KR20170029259A - Method of providing secure odometer management by changing secret key and appratus for implementing the same - Google Patents
Method of providing secure odometer management by changing secret key and appratus for implementing the same Download PDFInfo
- Publication number
- KR20170029259A KR20170029259A KR1020150126369A KR20150126369A KR20170029259A KR 20170029259 A KR20170029259 A KR 20170029259A KR 1020150126369 A KR1020150126369 A KR 1020150126369A KR 20150126369 A KR20150126369 A KR 20150126369A KR 20170029259 A KR20170029259 A KR 20170029259A
- Authority
- KR
- South Korea
- Prior art keywords
- mileage
- controller
- secret key
- key
- encrypted
- Prior art date
Links
Images
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60K—ARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
- B60K35/00—Arrangement of adaptations of instruments
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60K—ARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
- B60K37/00—Dashboards
- B60K37/02—Arrangement of instruments
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R25/00—Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
- B60R25/20—Means to switch the anti-theft system on or off
- B60R25/24—Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R2300/00—Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle
- B60R2300/80—Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle characterised by the intended use of the viewing arrangement
- B60R2300/8073—Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle characterised by the intended use of the viewing arrangement for vehicle security, e.g. parked vehicle surveillance, burglar detection
Abstract
Description
More particularly, the present invention relates to a method for managing distance information, more particularly, to a method for exchanging data between a controller for measuring mileage and a controller for backing up and storing the data, and a secret key for arm / And a device for performing the same.
A typical vehicle driving record security system exchanges driving record data using a secret key previously shared between a cluster controller responsible for driving record measurement and a backup controller for backing up the data. However, such a pre-shared secret key is typically recorded for the first time in production and used unchanged throughout the entire life cycle of the vehicle. Such a system provides a large amount of resources (i.e., computed values) that can be used for inverse calculation to extract a secret key to a hacker having a malicious purpose (e.g., driving data manipulation). As a result, when the running record operated by using the secret key extracted by the inverse calculation is transmitted to the backup controller, the backup controller that decrypts it has a problem that it is impossible to recognize the abnormality and thus it is possible to operate the mileage.
The present invention is intended to provide a method and apparatus for managing a running record of a vehicle more reliably.
In particular, the present invention is directed to a method and apparatus for securely replacing a secret key for encrypting a driving record.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are not restrictive of the invention, unless further departing from the spirit and scope of the invention as defined by the appended claims. It will be possible.
According to an aspect of the present invention, there is provided a vehicle including: a mileage measurement controller for measuring mileage and encrypting the measured mileage using a first secret key; And a backup controller for decrypting the encrypted mileage using the first secret key to back up the mileage. At this time, the odometer measurement controller transmits asymmetric key authentication data to the backup controller, and the backup controller generates the second symmetric secret key when the first condition is satisfied, 2 symmetric secret key and transmit it to the mileage measurement controller.
According to another aspect of the present invention, there is provided a method of managing travel distance of a vehicle, comprising: measuring a travel distance in a travel distance measurement controller; Encrypting the measured mileage using the first secret key in the mileage measurement controller; The encrypted mileage being transmitted to a backup controller; Decrypting the encrypted mileage in the backup controller using the first secret key; And backing up the decoded mileage at the backup controller. The first secret key is generated by the backup controller and then encrypted using the public key obtained from the mileage measurement controller and transmitted to the mileage measurement controller, Can be decrypted using the matching private key.
In addition, the travel distance measuring controller for a vehicle according to an embodiment of the present invention includes: a travel distance measuring module for measuring a travel distance; A mileage encrypting module for encrypting the measured mileage using a secret key shared with a backup controller and transmitting the encrypted mileage to a backup controller; An authentication information transfer module for transferring the asymmetric key authentication data to the backup controller; And a secret key decryption module that decrypts the new secret key by using a private key matched with the public key when the new secret key encrypted by the backup controller is received using the public key included in the asymmetric key authentication data, . At this time, it is preferable that the shared secret key is replaced with the new secret key when the new secret key is obtained.
In addition, the backup controller of the vehicle according to an embodiment of the present invention includes an authentication information verification module that verifies the received asymmetric key authentication data with the trusted public key upon receiving the asymmetric key authentication data from the mileage measurement controller; A secret key encryption module for generating a secret key, encrypting the secret key with a public key included in the asymmetric key authentication data, and transmitting the encrypted secret key to the mileage measurement controller; A travel distance verification module that decrypts the travel distance encrypted with the secret key when the encrypted travel distance is received from the travel distance measurement controller and verifies whether the decoded travel distance is abnormal; And a mileage storage module for backing up the decoded mileage when there is no abnormality in the mileage.
The driving record of the vehicle can be managed more safely using the secret key replacement method according to at least one embodiment of the present invention configured as described above.
In particular, the secret key can be securely exchanged by encrypting / decrypting a secret key to be shared based on the public key and the private key held by the odometer controller and the backup controller.
Also, the possibility of hacking from the outside can be cut off early by detecting an abnormality of the mileage through backup and monitoring of the mileage data using the replaced secret key, or by replacing the secret key when detecting the abnormal state of the vehicle.
The effects obtained by the present invention are not limited to the above-mentioned effects, and other effects not mentioned can be clearly understood by those skilled in the art from the following description will be.
1 shows an example of a software structure of a mileage measuring controller according to an embodiment of the present invention.
2 shows an example of a software structure of a backup controller according to an embodiment of the present invention.
3 is a flowchart illustrating an example of a travel distance information exchange and a secret key exchange process according to an embodiment of the present invention.
FIG. 4 shows an example of a procedure in which mileage information exchange and secret key exchange are performed in the mileage measurement controller according to an embodiment of the present invention.
FIG. 5 illustrates an example of a process in which a mileage information exchange and a secret key exchange are performed in a backup controller according to an embodiment of the present invention.
6 shows an example of a vehicle system in which mileage information management can be performed according to an embodiment of the present invention.
7 shows an example of a controller structure according to an embodiment of the present invention.
Hereinafter, a driving record management method and an apparatus therefor according to the present invention will be described in detail with reference to the drawings. The suffix "module" and " part "for the components used in the following description are given or mixed in consideration of ease of specification, and do not have their own meaning or role.
In an embodiment of the present invention, it is proposed that the secret key to be shared based on the individual public key and the private key held by the odometer controller and the backup controller is encrypted / decrypted to securely change the secret key. Further, it is proposed to monitor the mileage data using the replaced secret key to find out the abnormality of the mileage, or to change the secret key when detecting the abnormal state of the vehicle.
First, a software structure of a controller to be applied to an embodiment of the present invention will be described with reference to FIGS. 1 and 2. FIG.
1 shows an example of a software structure of a mileage measuring controller according to an embodiment of the present invention.
The mileage measurement controller may be a cluster controller or a separate controller that exchanges mileage information with the cluster distance controller.
1, the software structure of the
Here, the
The authentication information 160 is composed of a private key and a public key of the asymmetric key system possessed by the mileage measurement controller, related information on the mileage measurement controller, and a signature generated with a trusted private key for the public key. The authentication
2 shows an example of a software structure of a backup controller according to an embodiment of the present invention.
The backup controller is a controller for performing backup by receiving the MAC-encrypted mileage information from the mileage measurement controller with a secret key. The controller may be a separate controller for the backup function alone or a backup controller for the additional controller .
2, the software structure of the
The
The authentication
The secret
The
1 and 2 may be implemented as a circuit configured to perform an operation corresponding to a software module or a command corresponding thereto. It is not necessary that each component is separately configured, and a plurality of components It should be apparent to those skilled in the art that the present invention can be implemented as a single module that performs functions together.
Hereinafter, a process of each of the controllers having the above-described structure for exchanging mileage information and replacement of the secret key will be described.
3 is a flowchart illustrating an example of a travel distance information exchange and a secret key exchange process according to an embodiment of the present invention.
Referring to FIG. 3, a mileage measurement controller (hereinafter, referred to simply as a "measurement controller") has a public key and a signature for public keys for verification of a backup controller for its own public key, And transmits the asymmetric key authentication data to the backup controller (S310).
The backup controller verifies the asymmetric key authentication data of the received measurement controller using the trusted public key that is the basis of trust. If the verification is successful, the backup controller generates a new secret key, encrypts it with the public key of the previously received and verified measurement controller, and transmits it to the measurement controller (S320). If the verification fails, the backup controller may re-request asymmetric key authentication data transmission of the measurement controller after recording the error of the measurement controller.
The measurement controller receiving the new secret key encrypted with its own public key decrypts the new secret key with its own private key and then transmits the encrypted secret key to the backup controller after MAC encryption using the corresponding new secret key S330).
