CN105721149A - Internet of vehicles system session key generation method and vehicular terminal and ECU binding method - Google Patents
Internet of vehicles system session key generation method and vehicular terminal and ECU binding method Download PDFInfo
- Publication number
- CN105721149A CN105721149A CN201610262661.0A CN201610262661A CN105721149A CN 105721149 A CN105721149 A CN 105721149A CN 201610262661 A CN201610262661 A CN 201610262661A CN 105721149 A CN105721149 A CN 105721149A
- Authority
- CN
- China
- Prior art keywords
- key
- car
- ecu
- mounted terminal
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an Internet of vehicles system session key generation method. The method comprises that an Internet of vehicles platform receives key request information sent by a vehicular terminal, wherein the key request information at least comprises identifier information of the vehicular terminal; an original terminal key is generated according to the identifier information of the vehicular terminal; and a session key is generated through a root key and the original terminal key. According to the method provided by the invention, the session key is generated at the side of the Internet of vehicles platform and is not generated by the vehicular terminal; the security is relatively high; and the generation mode is simple and rapid. The invention also provides a vehicular terminal and ECU binding method, a method for preventing the vehicular terminal from being disassembled or replaced, the Internet of vehicles platform and the Internet of vehicles system. When the vehicular terminal is disassembled or replaced privately, key negotiation is failed, a full vehicle ECU issues an automatic vehicle locking instruction, and the vehicular terminal is prevented from being disassembled or replaced.
Description
Technical field
The present invention relates to onboard system technical field, particularly relate to the method that the method for a kind of car networked system session key generation, car-mounted terminal and ECU bind, the method, car networked platforms and the car networked system that prevent car-mounted terminal to be removed or change.
Background technology
Along with the development of science and technology, car networked system becomes the main development direction of following motor vehicles network.Car networked system utilizes wireless sensor networks, network technology, computing technique, control technology, intellectual technology, safe practice that road and traffic are carried out complete perception, achieve between multiple system on a large scale, Large Volume Data mutual, for set up a kind of real-time, accurately, efficiently, the transportation integrated management of safety and control system provide technical support.
Engineering machinery is many to be bought in the way of mortgage, and car-mounted terminal, in order to safeguard the interests of oneself, can be installed in engineering machinery by bank or manufacturer.Engineering machinery can be positioned by this car-mounted terminal, when user does not repay mortgage loan by agreement, the department that bank or manufacturer etc. have permission can remotely send an instruction, namely the electromotor of engineering machinery is controlled by car-mounted terminal, it is made to stop working, not allow to be again started up, to promote user to act up to an agreement by agreement or contract.
But, the car-mounted terminal that some users can privately remove when not having repaying ability or more renew.The method Information Security of the anti-dismounting of existing car-mounted terminal is relatively low, it is impossible to effectively prevent car-mounted terminal to be removed or change.
Summary of the invention
Method, car networked platforms and the car networked system it is an object of the invention to provide a kind of method of method, car-mounted terminal and ECU binding that car networked system session key generates, preventing car-mounted terminal to be removed or changing, it is relatively low that purpose is in that to solve the method Information Security that in prior art, car networked system session key generates, it is impossible to effectively prevents the problem that car-mounted terminal is removed or changed by user privately.
For solving above-mentioned technical problem, the present invention provides a kind of method that car networked system session key generates, including:
Car networked platforms receives the cipher key request information that car-mounted terminal sends, and described cipher key request information at least includes the identification information of described car-mounted terminal;
Identification information according to described car-mounted terminal generates original terminal key;
By root key and described original terminal key, generate session key.
Alternatively, the described identification information generation original terminal key according to described car-mounted terminal includes:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';
The ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
Alternatively, described by root key and described original terminal key, generate session key and include:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, the highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and generates described session key.
A kind of method that present invention also offers car-mounted terminal and ECU binding, including:
Sending the session key that the method adopting any of the above-described kind of car networked system session key to generate generates to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
Obtain the identification information of ECU;
The identification information of the described ECU got is compared with the ECU identification information prestored;
If consistent, it is verified, described first interim conversation key is sent and is stored as the second interim conversation key to described ECU, described ECU, complete the binding of described car-mounted terminal and described ECU, if checking is not passed through, then Bind Failed.
Present invention also offers a kind of method preventing car-mounted terminal to be removed or changing, including:
Above-mentioned car-mounted terminal is adopted to be bound with ECU by car-mounted terminal with the ECU method bound in advance;
Described ECU receives the instruction carrying out powering on, and generates random number, and generates the second session key according to described random number and the second interim conversation key computing;
Described random number is sent to described car-mounted terminal by described ECU, and receives the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;
When the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
Present invention also offers a kind of car networked platforms, including:
Cipher key request information receiver module, for receiving the cipher key request information that car-mounted terminal sends, described cipher key request information at least includes the identification information of described car-mounted terminal;
Original terminal key production module, generates original terminal key for the identification information according to described car-mounted terminal;
Session secret key generating module, for by root key and described original terminal key, generating session key.
Alternatively, described original terminal key production module specifically for:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';The ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
Alternatively, described session secret key generating module specifically for:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, the highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and generates described session key.
Alternatively, also include:
Interim conversation key sending module, for sending session key to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
ECU identification information acquisition module, for obtaining the identification information of ECU;
Comparison module, for comparing the identification information of the described ECU got with the ECU identification information prestored;
Authentication module, for passing through when the identification information of described ECU is consistent with the ECU identification information prestored to verify, by car-mounted terminal, described first interim conversation key is sent to described ECU, described ECU is stored as the second interim conversation key, complete the binding of described car-mounted terminal and described ECU, when the identification information of described ECU is inconsistent with the ECU identification information prestored not by verifying, Bind Failed.
Present invention also offers a kind of car networked system, including: car-mounted terminal, ECU and any of the above-described kind of car networked platforms;
Wherein, described car networked platforms is for binding described ECU with described car-mounted terminal;
Described ECU, for receiving the instruction carrying out powering on, generates random number, generates the second session key according to the second interim conversation key computing of described random number Yu storage;And described random number is sent to described car-mounted terminal, receive the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;When the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
The method that car networked system session key provided by the present invention generates, car networked platforms receives the cipher key request information that car-mounted terminal sends, and generates original terminal key according to the identification information in cipher key request information;By root key and original terminal key, generate session key.The method that car networked system session key provided by the present invention generates, session key generates at car networked platforms end, rather than is generated by car-mounted terminal, and safety is higher, and generating mode simple and fast.
Additionally, present invention also offers a kind of method that car-mounted terminal is bound, the method, car networked platforms and the car networked system that prevent car-mounted terminal to be removed or change with ECU.Adopt the method that car networked system session key provided by the present invention generates, it is possible to when car-mounted terminal first time is installed on vehicle, it will words key passes to ECU, completes the binding of terminal and ECU.When key powers on every time afterwards, ECU and car-mounted terminal use session key agreement to go out final session key.After car-mounted terminal is privately removed or changed, key agreement failure, ECU issues automatic car locking instruction, reaches the purpose preventing car-mounted terminal to be removed or changing.
Accompanying drawing explanation
Technical scheme for the clearer explanation embodiment of the present invention or prior art, the accompanying drawing used required in embodiment or description of the prior art will be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the premise not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the flow chart of a kind of detailed description of the invention of the method that car networked system session key provided by the present invention generates;
Fig. 2 is the flow chart of car-mounted terminal provided by the present invention and a kind of detailed description of the invention of the method for ECU binding;
Fig. 3 is the flow chart of a kind of detailed description of the invention of the method preventing car-mounted terminal to be removed or changing provided by the present invention;
A kind of structured flowchart of the detailed description of the invention of the car networked platforms that Fig. 4 provides for the embodiment of the present invention;
Fig. 5 is the structured flowchart of the another kind of detailed description of the invention of car networked platforms provided by the present invention;
Fig. 6 is the workflow diagram of car networked system provided by the present invention.
Detailed description of the invention
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with the drawings and specific embodiments, the present invention is described in further detail.Obviously, described embodiment is only a part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under not making creative work premise, broadly fall into the scope of protection of the invention.
The flow chart of a kind of detailed description of the invention of the method that car networked system session key provided by the present invention generates is as it is shown in figure 1, the method includes:
Step S101: car networked platforms receives the cipher key request information that car-mounted terminal sends, and described cipher key request information at least includes the identification information of described car-mounted terminal;
Step S102: generate original terminal key according to the identification information of described car-mounted terminal;
Step S103: by root key and described original terminal key, generates session key.
