area Networks |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20130040065A (en) * | 2011-10-13 | 2013-04-23 | 삼성전자주식회사 | Electric apparatus and encrytion method thereof |
KR101523760B1 (en) * | 2013-07-22 | 2015-05-28 | 주식회사 이와이엘 | Immobilizer apparatus using random pulse generation and authentication method thereof |
-
2016
- 2016-04-05 KR KR1020160041422A patent/KR101828234B1/en active IP Right Grant
-
2017
- 2017-04-05 WO PCT/KR2017/003742 patent/WO2017176052A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003198534A (en) * | 2001-11-30 | 2003-07-11 | Hynix Semiconductor Inc | Apparatus for encrypting data and method thereof |
JP2006227916A (en) * | 2005-02-17 | 2006-08-31 | Canon Inc | Information processor, information search method, program, and storage medium |
KR101549034B1 (en) * | 2012-08-17 | 2015-09-01 | 고려대학교 산학협력단 | Method for guarantying the confidentiality and integrity of a data in Controller Area Networks |
Also Published As
Publication number | Publication date |
---|---|
KR20170114482A (en) | 2017-10-16 |
WO2017176052A1 (en) | 2017-10-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7233664B2 (en) | Dynamic security authentication for wireless communication networks | |
KR101032016B1 (en) | Constrained cryptographic keys | |
US7860254B2 (en) | Computer system security via dynamic encryption | |
US20230125937A1 (en) | Time-based encryption key derivation | |
US20040057579A1 (en) | Roaming hardware paired encryption key generation | |
US7813505B2 (en) | Sequence number synchronization for ciphering | |
JP2018170766A (en) | Adaptive traffic encryption for optical network | |
EP3468240B1 (en) | A system and method for secure communication | |
US9960911B2 (en) | System and method for securing wireless communication through physical layer control and data channel | |
WO2011134807A1 (en) | Dynamic encryption and decryption for network communication | |
EP2850862A1 (en) | Secure paging | |
CN101420686B (en) | Industrial wireless network security communication implementation method based on cipher key | |
JP2020513117A (en) | Method and system for improved authenticated encryption in a counter-based cryptosystem | |
CN106416118B (en) | Chaos based synchronization for secure network communications | |
CN102013975B (en) | Secret key management method and system | |
EP4044502A1 (en) | Secure communication method and apparatus | |
US10313118B2 (en) | Authenticated access to cacheable sensor information in information centric data network | |
US20230188983A1 (en) | Secure wireless protocol for wireless sensor networks | |
KR101828234B1 (en) | Electronic Control Unit | |
US7376232B2 (en) | Computer system security via dynamic encryption | |
CN115104282A (en) | Key updating method and related device | |
CN103595529A (en) | A switching method for a unidirectional secret key and a realization apparatus | |
US20080045180A1 (en) | Data transmitting method and apparatus applying wireless protected access to a wireless distribution system | |
CN110572261A (en) | data encryption transmission method | |
Cultice et al. | A PUF based CAN security framework |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |