CN106101111A - Vehicle electronics safe communication system and communication means - Google Patents

Vehicle electronics safe communication system and communication means Download PDF

Info

Publication number
CN106101111A
CN106101111A CN201610463591.5A CN201610463591A CN106101111A CN 106101111 A CN106101111 A CN 106101111A CN 201610463591 A CN201610463591 A CN 201610463591A CN 106101111 A CN106101111 A CN 106101111A
Authority
CN
China
Prior art keywords
services platform
automobile services
control system
vehicle electronic
electronic system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610463591.5A
Other languages
Chinese (zh)
Other versions
CN106101111B (en
Inventor
刘熙胖
李鑫
梁松涛
刘长河
何骏
马现通
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Jiean Information Technology Co Ltd
Original Assignee
Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Jiean Information Technology Co Ltd filed Critical Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority to CN201610463591.5A priority Critical patent/CN106101111B/en
Publication of CN106101111A publication Critical patent/CN106101111A/en
Application granted granted Critical
Publication of CN106101111B publication Critical patent/CN106101111B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention provides a kind of vehicle electronics safe communication system, and this system includes that safety chip, in-vehicle electronic system and automobile services platform, described in-vehicle electronic system and described automobile services platform carry out bidirectional identity authentication;Described in-vehicle electronic system includes ECU control system, and described ECU control system carries out two-way signature checking by described safety chip and described automobile services platform;After two-way signature is proved to be successful, described automobile services platform and described ECU control system coded communication.Present invention also offers the communication means of a kind of vehicle electronics safe communication system, including: step 1, in-vehicle electronic system and automobile services platform bidirectional identity authentication;Step 2, after being proved to be successful, the ECU control system of described in-vehicle electronic system is verified with described automobile services platform two-way signature by safety chip;Step 3, after being proved to be successful, the session key that described automobile services platform is exported by described safety chip and described ECU control system coded communication.