The method that car networked system session key provided by the present invention generates, car networked platforms receives the cipher key request information that car-mounted terminal sends, and generates original terminal key according to the identification information in cipher key request information;By root key and original terminal key, generate session key.The method that car networked system session key provided by the present invention generates, session key generates at car networked platforms end, rather than is generated by car-mounted terminal, and safety is higher, and generating mode simple and fast.
On the basis of a upper embodiment, in the method that car networked system session key provided by the present invention generates, step S102 according to the identification information of described car-mounted terminal generate original terminal key process can particularly as follows:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';
The ASCII character span of the 1st character in identification information is 65-80, the ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
Further, step S103 pass through root key and described original terminal key, generate session key process can particularly as follows:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, that is: start using lowest byte as the 1st byte, the new value of the 2nd byte is this byte initial value XOR the 1st byte, and the new value of the 3rd byte is newly worth for this byte initial value XOR the 2nd byte;The highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and generates described session key.It should be noted that root key is regular coding, it is basis and the guarantee of key code system safety.Specifically can produce one group of random number by encryption device, and using random number as root key.It is, of course, also possible to the method generated for other root keys, this does not all affect the realization of the present invention.
On the basis of any of the above-described embodiment, a kind of method that present invention also offers car-mounted terminal and ECU binding, car-mounted terminal as provided by the present invention in Fig. 2 is with shown in the flow chart of a kind of detailed description of the invention of the method for ECU binding, and the method includes:
Step S201: sending the session key that the method adopting car networked system session key to generate generates to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
Step S202: obtain the identification information of ECU;
Step S203: the identification information of the described ECU got is compared with the ECU identification information prestored;
Step S204: if consistent, be verified, sends described first interim conversation key and is stored as the second interim conversation key to described ECU, described ECU, complete the binding of described car-mounted terminal and described ECU, if checking is not passed through, then and Bind Failed.
The car-mounted terminal provided by the present embodiment and the method for ECU binding, when car-mounted terminal first time is installed on vehicle, bound this car-mounted terminal with ECU.When key powers on every time afterwards, ECU and car-mounted terminal use session key agreement to go out final session key, it is ensured that safety, certification and the unique match that the data between car-mounted terminal and ECU are transmitted.
The flow chart of a kind of detailed description of the invention of the method preventing car-mounted terminal to be removed or changing provided by the present invention is as it is shown on figure 3, the method includes:
Step S301: adopt car-mounted terminal to be bound with ECU by car-mounted terminal with the ECU method bound in advance;
Step S302: described ECU receives the instruction carrying out powering on, and generates random number, and generates the second session key according to described random number and the second interim conversation key computing;
Described random number is sent to described car-mounted terminal by step S303: described ECU, and receives the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;
Step S304: when the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
Visible, adopt the method that car networked system session key provided by the present invention generates, it is possible to when car-mounted terminal first time is installed on vehicle, it will words key passes to car load ECU, completes the binding of terminal and ECU.When key powers on every time afterwards, ECU and car-mounted terminal use session key agreement to go out final session key.After car-mounted terminal is privately removed or changed, key agreement failure, car load ECU issues automatic car locking instruction, reaches the purpose preventing car-mounted terminal to be removed or changing.
The application can apply to, in car networking financial credit business, by binding between car-mounted terminal and car load ECU, have the function preventing car-mounted terminal to be removed or changing.The user bad for credit can carry out long-range car locking operation.
The car the networked platforms below embodiment of the present invention provided is introduced, and the structured flowchart of a kind of detailed description of the invention of the car networked platforms that Fig. 4 provides for the embodiment of the present invention can specifically include with reference to Fig. 4 car networked platforms:
Cipher key request information receiver module 100, for receiving the cipher key request information that car-mounted terminal sends, described cipher key request information at least includes the identification information of described car-mounted terminal;
Original terminal key production module 200, generates original terminal key for the identification information according to described car-mounted terminal;
Session secret key generating module 300, for by root key and described original terminal key, generating session key.
Alternatively, in car networked platforms provided by the present invention, original terminal key production module 200 can be specifically for:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';The ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
Alternatively, in car networked platforms provided by the present invention, session secret key generating module 300 can be specifically for:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, the highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and derives described session key.
Car networked platforms provided by the present invention, by receiving the cipher key request information that car-mounted terminal sends, generates original terminal key according to the identification information in cipher key request information;By root key and original terminal key, generate session key.Method provided by the present invention, session key generates at car networked platforms end, rather than is generated by car-mounted terminal, and safety is higher, and generating mode simple and fast.
On the basis of any of the above-described embodiment, car-mounted terminal can also be bound by car networked platforms provided by the present invention further with ECU, shown in the structured flowchart of the another kind of detailed description of the invention of car networked platforms as provided by the present invention in Fig. 5, it specifically includes:
Interim conversation key sending module 400, for sending session key to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
ECU identification information acquisition module 500, for obtaining the identification information of ECU;
Comparison module 600, for comparing the identification information of the described ECU got with the ECU identification information prestored;
Authentication module 700, for passing through when the identification information of described ECU is consistent with the ECU identification information prestored to verify, by car-mounted terminal, described first interim conversation key is sent to described ECU, described ECU is stored as the second interim conversation key, complete the binding of described car-mounted terminal and described ECU, when the identification information of described ECU is inconsistent with the ECU identification information prestored not by verifying, Bind Failed.
Additionally, present invention also offers a kind of car networked system, including car-mounted terminal, ECU and any of the above-described kind of car networked platforms;
Wherein, described car networked platforms is for binding described ECU with described car-mounted terminal;
Described ECU, for receiving the instruction carrying out powering on, generates random number, generates the second session key according to the second interim conversation key computing of described random number Yu storage;And described random number is sent to described car-mounted terminal, receive the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;When the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
For ease of understanding, refer to the workflow diagram of Fig. 6 car networked system provided by the present invention, below the workflow of car networked system is further elaborated on.It specifically includes:
Step S401: car-mounted terminal sends cipher key request information to car networked platforms;
Step S402: car networked platforms generates original terminal key, and generates session key;Session key is sent to car-mounted terminal, and car-mounted terminal is stored as the first interim conversation key;
Step S403: car-mounted terminal obtains the ECU ECU identification information sent, and is sent to car networked platforms and is verified;The ECU identification information that the ECU identification information of acquisition and car networked platforms prestore is compared by car networked platforms, is unanimously then verified;
Step S404: after being proved to be successful, the first interim conversation key is sent to ECU, ECU and is stored as the second interim conversation key by car-mounted terminal, thus completing the binding of car-mounted terminal and ECU, verifies unsuccessful, is then not fully complete binding;
Step S405: when key powers on every time, ECU generates random number and generates the second session key according to random number and the second interim conversation key computing;
Random number is sent to car-mounted terminal by step S406:ECU, and car-mounted terminal generates the first session key according to random number and the first interim conversation key computing, and is sent to ECU;
Step S407: if the first session key that ECU does not receive the first session key or ECU receives and the second session key are inconsistent, then send car locking instruction.
Car networked system provided by the present invention, when car-mounted terminal first time is installed on vehicle, it will words key passes to car load ECU, completes the binding of terminal and ECU.When key powers on every time afterwards, ECU and car-mounted terminal use session key agreement to go out final session key.After car-mounted terminal is privately removed or changed, key agreement failure, car load ECU issues automatic car locking instruction, reaches the purpose preventing car-mounted terminal to be removed or changing.
In this specification, each embodiment adopts the mode gone forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment same or similar part mutually referring to.For device disclosed in embodiment, owing to it corresponds to the method disclosed in Example, so what describe is fairly simple, relevant part illustrates referring to method part.
Professional further appreciates that, the unit of each example described in conjunction with the embodiments described herein and algorithm steps, can with electronic hardware, computer software or the two be implemented in combination in, in order to clearly demonstrate the interchangeability of hardware and software, generally describe composition and the step of each example in the above description according to function.These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel specifically can should be used for using different methods to realize described function to each, but this realization is it is not considered that beyond the scope of this invention.
The method described in conjunction with the embodiments described herein or the step of algorithm can directly use the software module that hardware, processor perform, or the combination of the two is implemented.Software module can be placed in any other form of storage medium known in random access memory (RAM), internal memory, read only memory (ROM), electrically programmable ROM, electrically erasable ROM, depositor, hard disk, moveable magnetic disc, CD-ROM or technical field.
Method that the method that above car networked system session key provided by the present invention generated, car-mounted terminal and ECU bind, car-mounted terminal is prevented to be removed or method, car networked platforms and the car networked system changed are described in detail.Principles of the invention and embodiment are set forth by specific case used herein, and the explanation of above example is only intended to help to understand method and the core concept thereof of the present invention.It should be pointed out that, for those skilled in the art, under the premise without departing from the principles of the invention, it is also possible to the present invention carries out some improvement and modification, these improve and modify in the protection domain also falling into the claims in the present invention.