The backup controller that has received the encrypted mileage data verifies whether it is decrypted using the secret key distributed immediately before it, and backs up the mileage at that point of time when it is determined that the data is reliable (i.e., decryption is successful) ).
If the condition for replacing the secret key (hereinafter referred to as "first condition " for convenience) is satisfied, the backup controller generates a new secret key and distributes it to the measurement controller (S350). The first condition is that when the abnormality of the received mileage data is detected (for example, a decrease relative to the immediately preceding mileage, a decryption failure of the received data occurs) or when the received mileage data reaches a predetermined replacement reference distance , It can be regarded as satisfied.
On the other hand, if a further abnormality occurs (hereinafter referred to as "second condition" for convenience) after the distribution of the new secret key, the backup controller determines that the measurement controller has been operated and requests transmission of the asymmetric key authentication data of the measurement controller at step S360. At this time, the second condition may be a case where an abnormality of the mileage data encrypted consecutively for a predetermined number of times (for example, twice) immediately after the distribution of the new secret key is detected. If the verification of the asymmetric key authentication data of the re-received measurement controller fails again, the backup controller may finally determine that the measurement controller has been operated and record the controller error (S380).
Next, the above-described process will be described in terms of the internal operation of each controller with reference to Figs. 4 and 5. Fig.
FIG. 4 shows an example of a procedure in which mileage information exchange and secret key exchange are performed in the mileage measurement controller according to an embodiment of the present invention.
Referring to FIG. 4, if there is no secret key shared with the backup controller, the
Upon receipt of the new secret key encrypted with the public key from the backup controller upon receipt of the request, the odometer measurement controller decrypts the new secret key using the private key (if the existing secret key is present, deletes the existing secret key) The private key is stored (S420).
Steps S410 and S420 may not be performed until the first condition is satisfied if there is a currently valid secret key (i.e., the first condition is not satisfied in FIG. 3).
When the secret key is secured (that is, when the secret key is shared), the mileage measuring controller encrypts the measured data using the secret key secured in the measurement of the mileage and transmits the encrypted data to the backup controller (S430).
FIG. 5 illustrates an example of a process in which a mileage information exchange and a secret key exchange are performed in a backup controller according to an embodiment of the present invention.
Referring to FIG. 5, the
Upon receipt of a request to distribute the new symmetric key from the
While the secret key is valid, the
Next, the vehicle environment and the additional functions that can be performed in the present embodiment will be described with reference to FIG.
6 shows an example of a vehicle system in which mileage information management can be performed according to an embodiment of the present invention.
6, in addition to the above-described
In order to further reduce the risk of leakage of various authentication data, encrypted mileage information, encrypted secret key, and the like in the case where the specific controller is fixedly used by the
On the other hand, the cluster, that is, the
In addition, when the mileage value of the cluster is arbitrarily changed, the mileage changed to the backup value stored in the backup controller can be restored.
7 shows an example of a controller structure according to an embodiment of the present invention.
7, the controller according to the present embodiment includes a
More specifically, when the controller is the
Further, when the controller is a backup controller, the
According to the embodiments of the present invention described so far, the following effects can be obtained.
The reliability of the mileage data transmitted through communication can be secured by exchanging the encrypted mileage data by using a secret key that is changed not by a fixed secret key.
Further, by replacing the secret key, it becomes difficult to acquire the data necessary for the secret key inverse calculation, thereby reducing the possibility of hacking.
In addition, since the possibility of hacking is reduced, the damage caused by the sale of the used car which is operated at a low mileage can be prevented, and the operation of the arbitrary mileage can be prevented, so that the customer reliability of the vehicle brand to which the present invention is applied can be secured.
The driving record management method and the apparatus therefor are not limited to the configuration and method of the embodiments described above but the embodiments can be applied to all or some of the embodiments so that various modifications can be made. Or may be selectively combined.
Claims (22)
And a backup controller for decrypting the encrypted mileage using the first symmetric secret key to back up the mileage,
The mileage measurement controller includes:
Asymmetric key authentication data to the backup controller,
The backup controller comprising:
Generates a second symmetric secret key if the first condition is satisfied, and encrypts the second symmetric secret key using the asymmetric key authentication data and delivers it to the mileage measurement controller.
The asymmetric key authentication data includes:
A public key of the mileage measurement controller, a signature of the public key, and additional information of the mileage measurement controller,
The backup controller comprising:
And verifies the asymmetric key authentication data using a trusted public key.
