KR20170029259A - Method of providing secure odometer management by changing secret key and appratus for implementing the same - Google Patents

Method of providing secure odometer management by changing secret key and appratus for implementing the same Download PDF

Info

Publication number
KR20170029259A
KR20170029259A KR1020150126369A KR20150126369A KR20170029259A KR 20170029259 A KR20170029259 A KR 20170029259A KR 1020150126369 A KR1020150126369 A KR 1020150126369A KR 20150126369 A KR20150126369 A KR 20150126369A KR 20170029259 A KR20170029259 A KR 20170029259A
Authority
KR
South Korea
Prior art keywords
mileage
controller
secret key
key
encrypted
Prior art date
Application number
KR1020150126369A
Other languages
Korean (ko)
Other versions
KR101780280B1 (en
Inventor
안현수
정호진
조아람
김수미
이원곤
Original Assignee
현대자동차주식회사
주식회사 유라코퍼레이션
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 현대자동차주식회사, 주식회사 유라코퍼레이션 filed Critical 현대자동차주식회사
Priority to KR1020150126369A priority Critical patent/KR101780280B1/en
Publication of KR20170029259A publication Critical patent/KR20170029259A/en
Application granted granted Critical
Publication of KR101780280B1 publication Critical patent/KR101780280B1/en

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60KARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
    • B60K35/00Arrangement of adaptations of instruments
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60KARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
    • B60K37/00Dashboards
    • B60K37/02Arrangement of instruments
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R2300/00Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle
    • B60R2300/80Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle characterised by the intended use of the viewing arrangement
    • B60R2300/8073Details of viewing arrangements using cameras and displays, specially adapted for use in a vehicle characterised by the intended use of the viewing arrangement for vehicle security, e.g. parked vehicle surveillance, burglar detection

Abstract

The present invention relates to a method for managing mileage information which is more reliable and, more specifically, to a method for changing data between a controller measuring mileage and a controller storing and comparing the corresponding data by backing up, and replacing a coded/decoded secret key. The method for managing mileage information according to an embodiment of the present invention includes: a step of measuring mileage in a mileage measuring controller; a step of coding the mileage measured in the driving distance measuring controller using a first symmetry secret key; a step of transferring the coded mileage to a backup controller; a step of decoding the mileage coded in the backup controller using the first symmetry secret key; and a step of backing up the mileage decoded in the backup controller. The first symmetry secret key is generated in the backup controller, coded using an open key obtained from the mileage measuring controller, transferred to the mileage measuring controller, and decoded using a personal key matched with the open key in the mileage measuring controller.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a security key management method, and more particularly,

More particularly, the present invention relates to a method for managing distance information, more particularly, to a method for exchanging data between a controller for measuring mileage and a controller for backing up and storing the data, and a secret key for arm / And a device for performing the same.

A typical vehicle driving record security system exchanges driving record data using a secret key previously shared between a cluster controller responsible for driving record measurement and a backup controller for backing up the data. However, such a pre-shared secret key is typically recorded for the first time in production and used unchanged throughout the entire life cycle of the vehicle. Such a system provides a large amount of resources (i.e., computed values) that can be used for inverse calculation to extract a secret key to a hacker having a malicious purpose (e.g., driving data manipulation). As a result, when the running record operated by using the secret key extracted by the inverse calculation is transmitted to the backup controller, the backup controller that decrypts it has a problem that it is impossible to recognize the abnormality and thus it is possible to operate the mileage.

The present invention is intended to provide a method and apparatus for managing a running record of a vehicle more reliably.

In particular, the present invention is directed to a method and apparatus for securely replacing a secret key for encrypting a driving record.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are not restrictive of the invention, unless further departing from the spirit and scope of the invention as defined by the appended claims. It will be possible.

According to an aspect of the present invention, there is provided a vehicle including: a mileage measurement controller for measuring mileage and encrypting the measured mileage using a first secret key; And a backup controller for decrypting the encrypted mileage using the first secret key to back up the mileage. At this time, the odometer measurement controller transmits asymmetric key authentication data to the backup controller, and the backup controller generates the second symmetric secret key when the first condition is satisfied, 2 symmetric secret key and transmit it to the mileage measurement controller.