Claims (10)
1. the method that a car networked system session key generates, it is characterised in that including:
Car networked platforms receives the cipher key request information that car-mounted terminal sends, and described cipher key request information at least includes the identification information of described car-mounted terminal;
Identification information according to described car-mounted terminal generates original terminal key;
By root key and described original terminal key, generate session key.
2. the method that car networked system session key as claimed in claim 1 generates, it is characterised in that the described identification information according to described car-mounted terminal generates original terminal key and includes:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';
The ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
3. the method that car networked system session key as claimed in claim 2 generates, it is characterised in that described by root key and described original terminal key, generates session key and includes:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, the highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and generates described session key.
4. a car-mounted terminal and the ECU method bound, it is characterised in that including:
Sending the session key that the method that the car networked system session key adopted as described in any one of claims 1 to 3 generates generates to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
Obtain the identification information of ECU;
The identification information of the described ECU got is compared with the ECU identification information prestored;
If consistent, it is verified, described first interim conversation key is sent and is stored as the second interim conversation key to described ECU, described ECU, complete the binding of described car-mounted terminal and described ECU, if checking is not passed through, then Bind Failed.
5. the method preventing car-mounted terminal to be removed or to change, it is characterised in that including:
Car-mounted terminal as claimed in claim 4 is adopted to be bound with ECU by car-mounted terminal with the ECU method bound in advance;
Described ECU receives the instruction carrying out powering on, and generates random number, and generates the second session key according to described random number and the second interim conversation key computing;
Described random number is sent to described car-mounted terminal by described ECU, and receives the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;
When the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
6. a car networked platforms, it is characterised in that including:
Cipher key request information receiver module, for receiving the cipher key request information that car-mounted terminal sends, described cipher key request information at least includes the identification information of described car-mounted terminal;
Original terminal key production module, generates original terminal key for the identification information according to described car-mounted terminal;
Session secret key generating module, for by root key and described original terminal key, generating session key.
7. car networked platforms as claimed in claim 6, it is characterised in that described original terminal key production module specifically for:
The identification information of described car-mounted terminal is defined as 7 characters, and wherein, the 1st character is capitalization, and span is: ' A '-' P ';The 2-7 character is numeral, and the span of the 2nd character: ' 1 '-' 9 ', the span of 3-7 character is ' 0 '-' 9 ';The ASCII character value of the 1st character is deducted 65, as the highest order of described original terminal key, low 6 directly as described original terminal key of all the other 6 numerical characters, generate described original terminal key.
8. car networked platforms as claimed in claim 7, it is characterised in that described session secret key generating module specifically for:
Described original terminal key is carried out XOR as 4 byte integer numerical value and described root key, gained 4 byte integer numerical value carries out byte-by-byte XOR process with byte array form again, the highest byte of the integer numerical value obtained after being processed by byte-by-byte XOR resets, and generates described session key.
9. the car networked platforms as described in any one of claim 6 to 8, it is characterised in that also include:
Interim conversation key sending module, for sending session key to car-mounted terminal, described car-mounted terminal is stored as the first interim conversation key;
ECU identification information acquisition module, for obtaining the identification information of ECU;
Comparison module, for comparing the identification information of the described ECU got with the ECU identification information prestored;
Authentication module, for passing through when the identification information of described ECU is consistent with the ECU identification information prestored to verify, by car-mounted terminal, described first interim conversation key is sent to described ECU, described ECU is stored as the second interim conversation key, complete the binding of described car-mounted terminal and described ECU, when the identification information of described ECU is inconsistent with the ECU identification information prestored not by verifying, Bind Failed.