The backup controller comprising:
If verification of the asymmetric key authentication data is successful,
And encrypts the second symmetric secret key using a public key included in the asymmetric key authentication data.
The mileage measurement controller includes:
Encrypting the encrypted second symmetric secret key,
Using the private key matched with the public key.
The first condition is that,
When the decoded mileage is found to be an error, decryption of the encrypted mileage has failed, and when the decoded mileage has reached a predetermined replacement reference distance.
The backup controller comprising:
And requests the odometer measurement controller to re-request the asymmetric key authentication data when the second condition is satisfied.
The second condition is that,
And when the backup controller transmits the second symmetric secret key to the mileage measurement controller, the encrypted mileage received from the mileage measurement controller is detected more than a predetermined number of times.
Further comprising a gateway coupled to the mileage measurement controller and the backup controller,
The gateway comprises:
And designates the backup controller to any one of the controllers connected thereto according to a predetermined rule.
The gateway comprises:
And designates the backup controller using a remainder obtained by dividing an arbitrary random number by the number of controllers connected thereto.
The backup controller comprising:
Wherein the controller determines an abnormality in the decoded mileage using at least one of an average running speed and running time during a running cycle from when the engine is turned on to when the engine is turned off and an average fuel consumption and consumed fuel amount during the running cycle.
Encrypting the measured mileage using the first symmetric secret key in the mileage measurement controller;
The encrypted mileage being transmitted to a backup controller;
Decrypting the encrypted travel distance by the backup controller using the first symmetric secret key; And
Backing up the decoded mileage at the backup controller,
Wherein the first symmetric secret key comprises:
The control information is generated by the backup controller, encrypted using the public key obtained from the mileage measurement controller, transmitted to the mileage measurement controller,
And decrypting the mileage using the private key matched with the public key in the mileage measurement controller.
The asymmetric key authentication data including the public key, the signature for the public key, and additional information of the mileage measurement controller is transmitted from the mileage measurement controller to the backup controller; And
Further comprising verifying the asymmetric key authentication data using a trusted public key in the backup controller.
Generating a second symmetric secret key at the backup controller if the first condition is satisfied; And
Encrypting the second symmetric secret key using the public key at the backup controller;
Further comprising the step of the encrypted second symmetric secret key being delivered to the mileage measurement controller at the backup controller.
Decrypting the encrypted second symmetric secret key using the private key in the mileage measurement controller; And
And replacing the first symmetric secret key with the second symmetric secret key.
Wherein the first condition is that, in the backup controller,
And a deciding step of deciding whether or not the decoded mileage has reached a predetermined replacement reference distance in the case where an abnormality is found in the decoded mileage, Way.
Further comprising, in the backup controller, re-requesting the asymmetric key authentication data to the mileage measurement controller if the second condition is satisfied.
The second condition is that,
And a case in which the backup controller transmits the second symmetric secret key to the mileage measuring controller and then detects an encrypted traveling distance received from the mileage measuring controller at least a predetermined number of times .
A mileage encrypting module for encrypting the measured mileage using a symmetric secret key shared with a backup controller and transmitting the encrypted mileage to a backup controller;
An authentication information transfer module for transferring the asymmetric key authentication data to the backup controller; And
And a secret key decryption module that decrypts the new symmetric secret key by using a private key matched with the public key if the new symmetric secret key encrypted by the backup controller is received from the public key included in the asymmetric key authentication data,
Wherein the shared secret key is replaced with the new symmetric secret key when the new symmetric secret key is obtained.
A secret key encryption module for generating a symmetric secret key, encrypting the encrypted secret key with a public key included in the asymmetric key authentication data, and transmitting the encrypted secret key to the mileage measurement controller;
A mileage verification module for decrypting the mileage encrypted with the symmetric secret key when the encrypted mileage is received from the mileage measurement controller and verifying whether the decoded mileage is abnormal; And
And a mileage storage module for backing up the decoded mileage when there is no abnormality in the decoded mileage.
When an error is found in the decoded mileage, when decryption of the encrypted mileage fails, and when the decoded mileage reaches a preset replacement distance,
The secret key encryption module includes:
Generates a new symmetric secret key, encrypts it with the public key, and forwards it to the mileage measurement controller.