Description

Vehicle electronics safe communication system and communication means
Technical field
The present invention relates to on-vehicle information safe transmission field, be specifically related to a kind of vehicle electronics safe communication system and communication Method, it is possible to realize and the confidentiality of automobile services platform data transmission, improve the peace of the electronic control unit ECU of control system Quan Xing.
Background technology
Along with the development of in-vehicle electronic system, its function provided also more sophisticated, providing convenient to car owner While there is also many leaks, hacker can by network remote invade onboard system, by control onboard system send refer to Order, little personal information and the vehicle condition of then reading, the most then sent by in-vehicle electronic system and instruct, control wiper, power System and brake system etc. so that automobile throttle and brake during travelling occur malfunctioning, and challenge automotive networking safety is also And the personal safety of car owner is difficult to be protected.It is thus desirable to ensure the safety of data during communication, it is to avoid outside is attacked Hit, thus illegally handle in-vehicle electronic system.
Existing technical scheme can be realized in-vehicle electronic system by vehicle-mounted access gateway and increase security module Controlling, but do not have clear and definite algorithm and safe procedures, some is only with simple password code, is easier to attacked by the external world Hit;Along with gradually increasing of ECU control system, automobile controller LAN CAN is used to realize each control unit Connection, build overall in-vehicle network.Therefore, hacker can be by attacking vehicle-mounted access network pass, car networking module and indigo plant The communication interface such as tooth, USB so that CAN network error of transmission order thus realize attack to ECU control system, cause The illegal operation of automobile control unit.
In order to solve with present on problem, people are seeking a kind of preferably technical solution always.
Summary of the invention
It is an object of the invention to for the deficiencies in the prior art, thus provide a kind of vehicle electronics safe communication system and Communication means, it is achieved that in-vehicle electronic system and the safety certification of automobile services platform, has ensured the safe transmission of data, it is to avoid Hacker remotely controls vehicle, improves the security performance of automobilism.
To achieve these goals, the technical solution adopted in the present invention is: a kind of vehicle electronics safe communication system, should System includes safety chip, in-vehicle electronic system and automobile services platform,
Described in-vehicle electronic system and described automobile services platform carry out bidirectional identity authentication;
Described in-vehicle electronic system includes ECU control system, and described ECU control system is by described safety chip and described automobile Service platform carries out two-way signature checking;
After two-way signature is proved to be successful, described automobile services platform and described ECU control system coded communication.
Based on above-mentioned, described in-vehicle electronic system also includes the vehicle-mounted access being built-in with automobile firmware signature and AES Gateway, described automobile services platform is connected with described in-vehicle electronic system by described vehicle-mounted access gateway.
Based on above-mentioned, described ECU control system includes that Infotainment ECU, transmission control ECU, security control ECU and car Body controls ECU.
A kind of communication means of vehicle electronics safe communication system, the method comprises the following steps:
Step 1, in-vehicle electronic system and automobile services platform carry out bidirectional identity authentication;
Step 2, after bidirectional identity authentication is proved to be successful, the ECU control system of described in-vehicle electronic system by safety chip with Described automobile services platform carries out two-way signature checking;
Step 3, after two-way signature is proved to be successful, the session key that described automobile services platform is exported by described safety chip with Described ECU control system coded communication.
Based on above-mentioned, concretely comprising the following steps of described step 1:
Step 1-1, the public and private key of preset in-vehicle electronic system and the public and private key of automobile services platform;
Step 1-2, described in-vehicle electronic system uses the private key encryption in described in-vehicle electronic system public and private key described vehicle-mounted Electronic system ID authentication request, by the described in-vehicle electronic system after described in-vehicle electronic system ID authentication request and encryption ID authentication request ciphertext is sent simultaneously to described automobile services platform;
Step 1-3, described automobile services platform uses the institute that the public key decryptions in described in-vehicle electronic system public and private key receives State in-vehicle electronic system ID authentication request ciphertext and by the information after deciphering and the described in-vehicle electronic system identity received Certification request contrasts, thus completes the authentication of described in-vehicle electronic system;
Step 1-4, described automobile services platform uses the private key in described automobile services platform public and private key to encrypt described automobile Service platform ID authentication request, by the described automobile services platform after described automobile services platform identity certification request and encryption ID authentication request ciphertext is sent simultaneously to described in-vehicle electronic system;
Step 1-5, described in-vehicle electronic system uses the institute that the public key decryptions in described automobile services platform public and private key receives State automobile services platform identity certification request ciphertext and by the information after deciphering and the described automobile services platform identity received Certification request contrasts, thus completes the authentication of described automobile services platform.
Based on above-mentioned, concretely comprising the following steps of described step 2:
Step 2-1, described ECU control system sends access request to described automobile services platform, and described automobile services platform rings Should access request and to described ECU control system send checking request;
Step 2-2, generates the signature of described ECU control system
After described ECU control system receives the checking request of described automobile services platform, the identity of described ECU control system is believed Breath is sent to described safety chip;According to this identity information, described safety chip generates summary info by summarization generation algorithm, And encrypt described summary info to obtain described ECU control system by the private key in described in-vehicle electronic system public and private key Signature;Described ECU control system identity information, described signature and described summarization generation algorithm are passed through institute by described safety chip Described automobile services platform is returned to after stating the public key encryption in automobile services platform public and private key;
Step 2-3, verifies the signature of described ECU control system
Described automobile services platform deciphers the described ECU after this encryption by the private key in described automobile services platform public and private key Control system identity information, described signature and described summarization generation algorithm, it is thus achieved that the identity information of described ECU control system, Signature and summarization generation algorithm;According to this ECU control system identity information, described automobile services platform passes through described summarization generation Algorithm generates summary info, by this summary info with described automobile services platform by described in-vehicle electronic system public and private key Public key decryptions described in the summary info that obtains after signature contrast, thus verify the signature of described ECU control system;
Step 2-4, verifies the signature of described automobile services platform
After being proved to be successful, described automobile services platform returns the signature of described automobile services platform to described ECU control system, institute It is transferred to described safety chip, described safety chip after stating the signature of the ECU control system described automobile services platform of reception Verify that described automobile services are put down by the public and private key of described automobile services platform and the public and private key of described in-vehicle electronic system The result is also returned to described ECU control system by the signature of platform.
Based on above-mentioned, the AES that in described step 1 or described step 2, ciphering process uses is asymmetric class algorithm RSA or SM2 elliptic curve.
Based on above-mentioned, in described step 2-2 and described step 2-3, the generating algorithm of summary info is MD5 algorithm, Hash calculation Method SHA-256, SM3 hash algorithm or randomizer.
Based on above-mentioned, in described step 3, the AES of encrypted data communications is symmetry classes algorithm SM4 algorithm.
Hinge structure of the present invention has substantive distinguishing features and progress, and specifically, the present invention passes through described vehicle mounted electric Subsystem and the bidirectional identity authentication process of automobile services platform and the ECU control system of described in-vehicle electronic system are with described The two-way signature proof procedure of automobile services platform, it is achieved that in-vehicle electronic system and the safety certification of automobile services platform;This Invention adds safety chip, the cryptographic calculation of described ECU control system and deciphering computing and all performs inside safety chip, protects The safe transmission of barrier data, it is to avoid hacker remotely controls vehicle, improves the security performance of automobilism.
Accompanying drawing explanation
Fig. 1 is that the secure communication of in-vehicle electronic system of the present invention realizes block diagram.
Fig. 2 is bidirectional identity authentication flow chart of the present invention.
Fig. 3 is that two-way signature of the present invention verifies flow chart.
In figure, 1. automobile services platform;2. in-vehicle electronic system;3. safety chip;4.ECU control system.
Detailed description of the invention
Below by detailed description of the invention, technical scheme is described in further detail.
As it is shown in figure 1, a kind of vehicle electronics safe communication system, this system includes safety chip 3, in-vehicle electronic system 2 With automobile services platform 1,
Described in-vehicle electronic system 2 carries out bidirectional identity authentication with described automobile services platform 1;
Described in-vehicle electronic system 2 includes that ECU control system 4, described ECU control system 4 pass through described safety chip 3 with described Automobile services platform 1 carries out two-way signature checking;
After two-way signature is proved to be successful, described automobile services platform 1 and the coded communication of described ECU control system 4.
Concrete, described ECU control system 4 includes that Infotainment ECU, transmission control ECU, security control ECU and car Body controls ECU.
Described in-vehicle electronic system 2 also includes the vehicle-mounted access gateway being built-in with automobile firmware signature and AES, institute State automobile services platform 1 to be connected with described in-vehicle electronic system 2 by described vehicle-mounted access gateway.
In a particular embodiment, described safety chip 3 is embedded in described vehicle electronics in the way of SD card, USB and SM card In system 2, not affecting in car in the case of electronics overall routing, described safety chip 3 is total by SPI, CAN and LIN The ECU unit that line is different in connecting car, thus read information needed or write control command, it is achieved to described in-vehicle electronic system The security control of 2.
A kind of communication means of vehicle electronics safe communication system, the method comprises the following steps:
Step 1, in-vehicle electronic system 2 and automobile services platform 1 carry out bidirectional identity authentication;
Step 2, after bidirectional identity authentication is proved to be successful, the ECU control system 4 of described in-vehicle electronic system 2 is by safety chip 3 Two-way signature checking is carried out with described automobile services platform 1;So can verify and communicate with described automobile services platform 1 The concrete identity of described ECU control system 4 is Infotainment ECU, transmission control ECU, security control ECU or Body Control ECU, and checking whether communicate with described ECU control system 4 be described automobile services platform 1, thus prevent assault Described ECU control system 4, causes the illegal operation of automotive control system;
Step 3, after two-way signature is proved to be successful, the described automobile services platform 1 session key by the output of described safety chip 3 With the coded communication of described ECU control system 4;Wherein, in described step 3, the AES of encrypted data communications is symmetry classes algorithm SM4 algorithm.
In communication process, predeterminable regular time threshold value or packet threshold value, when cumulative time or accumulative packet When quantity reaches predetermined threshold value, the bidirectional identification re-starting described in-vehicle electronic system 2 and described automobile services platform 1 is recognized Card, ECU control system 4 and the described automobile services platform 1 of described in-vehicle electronic system 2 carry out two-way signature checking and described Safety chip 3 exports new session key, so may insure that between described automobile services platform 1 and described ECU control system 4 logical The safety of letter.
Concrete, as in figure 2 it is shown, the step of described step 1 is:
Step 1-1, the public and private key of preset in-vehicle electronic system 2 and the public and private key of automobile services platform 1;Different communication loops Border, described in-vehicle electronic system 2, as described in automobile services platform 1, CAN, LIN bus and USB interface, correspond to difference Public and private key;
Step 1-2, described in-vehicle electronic system 2 uses the private key in described in-vehicle electronic system 2 public and private key to encrypt described car Carry electronic system 2 ID authentication request, by the described vehicle electronics after described in-vehicle electronic system 2 ID authentication request and encryption System 2 ID authentication request ciphertext is sent simultaneously to described automobile services platform 1;
Step 1-3, described automobile services platform 1 uses the public key decryptions in described in-vehicle electronic system 2 public and private key to receive Described in-vehicle electronic system 2 ID authentication request ciphertext by the information after deciphering and the described in-vehicle electronic system 2 that receives ID authentication request contrasts, thus completes the authentication of described in-vehicle electronic system 2;
Step 1-4, described automobile services platform 1 uses the private key in described automobile services platform 1 public and private key to encrypt described vapour Car service platform 1 ID authentication request, by the described automobile services after described automobile services platform 1 ID authentication request and encryption Platform 1 ID authentication request ciphertext is sent simultaneously to described in-vehicle electronic system 2;
Step 1-5, described in-vehicle electronic system 2 uses the public key decryptions in described automobile services platform 1 public and private key to receive Described automobile services platform 1 ID authentication request ciphertext by the information after deciphering and the described automobile services platform 1 that receives ID authentication request contrasts, thus completes the authentication of described automobile services platform 1.
Because the content that described in-vehicle electronic system 2 is encrypted with the private key in described in-vehicle electronic system 2 public and private key, by And can only be decrypted by the PKI in described in-vehicle electronic system 2 public and private key, in described in-vehicle electronic system 2 public and private key Private key only have described in-vehicle electronic system 2 to hold, if so the content that described automobile services platform 1 decrypts is can With the cleartext information of the described in-vehicle electronic system 2 received to going up, that descriptive information must be from described vehicle mounted electric subsystem System 2 sends, thus demonstrates the identity of described in-vehicle electronic system 2.In like manner can also verify described automobile services platform 1 Identity.
Concrete, as it is shown on figure 3, the step of described step 2 is:
Step 2-1, described ECU control system 4 sends access request, described automobile services platform 1 to described automobile services platform 1 Respond this access request and send checking request to described ECU control system 4;
Step 2-2, generates the signature of described ECU control system 4
After described ECU control system 4 receives the checking request of described automobile services platform 1, by the body of described ECU control system 4 Part information is sent to described safety chip 3;According to this identity information, described safety chip 3 is generated by summarization generation algorithm and plucks Want information, and encrypt described summary info to obtain described ECU control by the private key in described in-vehicle electronic system 2 public and private key The signature of system 4 processed;Described safety chip 3 is raw by described ECU control system 4 identity information, described signature and described summary Become algorithm by returning to described automobile services platform 1 after the public key encryption in described automobile services platform 1 public and private key;
Step 2-3, verifies the signature of described ECU control system 4
Described automobile services platform 1 by the private key in described automobile services platform 1 public and private key decipher after this encryption described ECU control system 4 identity information, described signature and described summarization generation algorithm, it is thus achieved that the identity of described ECU control system 4 Information, signature and summarization generation algorithm;According to this ECU control system 4 identity information, described automobile services platform 1 is by described Summarization generation algorithm generates summary info, by this summary info with described automobile services platform 1 by described in-vehicle electronic system 2 The summary info obtained after signature described in public key decryptions in public and private key contrasts;
If described ECU control system 4 identity information is modified in network transmission process, according to this identity information, described Automobile services platform 1 will calculate different summary infos by the described summarization generation algorithm obtained after deciphering, so described Automobile services platform 1 it may determine that described ECU control system 4 identity information Zi signature to reception whether be modified, Whether described ECU control system 4 identity information is complete;So during communication, hacker just cannot intercept and distort institute State ECU control system 4 identity information, send falseness order;
Step 2-4, verifies the signature of described automobile services platform 1
After being proved to be successful, described automobile services platform 1 returns the signature of described automobile services platform 1 to described ECU control system 4, described ECU control system 4 is transferred to described safety chip 3, described peace after receiving the signature of described automobile services platform 1 Full chip 3 verifies described vapour by the public and private key of described automobile services platform 1 and the public and private key of described in-vehicle electronic system 2 The result is also returned to described ECU control system 4 by the signature of car service platform 1.
After above-mentioned bidirectional identification is verified, described automobile services platform 1 and described ECU control system 4 mutual authentication The identity of the other side, it is to avoid hacker pretends to be described automobile services platform 1 to send pseudo-command to described ECU control system 4, it is ensured that The safe transmission of data.
Concrete, the AES used in ciphering process in described step 1 or described step 2 is asymmetric class algorithm RSA or SM2 elliptic curve.
Concrete, in described step 2-2 and described step 2-3, the generating algorithm of summary info is MD5 algorithm, hash algorithm SHA-256, SM3 hash algorithm or randomizer.
Finally should be noted that: above example is only in order to illustrate that technical scheme is not intended to limit;To the greatest extent The present invention has been described in detail by pipe with reference to preferred embodiment, and those of ordinary skill in the field are it is understood that still The detailed description of the invention of the present invention can be modified or portion of techniques feature is carried out equivalent;Without deviating from this The spirit of bright technical scheme, it all should be contained in the middle of the technical scheme scope that the present invention is claimed.

Claims (9)

1. a vehicle electronics safe communication system, it is characterised in that: this system includes safety chip, in-vehicle electronic system and vapour Car service platform,
Described in-vehicle electronic system and described automobile services platform carry out bidirectional identity authentication;
Described in-vehicle electronic system includes ECU control system, and described ECU control system is by described safety chip and described automobile Service platform carries out two-way signature checking;
After two-way signature is proved to be successful, described automobile services platform and described ECU control system coded communication.
Vehicle electronics safe communication system the most according to claim 1, it is characterised in that: described in-vehicle electronic system also wraps Including the vehicle-mounted access gateway being built-in with automobile firmware signature and AES, described automobile services platform is by described vehicle-mounted access Gateway is connected with described in-vehicle electronic system.
Vehicle electronics safe communication system the most according to claim 1 and 2, it is characterised in that: described ECU control system bag Include Infotainment ECU, transmission controls ECU, security control ECU and Body Control ECU.
4. a communication means based on the vehicle electronics safe communication system described in claim 1, it is characterised in that the method Comprise the following steps:
Step 1, in-vehicle electronic system and automobile services platform carry out bidirectional identity authentication;
Step 2, after bidirectional identity authentication is proved to be successful, the ECU control system of described in-vehicle electronic system by safety chip with Described automobile services platform carries out two-way signature checking;
Step 3, after two-way signature is proved to be successful, the session key that described automobile services platform is exported by described safety chip with Described ECU control system coded communication.
The communication means of vehicle electronics safe communication system the most according to claim 4, it is characterised in that described step 1 Concretely comprise the following steps:
Step 1-1, the public and private key of preset in-vehicle electronic system and the public and private key of automobile services platform;
Step 1-2, described in-vehicle electronic system uses the private key encryption in described in-vehicle electronic system public and private key described vehicle-mounted Electronic system ID authentication request, by the described in-vehicle electronic system after described in-vehicle electronic system ID authentication request and encryption ID authentication request ciphertext is sent simultaneously to described automobile services platform;
Step 1-3, described automobile services platform uses the institute that the public key decryptions in described in-vehicle electronic system public and private key receives State in-vehicle electronic system ID authentication request ciphertext and by the information after deciphering and the described in-vehicle electronic system identity received Certification request contrasts, thus completes the authentication of described in-vehicle electronic system;
Step 1-4, described automobile services platform uses the private key in described automobile services platform public and private key to encrypt described automobile Service platform ID authentication request, by the described automobile services platform after described automobile services platform identity certification request and encryption ID authentication request ciphertext is sent simultaneously to described in-vehicle electronic system;
Step 1-5, described in-vehicle electronic system uses the institute that the public key decryptions in described automobile services platform public and private key receives State automobile services platform identity certification request ciphertext and by the information after deciphering and the described automobile services platform identity received Certification request contrasts, thus completes the authentication of described automobile services platform.
The communication means of vehicle electronics safe communication system the most according to claim 4, it is characterised in that described step 2 Concretely comprise the following steps:
Step 2-1, described ECU control system sends access request to described automobile services platform, and described automobile services platform rings Should access request and to described ECU control system send checking request;
Step 2-2, generates the signature of described ECU control system
After described ECU control system receives the checking request of described automobile services platform, the identity of described ECU control system is believed Breath is sent to described safety chip;According to this identity information, described safety chip generates summary info by summarization generation algorithm, And encrypt described summary info to obtain described ECU control system by the private key in described in-vehicle electronic system public and private key Signature;Described ECU control system identity information, described signature and described summarization generation algorithm are passed through institute by described safety chip Described automobile services platform is returned to after stating the public key encryption in automobile services platform public and private key;
Step 2-3, verifies the signature of described ECU control system
Described automobile services platform deciphers the described ECU after this encryption by the private key in described automobile services platform public and private key Control system identity information, described signature and described summarization generation algorithm, it is thus achieved that the identity information of described ECU control system, Signature and summarization generation algorithm;According to this ECU control system identity information, described automobile services platform passes through described summarization generation Algorithm generates summary info, by this summary info with described automobile services platform by described in-vehicle electronic system public and private key Public key decryptions described in the summary info that obtains after signature contrast, thus verify the signature of described ECU control system;
Step 2-4, verifies the signature of described automobile services platform
After being proved to be successful, described automobile services platform returns the signature of described automobile services platform to described ECU control system, institute It is transferred to described safety chip, described safety chip after stating the signature of the ECU control system described automobile services platform of reception Verify that described automobile services are put down by the public and private key of described automobile services platform and the public and private key of described in-vehicle electronic system The result is also returned to described ECU control system by the signature of platform.
7. according to the communication means of the vehicle electronics safe communication system described in claim 5 or 6, it is characterised in that: described step The AES that in rapid 1 or described step 2, ciphering process uses is asymmetric class algorithm RSA or SM2 elliptic curve.
The communication means of vehicle electronics safe communication system the most according to claim 6, it is characterised in that: described step 2- 2 and described step 2-3 in the generating algorithm of summary info be MD5 algorithm, hash algorithm SHA-256, SM3 hash algorithm or random Number generator.
The communication means of vehicle electronics safe communication system the most according to claim 4, it is characterised in that: described step 3 The AES of middle encrypted data communications is symmetry classes algorithm SM4 algorithm.
CN201610463591.5A 2016-06-24 2016-06-24 Vehicle electronics safe communication system and communication means Active CN106101111B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610463591.5A CN106101111B (en) 2016-06-24 2016-06-24 Vehicle electronics safe communication system and communication means

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610463591.5A CN106101111B (en) 2016-06-24 2016-06-24 Vehicle electronics safe communication system and communication means

Publications (2)

Publication Number Publication Date
CN106101111A true CN106101111A (en) 2016-11-09
CN106101111B CN106101111B (en) 2019-10-25

Family

ID=57252295

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610463591.5A Active CN106101111B (en) 2016-06-24 2016-06-24 Vehicle electronics safe communication system and communication means

Country Status (1)

Country Link
CN (1) CN106101111B (en)

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106648626A (en) * 2016-11-29 2017-05-10 郑州信大捷安信息技术股份有限公司 Secure remote upgrade system and upgrade method for vehicles
CN106685967A (en) * 2016-12-29 2017-05-17 同济大学 Vehicle network communication encryption and intrusion monitoring device
CN106685985A (en) * 2017-01-17 2017-05-17 同济大学 Vehicle remote diagnosis system and method based on information safety technology
CN106713264A (en) * 2016-11-18 2017-05-24 郑州信大捷安信息技术股份有限公司 Method for vehicle safety remote control and diagnosis and system thereof
CN107105060A (en) * 2017-05-27 2017-08-29 天津恒天新能源汽车研究院有限公司 A kind of method for realizing electric automobile information security
CN107393054A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 Drive recorder and its method for data protection and identification
CN107395361A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 The conversion of information source data and authentication method and system
CN107919955A (en) * 2017-12-28 2018-04-17 北京奇虎科技有限公司 A kind of vehicle network safety certifying method, system, vehicle, device and medium
CN107948307A (en) * 2017-12-12 2018-04-20 华东交通大学 A kind of intelligent vehicle-mounted device and its safety communicating method based on car networking
CN108162981A (en) * 2017-12-29 2018-06-15 山东渔翁信息技术股份有限公司 A kind of unmanned apparatus control method, apparatus and system
CN109388940A (en) * 2018-09-20 2019-02-26 斑马网络技术有限公司 Vehicle system access method, device, server and engineering USB flash disk
CN109639418A (en) * 2018-12-28 2019-04-16 北京新能源汽车股份有限公司 Configuration information authentication method and device and rental car
CN110071835A (en) * 2019-04-25 2019-07-30 成都信息工程大学 A kind of intelligent network connection vehicle safe early warning distribution method and system
CN110896395A (en) * 2018-09-13 2020-03-20 北京奇虎科技有限公司 Method and device for providing encryption service
CN111212072A (en) * 2019-12-31 2020-05-29 北京明朝万达科技股份有限公司 Vehicle-based safety control method and system, storage medium and processor
CN111294771A (en) * 2018-12-10 2020-06-16 大陆汽车电子(连云港)有限公司 In-vehicle device, system for implementing in-vehicle communication and related method
CN111416718A (en) * 2020-03-13 2020-07-14 浙江华消科技有限公司 Method and device for receiving communication key, method and device for sending communication key
CN112350821A (en) * 2019-08-06 2021-02-09 北京车和家信息技术有限公司 Method, device and system for acquiring secret key
CN112422392A (en) * 2021-01-25 2021-02-26 武汉格罗夫氢能汽车有限公司 Whole-vehicle network system of hydrogen energy automobile
CN113411294A (en) * 2021-04-30 2021-09-17 中汽研(天津)汽车工程研究院有限公司 Vehicle-mounted secure communication method, system and device based on secure cloud public key protection
CN113589722A (en) * 2021-07-21 2021-11-02 上汽通用五菱汽车股份有限公司 Vehicle control encryption method, system, device and computer readable storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1723142A (en) * 2003-11-04 2006-01-18 株式会社东海理化电机制作所 Vehicle security apparatus and id code management device
CN101350725A (en) * 2007-02-13 2009-01-21 Secunet安全网络股份公司 Safety unit
CN101631020A (en) * 2008-07-16 2010-01-20 上海方立数码科技有限公司 Identity authentication system combining fingerprint identification and PKI system
CN102393888A (en) * 2011-07-21 2012-03-28 广州汽车集团股份有限公司 ECU (Electric Control Unit) security access processing method
CN103368905A (en) * 2012-03-29 2013-10-23 同方股份有限公司 Trustable cipher module chip-based network access authentication method
CN103746969A (en) * 2013-12-24 2014-04-23 深圳市领华卫通数码科技有限公司 Vehicle terminal authentication method and authentication server
CN103747051A (en) * 2013-12-24 2014-04-23 深圳市领华卫通数码科技有限公司 Service platform of vehicle-mounted terminal
US20140114497A1 (en) * 2011-07-06 2014-04-24 Hitachi Automotive Systems, Ltd. In-Vehicle Network System
CN104134047A (en) * 2014-07-01 2014-11-05 潍柴动力股份有限公司 Safe access method for realizing ECU (Electronic Control Unit), ECU and upper computer