10. a car networked system, it is characterised in that including: car-mounted terminal, ECU and car networked platforms as claimed in claim 9;
Wherein, described car networked platforms is for binding described ECU with described car-mounted terminal;
Described ECU, for receiving the instruction carrying out powering on, generates random number, generates the second session key according to the second interim conversation key computing of described random number Yu storage;And described random number is sent to described car-mounted terminal, receive the first session key that described car-mounted terminal generates according to described random number and the first interim conversation key computing;When the first session key that described ECU does not receive the first session key or described ECU receives and described second session key are inconsistent, generate car locking instruction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610262661.0A CN105721149B (en) | 2016-04-25 | 2016-04-25 | A kind of car networking system session key generates and the method for car-mounted terminal and ECU binding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610262661.0A CN105721149B (en) | 2016-04-25 | 2016-04-25 | A kind of car networking system session key generates and the method for car-mounted terminal and ECU binding |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105721149A true CN105721149A (en) | 2016-06-29 |
| CN105721149B CN105721149B (en) | 2019-02-26 |
Family
ID=56162298
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610262661.0A Active CN105721149B (en) | 2016-04-25 | 2016-04-25 | A kind of car networking system session key generates and the method for car-mounted terminal and ECU binding |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105721149B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106184072A (en) * | 2016-07-19 | 2016-12-07 | 成都安程通科技有限公司 | automobile ECU information monitoring system based on mobile terminal |
| CN106230583A (en) * | 2016-07-19 | 2016-12-14 | 成都安程通科技有限公司 | Automobile ecu information monitoring system |
| CN107833321A (en) * | 2017-11-01 | 2018-03-23 | 潍柴动力股份有限公司 | A kind of apparatus bound, unbind method, vehicle locking method and relevant device |
| CN107914665A (en) * | 2017-11-13 | 2018-04-17 | 南京汽车集团有限公司 | A kind of vehicle remote security remote-control system and remote control thereof |
| CN107943012A (en) * | 2018-01-17 | 2018-04-20 | 江苏徐工信息技术股份有限公司 | A kind of equipment safety control method electrically bundled based on multi-part |
| CN108664012A (en) * | 2018-06-07 | 2018-10-16 | 北京新能源汽车股份有限公司 | Detection method, device and equipment for controller of electric power steering system |
| CN111935317A (en) * | 2020-09-27 | 2020-11-13 | 恒大新能源汽车投资控股集团有限公司 | Vehicle information verification method and device and computer-readable storage medium |
| CN113453223A (en) * | 2021-06-07 | 2021-09-28 | 北京聚利科技有限公司 | Key updating method, system, device, storage medium and terminal |
| CN113452517A (en) * | 2021-06-07 | 2021-09-28 | 北京聚利科技有限公司 | Key updating method, device, system, storage medium and terminal |
| CN113895222A (en) * | 2020-06-22 | 2022-01-07 | 陕西天行健车联网信息技术有限公司 | Heavy truck locking verification method based on MD5 algorithm |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040019787A1 (en) * | 2002-06-28 | 2004-01-29 | Norimasa Shibata | Method and system for authenticating communication terminals |
| CN101159556A (en) * | 2007-11-09 | 2008-04-09 | 清华大学 | Group key server based key management method in sharing encryption file system |
| CN101739736A (en) * | 2009-12-09 | 2010-06-16 | 北汽福田汽车股份有限公司 | Vehicle which can be monitored remotely |
| JP2011228777A (en) * | 2010-04-15 | 2011-11-10 | Mitsubishi Electric Corp | Key generating device, data providing device, terminal device, and program |
| CN104219309A (en) * | 2014-09-04 | 2014-12-17 | 江苏大学 | Certificate-based vehicle identification method for use in internet of vehicles |
| CN105245406A (en) * | 2015-11-02 | 2016-01-13 | 厦门雅迅网络股份有限公司 | Method for preventing in-car terminal from being detached |
-
2016
- 2016-04-25 CN CN201610262661.0A patent/CN105721149B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040019787A1 (en) * | 2002-06-28 | 2004-01-29 | Norimasa Shibata | Method and system for authenticating communication terminals |
| CN101159556A (en) * | 2007-11-09 | 2008-04-09 | 清华大学 | Group key server based key management method in sharing encryption file system |
| CN101739736A (en) * | 2009-12-09 | 2010-06-16 | 北汽福田汽车股份有限公司 | Vehicle which can be monitored remotely |
| JP2011228777A (en) * | 2010-04-15 | 2011-11-10 | Mitsubishi Electric Corp | Key generating device, data providing device, terminal device, and program |
| CN104219309A (en) * | 2014-09-04 | 2014-12-17 | 江苏大学 | Certificate-based vehicle identification method for use in internet of vehicles |