According to another aspect of the present invention, there is provided a method of managing travel distance of a vehicle, comprising: measuring a travel distance in a travel distance measurement controller; Encrypting the measured mileage using the first secret key in the mileage measurement controller; The encrypted mileage being transmitted to a backup controller; Decrypting the encrypted mileage in the backup controller using the first secret key; And backing up the decoded mileage at the backup controller. The first secret key is generated by the backup controller and then encrypted using the public key obtained from the mileage measurement controller and transmitted to the mileage measurement controller, Can be decrypted using the matching private key.

In addition, the travel distance measuring controller for a vehicle according to an embodiment of the present invention includes: a travel distance measuring module for measuring a travel distance; A mileage encrypting module for encrypting the measured mileage using a secret key shared with a backup controller and transmitting the encrypted mileage to a backup controller; An authentication information transfer module for transferring the asymmetric key authentication data to the backup controller; And a secret key decryption module that decrypts the new secret key by using a private key matched with the public key when the new secret key encrypted by the backup controller is received using the public key included in the asymmetric key authentication data, . At this time, it is preferable that the shared secret key is replaced with the new secret key when the new secret key is obtained.

In addition, the backup controller of the vehicle according to an embodiment of the present invention includes an authentication information verification module that verifies the received asymmetric key authentication data with the trusted public key upon receiving the asymmetric key authentication data from the mileage measurement controller; A secret key encryption module for generating a secret key, encrypting the secret key with a public key included in the asymmetric key authentication data, and transmitting the encrypted secret key to the mileage measurement controller; A travel distance verification module that decrypts the travel distance encrypted with the secret key when the encrypted travel distance is received from the travel distance measurement controller and verifies whether the decoded travel distance is abnormal; And a mileage storage module for backing up the decoded mileage when there is no abnormality in the mileage.

The driving record of the vehicle can be managed more safely using the secret key replacement method according to at least one embodiment of the present invention configured as described above.

In particular, the secret key can be securely exchanged by encrypting / decrypting a secret key to be shared based on the public key and the private key held by the odometer controller and the backup controller.

Also, the possibility of hacking from the outside can be cut off early by detecting an abnormality of the mileage through backup and monitoring of the mileage data using the replaced secret key, or by replacing the secret key when detecting the abnormal state of the vehicle.

The effects obtained by the present invention are not limited to the above-mentioned effects, and other effects not mentioned can be clearly understood by those skilled in the art from the following description will be.

1 shows an example of a software structure of a mileage measuring controller according to an embodiment of the present invention.
2 shows an example of a software structure of a backup controller according to an embodiment of the present invention.
3 is a flowchart illustrating an example of a travel distance information exchange and a secret key exchange process according to an embodiment of the present invention.
FIG. 4 shows an example of a procedure in which mileage information exchange and secret key exchange are performed in the mileage measurement controller according to an embodiment of the present invention.
FIG. 5 illustrates an example of a process in which a mileage information exchange and a secret key exchange are performed in a backup controller according to an embodiment of the present invention.
6 shows an example of a vehicle system in which mileage information management can be performed according to an embodiment of the present invention.
7 shows an example of a controller structure according to an embodiment of the present invention.

Hereinafter, a driving record management method and an apparatus therefor according to the present invention will be described in detail with reference to the drawings. The suffix "module" and " part "for the components used in the following description are given or mixed in consideration of ease of specification, and do not have their own meaning or role.

In an embodiment of the present invention, it is proposed that the secret key to be shared based on the individual public key and the private key held by the odometer controller and the backup controller is encrypted / decrypted to securely change the secret key. Further, it is proposed to monitor the mileage data using the replaced secret key to find out the abnormality of the mileage, or to change the secret key when detecting the abnormal state of the vehicle.

First, a software structure of a controller to be applied to an embodiment of the present invention will be described with reference to FIGS. 1 and 2. FIG.

1 shows an example of a software structure of a mileage measuring controller according to an embodiment of the present invention.

The mileage measurement controller may be a cluster controller or a separate controller that exchanges mileage information with the cluster distance controller.

1, the software structure of the mileage measuring controller 100 includes an authentication information transmitting module 110, a mileage measuring module 120, a mileage encrypting module 130, a mileage storage module 140, A key decryption module 150, authentication information 160, and a shared secret key 170.

Here, the mileage measuring module 120 measures the mileage of the vehicle, the mileage storage module 140 stores the measured mileage information, and the mileage encryption module 130 stores the measured mileage as a backup controller And encrypts the message authentication code (MAC) using the shared secret key 170.