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1723142A (en) * 2003-11-04 2006-01-18 株式会社东海理化电机制作所 Vehicle security apparatus and id code management device
CN101350725A (en) * 2007-02-13 2009-01-21 Secunet安全网络股份公司 Safety unit
CN101631020A (en) * 2008-07-16 2010-01-20 上海方立数码科技有限公司 Identity authentication system combining fingerprint identification and PKI system
US20140114497A1 (en) * 2011-07-06 2014-04-24 Hitachi Automotive Systems, Ltd. In-Vehicle Network System
CN102393888A (en) * 2011-07-21 2012-03-28 广州汽车集团股份有限公司 ECU (Electric Control Unit) security access processing method
CN103368905A (en) * 2012-03-29 2013-10-23 同方股份有限公司 Trustable cipher module chip-based network access authentication method
CN103746969A (en) * 2013-12-24 2014-04-23 深圳市领华卫通数码科技有限公司 Vehicle terminal authentication method and authentication server
CN103747051A (en) * 2013-12-24 2014-04-23 深圳市领华卫通数码科技有限公司 Service platform of vehicle-mounted terminal
CN104134047A (en) * 2014-07-01 2014-11-05 潍柴动力股份有限公司 Safe access method for realizing ECU (Electronic Control Unit), ECU and upper computer

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106713264B (en) * 2016-11-18 2019-06-21 郑州信大捷安信息技术股份有限公司 A kind of method and system remotely controlled for vehicle safety with diagnosis
CN106713264A (en) * 2016-11-18 2017-05-24 郑州信大捷安信息技术股份有限公司 Method for vehicle safety remote control and diagnosis and system thereof
CN106648626A (en) * 2016-11-29 2017-05-10 郑州信大捷安信息技术股份有限公司 Secure remote upgrade system and upgrade method for vehicles
CN106685967A (en) * 2016-12-29 2017-05-17 同济大学 Vehicle network communication encryption and intrusion monitoring device
CN106685985A (en) * 2017-01-17 2017-05-17 同济大学 Vehicle remote diagnosis system and method based on information safety technology
CN106685985B (en) * 2017-01-17 2019-11-29 同济大学 A kind of vehicle remote diagnosis system and method based on information security technology
CN107105060A (en) * 2017-05-27 2017-08-29 天津恒天新能源汽车研究院有限公司 A kind of method for realizing electric automobile information security
CN107105060B (en) * 2017-05-27 2020-12-08 天津恒天新能源汽车研究院有限公司 Method for realizing information security of electric automobile
CN107395361A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 The conversion of information source data and authentication method and system
CN107393054A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 Drive recorder and its method for data protection and identification
CN107948307A (en) * 2017-12-12 2018-04-20 华东交通大学 A kind of intelligent vehicle-mounted device and its safety communicating method based on car networking
CN107919955A (en) * 2017-12-28 2018-04-17 北京奇虎科技有限公司 A kind of vehicle network safety certifying method, system, vehicle, device and medium
CN108162981A (en) * 2017-12-29 2018-06-15 山东渔翁信息技术股份有限公司 A kind of unmanned apparatus control method, apparatus and system
CN110896395A (en) * 2018-09-13 2020-03-20 北京奇虎科技有限公司 Method and device for providing encryption service
CN109388940A (en) * 2018-09-20 2019-02-26 斑马网络技术有限公司 Vehicle system access method, device, server and engineering USB flash disk
CN111294771A (en) * 2018-12-10 2020-06-16 大陆汽车电子(连云港)有限公司 In-vehicle device, system for implementing in-vehicle communication and related method
CN109639418A (en) * 2018-12-28 2019-04-16 北京新能源汽车股份有限公司 Configuration information authentication method and device and rental car
CN110071835A (en) * 2019-04-25 2019-07-30 成都信息工程大学 A kind of intelligent network connection vehicle safe early warning distribution method and system
CN110071835B (en) * 2019-04-25 2022-03-18 成都信息工程大学 Intelligent internet vehicle safety early warning distribution method and system
CN112350821A (en) * 2019-08-06 2021-02-09 北京车和家信息技术有限公司 Method, device and system for acquiring secret key
CN111212072A (en) * 2019-12-31 2020-05-29 北京明朝万达科技股份有限公司 Vehicle-based safety control method and system, storage medium and processor
CN111416718A (en) * 2020-03-13 2020-07-14 浙江华消科技有限公司 Method and device for receiving communication key, method and device for sending communication key
CN112422392A (en) * 2021-01-25 2021-02-26 武汉格罗夫氢能汽车有限公司 Whole-vehicle network system of hydrogen energy automobile
CN113411294A (en) * 2021-04-30 2021-09-17 中汽研(天津)汽车工程研究院有限公司 Vehicle-mounted secure communication method, system and device based on secure cloud public key protection
CN113589722A (en) * 2021-07-21 2021-11-02 上汽通用五菱汽车股份有限公司 Vehicle control encryption method, system, device and computer readable storage medium
CN113589722B (en) * 2021-07-21 2022-10-28 上汽通用五菱汽车股份有限公司 Vehicle control encryption method, system, device and computer readable storage medium