| CN105245406A (en) * | 2015-11-02 | 2016-01-13 | 厦门雅迅网络股份有限公司 | Method for preventing in-car terminal from being detached |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106184072A (en) * | 2016-07-19 | 2016-12-07 | 成都安程通科技有限公司 | automobile ECU information monitoring system based on mobile terminal |
| CN106230583A (en) * | 2016-07-19 | 2016-12-14 | 成都安程通科技有限公司 | Automobile ecu information monitoring system |
| CN107833321A (en) * | 2017-11-01 | 2018-03-23 | 潍柴动力股份有限公司 | A kind of apparatus bound, unbind method, vehicle locking method and relevant device |
| CN107914665A (en) * | 2017-11-13 | 2018-04-17 | 南京汽车集团有限公司 | A kind of vehicle remote security remote-control system and remote control thereof |
| CN107943012A (en) * | 2018-01-17 | 2018-04-20 | 江苏徐工信息技术股份有限公司 | A kind of equipment safety control method electrically bundled based on multi-part |
| CN107943012B (en) * | 2018-01-17 | 2020-01-24 | 江苏徐工信息技术股份有限公司 | Equipment safety control method based on multi-component electrical binding |
| CN108664012A (en) * | 2018-06-07 | 2018-10-16 | 北京新能源汽车股份有限公司 | Detection method, device and equipment for controller of electric power steering system |
| CN113895222A (en) * | 2020-06-22 | 2022-01-07 | 陕西天行健车联网信息技术有限公司 | Heavy truck locking verification method based on MD5 algorithm |
| CN111935317A (en) * | 2020-09-27 | 2020-11-13 | 恒大新能源汽车投资控股集团有限公司 | Vehicle information verification method and device and computer-readable storage medium |
| CN113453223A (en) * | 2021-06-07 | 2021-09-28 | 北京聚利科技有限公司 | Key updating method, system, device, storage medium and terminal |
| CN113452517A (en) * | 2021-06-07 | 2021-09-28 | 北京聚利科技有限公司 | Key updating method, device, system, storage medium and terminal |
| CN113453223B (en) * | 2021-06-07 | 2023-04-07 | 北京聚利科技有限公司 | Key updating method, system, device, storage medium and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105721149B (en) | 2019-02-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105721149A (en) | Internet of vehicles system session key generation method and vehicular terminal and ECU binding method | |
| CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
| CN107710672B (en) | Software distribution processing device, software distribution processing method, and vehicle | |
| CN112543927B (en) | Equipment upgrading method and related equipment | |
| CN103051453B (en) | A kind of mobile terminal network affaris safety trade system based on digital certificate and method | |
| US20120324229A1 (en) | System and method for generating keyless digital multi-signatures | |
| CN108650220B (en) | Method and equipment for issuing and acquiring mobile terminal certificate and automobile end chip certificate | |
| CN106227503A (en) | Safety chip COS firmware update, service end, terminal and system | |
| CN113114699B (en) | Vehicle terminal identity certificate application method | |
| CN104158819A (en) | Safety authentication method of vehicle-mounted information entertainment terminal | |
| CN104765357A (en) | Authorization system and method for vehicle remote diagnosis | |
| CN110087241B (en) | Service authorization method, device and system | |
| CN111814132B (en) | Security authentication method and device, security authentication chip and storage medium | |
| CN112673607A (en) | Anonymous device authentication | |
| CN108768975A (en) | Support the data integrity verification method of key updating and third party's secret protection | |
| CN110366176A (en) | A kind of cryptographic key negotiation method of vehicular ad hoc network | |
| CN112019326A (en) | Vehicle charging safety management method and system | |
| CN113766450A (en) | Vehicle virtual key sharing method, mobile terminal, server and vehicle | |
| CN102693478A (en) | Trading method of bid security during bidding procedure and system thereof | |
| CN108768650B (en) | Short message verification system based on biological characteristics | |
| CN105828330A (en) | Access method and access device | |
| CN116193436B (en) | OTA upgrade package issuing method and system for vehicle-mounted equipment | |
| CN107113316A (en) | A kind of system and method for APP certifications | |
| CN118200885A (en) | Bluetooth-based information interaction method and device | |
| CN102882882B (en) | A kind of user resources authorization method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20160629 Assignee: Beijing Zhike chelian Technology Co.,Ltd. Assignor: BEIQI FOTON MOTOR Co.,Ltd. Contract record no.: X2022980018253 Denomination of invention: A method for session key generation of Internet of Vehicles system and binding of on-board terminal and ECU Granted publication date: 20190226 License type: Common License Record date: 20221013 |
|
| EE01 | Entry into force of recordation of patent licensing contract |