When the generated new symmetric secret key is transmitted to the odometer measurement controller, and the encrypted mileage received from the odometer measurement controller is detected more than a predetermined number of times,
The authentication information verification module includes:
And requests the mileage measurement controller to re-request the asymmetric key authentication data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150126369A KR101780280B1 (en) | 2015-09-07 | 2015-09-07 | Method of providing secure odometer management by changing secret key and appratus for implementing the same |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150126369A KR101780280B1 (en) | 2015-09-07 | 2015-09-07 | Method of providing secure odometer management by changing secret key and appratus for implementing the same |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170029259A true KR20170029259A (en) | 2017-03-15 |
KR101780280B1 KR101780280B1 (en) | 2017-09-21 |
Family
ID=58403075
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150126369A KR101780280B1 (en) | 2015-09-07 | 2015-09-07 | Method of providing secure odometer management by changing secret key and appratus for implementing the same |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101780280B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112277844A (en) * | 2020-09-29 | 2021-01-29 | 北汽福田汽车股份有限公司 | Mileage backup method and device and vehicle |
CN117118613A (en) * | 2023-10-18 | 2023-11-24 | 湖北芯擎科技有限公司 | Whole vehicle instrument data security protection method, equipment and readable storage medium |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007085007A (en) * | 2005-09-20 | 2007-04-05 | Auto Network Gijutsu Kenkyusho:Kk | Vehicle communication lock system, vehicle, slave machine and master machine of vehicle communication lock system |
JP2009005146A (en) * | 2007-06-22 | 2009-01-08 | Panasonic Corp | Data transmitter |
JP2013057995A (en) * | 2011-09-07 | 2013-03-28 | Ntt Data Corp | Information disclosure system, information disclosure server, driving user terminal, and information disclosure method |
-
2015
- 2015-09-07 KR KR1020150126369A patent/KR101780280B1/en active IP Right Grant
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112277844A (en) * | 2020-09-29 | 2021-01-29 | 北汽福田汽车股份有限公司 | Mileage backup method and device and vehicle |
CN117118613A (en) * | 2023-10-18 | 2023-11-24 | 湖北芯擎科技有限公司 | Whole vehicle instrument data security protection method, equipment and readable storage medium |
CN117118613B (en) * | 2023-10-18 | 2024-01-02 | 湖北芯擎科技有限公司 | Whole vehicle instrument data security protection method, equipment and readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
KR101780280B1 (en) | 2017-09-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10999078B2 (en) | Software distribution processing device, software distribution processing method, and vehicle | |
CN109076078B (en) | Method for establishing and updating a key for secure on-board network communication | |
US10419220B2 (en) | Management device, key generating device, vehicle, maintenance tool, management system, management method, and computer program | |
US11212087B2 (en) | Management system, key generation device, in-vehicle computer, management method, and computer program | |
KR101838511B1 (en) | Method of providing security for controller using encryption and appratus for implementing the same | |
CN110708388B (en) | Vehicle body safety anchor node device, method and network system for providing safety service | |
US10673621B2 (en) | Management device, vehicle, management method, and computer program | |
US9998476B2 (en) | Data distribution apparatus, communication system, moving object, and data distribution method | |
JP2010011400A (en) | Cipher communication system of common key system | |
JP5772692B2 (en) | In-vehicle control device authentication system and in-vehicle control device authentication method | |
JP2013138304A (en) | Security system and key data operation method | |
JP6625293B2 (en) | Key management device and communication equipment | |
CN111614608A (en) | Hybrid cryptographic system and method for encrypting data | |
CN111130750A (en) | Vehicle CAN safety communication method and system | |
KR102569893B1 (en) | Method of providing secure in-vehicle network communication and appratus for implementing the same | |
KR101780280B1 (en) | Method of providing secure odometer management by changing secret key and appratus for implementing the same | |
CN111786987B (en) | Task issuing method, device, system and equipment | |
EP2528368B1 (en) | Method, apparatus and system for obtaining traffic service by portable device | |
CN103414567A (en) | Information monitoring method and system | |
CN113783879A (en) | Carrier control method, system, carrier, equipment and medium | |
EP2602955B1 (en) | System and Method for Mounting Encrypted Data Based on Availability of a Key on a Network | |
CN114826742B (en) | Communication security system and authentication method for engineering machinery internet of things perception layer network | |
CN115001749B (en) | Equipment authorization method, device, equipment and medium | |
WO2024062811A1 (en) | Electronic control device, key verification method, key verification program, and key management system | |
US20240106638A1 (en) | Method for securely generating and distributing symmetric keys for grouping secure communications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right |