The authentication information 160 is composed of a private key and a public key of the asymmetric key system possessed by the mileage measurement controller, related information on the mileage measurement controller, and a signature generated with a trusted private key for the public key. The authentication information transfer module 110 verifies the asymmetric key authentication information (i.e., the signature of the public key and the public key and the additional information of the measurement controller) possessed by the mileage measurement controller in order to request the backup controller to distribute the new secret key. And performs a request operation. In addition, the secret key decryption module 150 decrypts the encrypted secret key received from the backup controller with the private key of the mileage measurement controller, and extracts the secret key.

2 shows an example of a software structure of a backup controller according to an embodiment of the present invention.

The backup controller is a controller for performing backup by receiving the MAC-encrypted mileage information from the mileage measurement controller with a secret key. The controller may be a separate controller for the backup function alone or a backup controller for the additional controller .

2, the software structure of the backup controller 200 includes an authentication information verification module 210, a trusted public key 220, a public key 230 of the mileage measurement controller, a mileage verification module 240, A distance storage module 250, a secret key encryption module 260, an anomaly record 270, and a shared secret key 280.

The mileage verification module 240 verifies the encrypted mileage received from the mileage measurement controller 100 using the shared secret key 280 and evaluates whether the mileage is abnormal. If there is no abnormality in the travel distance, the travel distance storing module 250 stores the travel distance for backup. At this time, it is preferable that the mileage information is backed up to the nonvolatile memory. Meanwhile, when the verification of the authentication information of the mileage measurement controller is successful, the authentication information is stored and the public key 230 of the mileage measurement controller is stored for use in replacing the secret key in the future.

The authentication information verification module 210 performs verification using the trusted public key 220 with respect to the asymmetric key authentication information of the mileage measurement controller 100. Here, the trusted public key 220 is a public key that can decrypt the authentication signature for the authentication information of the mileage measurement controller 100. The authentication information verification module 210 determines that the mileage measurement controller 100 is a certified controller only when it is verified with the trustworthy public key, as a public key matched with the private key used in distribution of the authentication information of the mileage measurement controller.

The secret key encryption module 260 generates a new secret key when the secret key replacement condition is reached and encrypts the new secret key with the public key of the mileage measurement controller 100. At this time, only the mileage measurement controller 100 having the private key matched with the public key using the public key of the mileage measurement controller 100 can decrypt and confirm the new secret key.

The abnormality record 270 indicates a failure record stored for abnormality of the mileage measurement controller 100 due to the failure of the authentication of the backup controller 200 and / or the failure of the mileage verification, Can be used to confirm the record.

1 and 2 may be implemented as a circuit configured to perform an operation corresponding to a software module or a command corresponding thereto. It is not necessary that each component is separately configured, and a plurality of components It should be apparent to those skilled in the art that the present invention can be implemented as a single module that performs functions together.

Hereinafter, a process of each of the controllers having the above-described structure for exchanging mileage information and replacement of the secret key will be described.

3 is a flowchart illustrating an example of a travel distance information exchange and a secret key exchange process according to an embodiment of the present invention.

Referring to FIG. 3, a mileage measurement controller (hereinafter, referred to simply as a "measurement controller") has a public key and a signature for public keys for verification of a backup controller for its own public key, And transmits the asymmetric key authentication data to the backup controller (S310).

The backup controller verifies the asymmetric key authentication data of the received measurement controller using the trusted public key that is the basis of trust. If the verification is successful, the backup controller generates a new secret key, encrypts it with the public key of the previously received and verified measurement controller, and transmits it to the measurement controller (S320). If the verification fails, the backup controller may re-request asymmetric key authentication data transmission of the measurement controller after recording the error of the measurement controller.

The measurement controller receiving the new secret key encrypted with its own public key decrypts the new secret key with its own private key and then transmits the encrypted secret key to the backup controller after MAC encryption using the corresponding new secret key S330).

The backup controller that has received the encrypted mileage data verifies whether it is decrypted using the secret key distributed immediately before it, and backs up the mileage at that point of time when it is determined that the data is reliable (i.e., decryption is successful) ).

If the condition for replacing the secret key (hereinafter referred to as "first condition " for convenience) is satisfied, the backup controller generates a new secret key and distributes it to the measurement controller (S350). The first condition is that when the abnormality of the received mileage data is detected (for example, a decrease relative to the immediately preceding mileage, a decryption failure of the received data occurs) or when the received mileage data reaches a predetermined replacement reference distance , It can be regarded as satisfied.