Also Published As

Publication number Publication date
CN106101111B (en) 2019-10-25

Similar Documents

Publication Publication Date Title
CN106101111B (en) Vehicle electronics safe communication system and communication means
US11909863B2 (en) Certificate-based pairing of key fob device and control unit
CN107105060B (en) Method for realizing information security of electric automobile
CN107919955B (en) Vehicle network security authentication method, system, vehicle, device and medium
CN111194028B (en) Safety control method based on vehicle
CN105635147A (en) Vehicle-mounted-special-equipment-system-based secure data transmission method and system
CN207504909U (en) It is a kind of to be used for vehicle safety remote control and the system of diagnosis
TW201927601A (en) Method for generating and using virtual key of vehicle, system for same, and user terminal
US20180205729A1 (en) Method and apparatus for encryption, decryption and authentication
CN106572106B (en) Method for transmitting message between TBOX terminal and TSP platform
Wang et al. NOTSA: Novel OBU with three-level security architecture for internet of vehicles
US9479329B2 (en) Motor vehicle control unit having a cryptographic device
US10477402B2 (en) One-way key fob and vehicle pairing
CN112396735B (en) Internet automobile digital key safety authentication method and device
CN106713264A (en) Method for vehicle safety remote control and diagnosis and system thereof
CN107682334A (en) A kind of OBD interface data security protection system and data security protection method
CN107733636B (en) Authentication method and authentication system
CN106341392B (en) II interface security communication protection device of electric car OBD, system and method
CN106506149B (en) Key generation method and system between a kind of TBOX terminal and TSP platform
CN109495449A (en) A kind of vehicle CAN bus encryption method
CN111083696A (en) Communication verification method and system, mobile terminal and vehicle terminal
CN109859362A (en) A kind of electric motor intelligent key controller method
CN113839782B (en) Light-weight safe communication method for CAN (controller area network) bus in vehicle based on PUF (physical unclonable function)
CN117439740A (en) In-vehicle network identity authentication and key negotiation method, system and terminal
CN118200885A (en) Bluetooth-based information interaction method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Yang Jin Lu jinshuiqu 450000 Henan city of Zhengzhou province No. 139 building F4

Applicant after: ZHENGZHOU XINDA JIEAN INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 450046 Henan city of Zhengzhou Province, West Zheng Dong new things are integrated services northbound Zhengzhou national trunk highway logistics building 14 floors of A towers

Applicant before: ZHENGZHOU XINDA JIEAN INFORMATION TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: Vehicle electronic safety communication system and communication methods

Granted publication date: 20191025

Pledgee: Bank of Zhengzhou Co.,Ltd. Zhongyuan Science and Technology City Sub branch

Pledgor: ZHENGZHOU XINDA JIEAN INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2024980007004