On the other hand, if a further abnormality occurs (hereinafter referred to as "second condition" for convenience) after the distribution of the new secret key, the backup controller determines that the measurement controller has been operated and requests transmission of the asymmetric key authentication data of the measurement controller at step S360. At this time, the second condition may be a case where an abnormality of the mileage data encrypted consecutively for a predetermined number of times (for example, twice) immediately after the distribution of the new secret key is detected. If the verification of the asymmetric key authentication data of the re-received measurement controller fails again, the backup controller may finally determine that the measurement controller has been operated and record the controller error (S380).

Next, the above-described process will be described in terms of the internal operation of each controller with reference to Figs. 4 and 5. Fig.

FIG. 4 shows an example of a procedure in which mileage information exchange and secret key exchange are performed in the mileage measurement controller according to an embodiment of the present invention.

Referring to FIG. 4, if there is no secret key shared with the backup controller, the odometer measurement controller 100 transmits the asymmetric key authentication data including the authentication information to the backup controller to request the new secret key distribution (S410 ).

Upon receipt of the new secret key encrypted with the public key from the backup controller upon receipt of the request, the odometer measurement controller decrypts the new secret key using the private key (if the existing secret key is present, deletes the existing secret key) The private key is stored (S420).

Steps S410 and S420 may not be performed until the first condition is satisfied if there is a currently valid secret key (i.e., the first condition is not satisfied in FIG. 3).

When the secret key is secured (that is, when the secret key is shared), the mileage measuring controller encrypts the measured data using the secret key secured in the measurement of the mileage and transmits the encrypted data to the backup controller (S430).

FIG. 5 illustrates an example of a process in which a mileage information exchange and a secret key exchange are performed in a backup controller according to an embodiment of the present invention.

Referring to FIG. 5, the backup controller 200 performs verification using the trusted public key for the received asymmetric key authentication information, and stores the public key that has been verified for the encryption operation in the future private key encryption (S510).

Upon receipt of a request to distribute the new symmetric key from the mileage measurement controller 100 through the new asymmetric key authentication information or when the operation of the mileage measurement controller is detected through the mileage verification, the backup controller 100 generates and stores a new secret key , The generated secret key is encrypted using the public key of the verified mileage measurement controller and transmitted to the measurement controller (S520).

While the secret key is valid, the backup controller 200 decrypts the encrypted mileage data to verify the reliability of the received data, and judges and backs up the stored mileage when the reliability is confirmed and whether the mileage data is manipulated after the comparison and verification S530).

Next, the vehicle environment and the additional functions that can be performed in the present embodiment will be described with reference to FIG.

6 shows an example of a vehicle system in which mileage information management can be performed according to an embodiment of the present invention.

6, in addition to the above-described mileage measurement controller 100 and the backup controller 200, the vehicle system in which the present embodiment is performed includes another one or more other controllers 610, a gateway 620 connected to these controllers, A vehicle speed sensor 630 for measuring the speed of the vehicle, a GPS module 640 for acquiring position information of the vehicle, and the like. Of course, such a structure is provided to facilitate understanding of the present embodiment, and the actual vehicle may include fewer or more components. Also, the form of connection between each component is also illustrative, and the form and sequence of connection between the gateway and the controller may be differently configured (for example, the vehicle speed sensor is directly connected to the distance measuring controller without going through the gateway) to be.

In order to further reduce the risk of leakage of various authentication data, encrypted mileage information, encrypted secret key, and the like in the case where the specific controller is fixedly used by the backup controller 620 in the above-described vehicle system, May be considered. For example, when CAN communication is initiated via a key box operation (IGN ON) or the like, the gateway 620 designates any controller (e.g., the other controller 610) as a backup controller. At this time, the designation method generates an arbitrary random number and allocates it based on the remainder value divided by the total number N of controllers. Specifically, a backup controller may be designated according to the remaining values such as [1] EMS, [2] TCU, [3] ABS, and the designated backup controller stores the mileage information value according to the backup storage protocol described above .

On the other hand, the cluster, that is, the mileage measurement controller 100 calculates the mileage value by integrating the vehicle speed signal transmitted from the vehicle speed sensor 630. At this time, there is a possibility that the travel distance information value is changed through the vehicle speed signal hacking. Therefore, according to another aspect of the present embodiment, a method for verifying the validity of the mileage distance increase amount during a certain period (for example, one driving cycle after IGN ON, IGN OFF) is proposed. For example, the mileage can be calculated from the accumulated average running speed, the running time during the cycle and / or the cumulative average fuel mileage and the amount of fuel consumed during the cycle. When the calculated travel distance exceeds the predetermined value of the vehicle speed signal integrated value transmitted from the vehicle speed sensor 630, the corresponding travel distance value during the corresponding cycle is obtained through the travel distance information obtained from the GPS 640 CAN communication, and the mileage of the mileage measurement controller / backup controller can be restored to the mileage value received.

In addition, when the mileage value of the cluster is arbitrarily changed, the mileage changed to the backup value stored in the backup controller can be restored.

7 shows an example of a controller structure according to an embodiment of the present invention.

7, the controller according to the present embodiment includes a memory 710 for storing each module constituting the software described with reference to Figs. 1 and 2, authentication data, various keys and mileage information, a memory 710 And a CAN transceiver 730 for performing CAN communication for exchanging data with the outside via CAN communication.

More specifically, when the controller is the mileage measurement controller 100, the processor 720 causes the CAN transceiver 730 to transmit mileage information encrypted with the asymmetric key authentication data and the shared secret key to the backup controller, A new secret key encrypted with the key may be received. Also, the processor 720 may decrypt the new secret key encrypted with the public key with the private key, replace the existing secret key with the new secret key, and encrypt the mileage information with the new secret key that has been replaced.

Further, when the controller is a backup controller, the processor 720 can obtain the mileage information encrypted with the asymmetric key authentication data and the shared secret key via the CAN transceiver 730, and can transmit the new secret key encrypted with the public key. In addition, the processor 720 can verify the asymmetric key authentication information with the trusted public key, acquire the public key of the mileage measurement controller to generate and encrypt the new secret key, and decode the mileage information encrypted with the shared secret key And can be backed up in the memory 710.

According to the embodiments of the present invention described so far, the following effects can be obtained.

The reliability of the mileage data transmitted through communication can be secured by exchanging the encrypted mileage data by using a secret key that is changed not by a fixed secret key.

Further, by replacing the secret key, it becomes difficult to acquire the data necessary for the secret key inverse calculation, thereby reducing the possibility of hacking.

In addition, since the possibility of hacking is reduced, the damage caused by the sale of the used car which is operated at a low mileage can be prevented, and the operation of the arbitrary mileage can be prevented, so that the customer reliability of the vehicle brand to which the present invention is applied can be secured.

The driving record management method and the apparatus therefor are not limited to the configuration and method of the embodiments described above but the embodiments can be applied to all or some of the embodiments so that various modifications can be made. Or may be selectively combined.

Claims (22)

An odometer measuring controller for measuring an odometer and encrypting the measured odometer using a first symmetric secret key; And
And a backup controller for decrypting the encrypted mileage using the first symmetric secret key to back up the mileage,
The mileage measurement controller includes:
Asymmetric key authentication data to the backup controller,
The backup controller comprising:
Generates a second symmetric secret key if the first condition is satisfied, and encrypts the second symmetric secret key using the asymmetric key authentication data and delivers it to the mileage measurement controller. The method according to claim 1,
The asymmetric key authentication data includes:
A public key of the mileage measurement controller, a signature of the public key, and additional information of the mileage measurement controller,
The backup controller comprising:
And verifies the asymmetric key authentication data using a trusted public key. 3. The method of claim 2,
The backup controller comprising:
If verification of the asymmetric key authentication data is successful,
And encrypts the second symmetric secret key using a public key included in the asymmetric key authentication data. 3. The method of claim 2,
The mileage measurement controller includes:
Encrypting the encrypted second symmetric secret key,
Using the private key matched with the public key. The method according to claim 1,
The first condition is that,
When the decoded mileage is found to be an error, decryption of the encrypted mileage has failed, and when the decoded mileage has reached a predetermined replacement reference distance. The method according to claim 1,
The backup controller comprising:
And requests the odometer measurement controller to re-request the asymmetric key authentication data when the second condition is satisfied. The method according to claim 6,
The second condition is that,
And when the backup controller transmits the second symmetric secret key to the mileage measurement controller, the encrypted mileage received from the mileage measurement controller is detected more than a predetermined number of times. The method according to claim 1,
Further comprising a gateway coupled to the mileage measurement controller and the backup controller,
The gateway comprises:
And designates the backup controller to any one of the controllers connected thereto according to a predetermined rule. 9. The method of claim 8,
The gateway comprises:
And designates the backup controller using a remainder obtained by dividing an arbitrary random number by the number of controllers connected thereto. The method according to claim 1,
The backup controller comprising:
Wherein the controller determines an abnormality in the decoded mileage using at least one of an average running speed and running time during a running cycle from when the engine is turned on to when the engine is turned off and an average fuel consumption and consumed fuel amount during the running cycle. Measuring an odometer in the odometer measuring controller;
Encrypting the measured mileage using the first symmetric secret key in the mileage measurement controller;
The encrypted mileage being transmitted to a backup controller;
Decrypting the encrypted travel distance by the backup controller using the first symmetric secret key; And
Backing up the decoded mileage at the backup controller,
Wherein the first symmetric secret key comprises:
The control information is generated by the backup controller, encrypted using the public key obtained from the mileage measurement controller, transmitted to the mileage measurement controller,
And decrypting the mileage using the private key matched with the public key in the mileage measurement controller. 12. The method of claim 11,
The asymmetric key authentication data including the public key, the signature for the public key, and additional information of the mileage measurement controller is transmitted from the mileage measurement controller to the backup controller; And
Further comprising verifying the asymmetric key authentication data using a trusted public key in the backup controller. 12. The method of claim 11,
Generating a second symmetric secret key at the backup controller if the first condition is satisfied; And
Encrypting the second symmetric secret key using the public key at the backup controller;
Further comprising the step of the encrypted second symmetric secret key being delivered to the mileage measurement controller at the backup controller. 14. The method of claim 13,
Decrypting the encrypted second symmetric secret key using the private key in the mileage measurement controller; And
And replacing the first symmetric secret key with the second symmetric secret key. 14. The method of claim 13,
Wherein the first condition is that, in the backup controller,
And a deciding step of deciding whether or not the decoded mileage has reached a predetermined replacement reference distance in the case where an abnormality is found in the decoded mileage, Way. 13. The method of claim 12,
Further comprising, in the backup controller, re-requesting the asymmetric key authentication data to the mileage measurement controller if the second condition is satisfied. 17. The method of claim 16,
The second condition is that,
And a case in which the backup controller transmits the second symmetric secret key to the mileage measuring controller and then detects an encrypted traveling distance received from the mileage measuring controller at least a predetermined number of times . An odometer measuring module for measuring the odometer;
A mileage encrypting module for encrypting the measured mileage using a symmetric secret key shared with a backup controller and transmitting the encrypted mileage to a backup controller;
An authentication information transfer module for transferring the asymmetric key authentication data to the backup controller; And
And a secret key decryption module that decrypts the new symmetric secret key by using a private key matched with the public key if the new symmetric secret key encrypted by the backup controller is received from the public key included in the asymmetric key authentication data,
Wherein the shared secret key is replaced with the new symmetric secret key when the new symmetric secret key is obtained. An authentication information verification module that receives the asymmetric key authentication data from the mileage measurement controller and verifies the received asymmetric key authentication data with a trusted public key;
A secret key encryption module for generating a symmetric secret key, encrypting the encrypted secret key with a public key included in the asymmetric key authentication data, and transmitting the encrypted secret key to the mileage measurement controller;
A mileage verification module for decrypting the mileage encrypted with the symmetric secret key when the encrypted mileage is received from the mileage measurement controller and verifying whether the decoded mileage is abnormal; And
And a mileage storage module for backing up the decoded mileage when there is no abnormality in the decoded mileage. 20. The method of claim 19,
When an error is found in the decoded mileage, when decryption of the encrypted mileage fails, and when the decoded mileage reaches a preset replacement distance,
The secret key encryption module includes:
Generates a new symmetric secret key, encrypts it with the public key, and forwards it to the mileage measurement controller. 21. The method of claim 20,
When the generated new symmetric secret key is transmitted to the odometer measurement controller, and the encrypted mileage received from the odometer measurement controller is detected more than a predetermined number of times,
The authentication information verification module includes:
And requests the mileage measurement controller to re-request the asymmetric key authentication data. A computer-readable recording medium on which a program for executing a travel distance management method for a vehicle according to any one of claims 11 to 17 is recorded.
KR1020150126369A 2015-09-07 2015-09-07 Method of providing secure odometer management by changing secret key and appratus for implementing the same KR101780280B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150126369A KR101780280B1 (en) 2015-09-07 2015-09-07 Method of providing secure odometer management by changing secret key and appratus for implementing the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150126369A KR101780280B1 (en) 2015-09-07 2015-09-07 Method of providing secure odometer management by changing secret key and appratus for implementing the same

Publications (2)

Publication Number Publication Date
KR20170029259A true KR20170029259A (en) 2017-03-15
KR101780280B1 KR101780280B1 (en) 2017-09-21

Family

ID=58403075

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150126369A KR101780280B1 (en) 2015-09-07 2015-09-07 Method of providing secure odometer management by changing secret key and appratus for implementing the same

Country Status (1)

Country Link
KR (1) KR101780280B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112277844A (en) * 2020-09-29 2021-01-29 北汽福田汽车股份有限公司 Mileage backup method and device and vehicle
CN117118613A (en) * 2023-10-18 2023-11-24 湖北芯擎科技有限公司 Whole vehicle instrument data security protection method, equipment and readable storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007085007A (en) * 2005-09-20 2007-04-05 Auto Network Gijutsu Kenkyusho:Kk Vehicle communication lock system, vehicle, slave machine and master machine of vehicle communication lock system
JP2009005146A (en) * 2007-06-22 2009-01-08 Panasonic Corp Data transmitter
JP2013057995A (en) * 2011-09-07 2013-03-28 Ntt Data Corp Information disclosure system, information disclosure server, driving user terminal, and information disclosure method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112277844A (en) * 2020-09-29 2021-01-29 北汽福田汽车股份有限公司 Mileage backup method and device and vehicle
CN117118613A (en) * 2023-10-18 2023-11-24 湖北芯擎科技有限公司 Whole vehicle instrument data security protection method, equipment and readable storage medium
CN117118613B (en) * 2023-10-18 2024-01-02 湖北芯擎科技有限公司 Whole vehicle instrument data security protection method, equipment and readable storage medium

Also Published As

Publication number Publication date
KR101780280B1 (en) 2017-09-21

Similar Documents

Publication Publication Date Title
US10999078B2 (en) Software distribution processing device, software distribution processing method, and vehicle
CN109076078B (en) Method for establishing and updating a key for secure on-board network communication
US10419220B2 (en) Management device, key generating device, vehicle, maintenance tool, management system, management method, and computer program
US11212087B2 (en) Management system, key generation device, in-vehicle computer, management method, and computer program
KR101838511B1 (en) Method of providing security for controller using encryption and appratus for implementing the same
CN110708388B (en) Vehicle body safety anchor node device, method and network system for providing safety service
US10673621B2 (en) Management device, vehicle, management method, and computer program
US9998476B2 (en) Data distribution apparatus, communication system, moving object, and data distribution method
JP2010011400A (en) Cipher communication system of common key system
JP5772692B2 (en) In-vehicle control device authentication system and in-vehicle control device authentication method
JP2013138304A (en) Security system and key data operation method
JP6625293B2 (en) Key management device and communication equipment
CN111614608A (en) Hybrid cryptographic system and method for encrypting data
CN111130750A (en) Vehicle CAN safety communication method and system
KR102569893B1 (en) Method of providing secure in-vehicle network communication and appratus for implementing the same
KR101780280B1 (en) Method of providing secure odometer management by changing secret key and appratus for implementing the same
CN111786987B (en) Task issuing method, device, system and equipment
EP2528368B1 (en) Method, apparatus and system for obtaining traffic service by portable device
CN103414567A (en) Information monitoring method and system
CN113783879A (en) Carrier control method, system, carrier, equipment and medium
EP2602955B1 (en) System and Method for Mounting Encrypted Data Based on Availability of a Key on a Network
CN114826742B (en) Communication security system and authentication method for engineering machinery internet of things perception layer network
CN115001749B (en) Equipment authorization method, device, equipment and medium
WO2024062811A1 (en) Electronic control device, key verification method, key verification program, and key management system
US20240106638A1 (en) Method for securely generating and distributing symmetric keys for grouping secure communications

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right