CN106850311B - Data security transmission system and method for firmware upgrade - Google Patents

Data security transmission system and method for firmware upgrade Download PDF

Info

Publication number
CN106850311B
CN106850311B CN201710123213.7A CN201710123213A CN106850311B CN 106850311 B CN106850311 B CN 106850311B CN 201710123213 A CN201710123213 A CN 201710123213A CN 106850311 B CN106850311 B CN 106850311B
Authority
CN
China
Prior art keywords
firmware
unit
information
public key
upgrade
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710123213.7A
Other languages
Chinese (zh)
Other versions
CN106850311A (en
Inventor
陈崇峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NIO Co Ltd
Original Assignee
NIO Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NIO Co Ltd filed Critical NIO Co Ltd
Priority to CN201710123213.7A priority Critical patent/CN106850311B/en
Publication of CN106850311A publication Critical patent/CN106850311A/en
Application granted granted Critical
Publication of CN106850311B publication Critical patent/CN106850311B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Abstract

The invention provides a data security transmission system and method for firmware upgrade, the system includes: the system comprises an authentication center, a firmware distribution unit and a firmware receiving unit; the authentication center is configured to generate public key authentication information of the corresponding unit based on the identity identification code and the public key of each unit and send the public key authentication information to the corresponding unit; the firmware distribution unit is configured to take the selected firmware upgrading information as a transmission data file, generate an encrypted data file based on the public key authentication information of the firmware receiving unit, and send the encrypted data file to the corresponding firmware receiving unit; and the firmware receiving unit is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to acquire firmware upgrading information. Therefore, the safe transmission of data in the firmware upgrading process is fully ensured.

Description

data security transmission system and method for firmware upgrade
Technical Field
The present invention relates to the field of firmware upgrade technology, and more particularly, to a data secure transmission system and method for firmware upgrade.
Background
Nowadays, many ECUs (Electronic Control units) are generally included in automobiles. When The ECUs are in failure or The functions of The ECUs need to be perfect, The ECUs need to be upgraded, and The Firmware can be upgraded remotely by FOTA (Firmware Over The Air), that is, The vehicle does not need to go to a 4S store for upgrading, and The Firmware can be upgraded remotely conveniently by FOTA. However, although the firmware upgrade of the ECU can be conveniently completed, the insecurity of the firmware upgrade is also easily caused due to the openness of wireless transmission used by the firmware upgrade. There is therefore a need to improve the security of data transmission in over-the-air firmware upgrades.
Disclosure of Invention
The method aims to solve the problems in the prior art, namely, the safety of data transmission in the air firmware upgrading is improved. The invention provides a data security transmission system for firmware upgrade, which comprises: the system comprises an authentication center, a firmware distribution unit and a firmware receiving unit.
the authentication center is configured to generate public key authentication information of the corresponding unit based on the identity identification code and the public key of each unit and send the public key authentication information to the corresponding unit; the firmware distributing unit is configured to take the selected firmware upgrading information as a transmission data file, generate an encrypted data file based on the public key authentication information of the firmware receiving unit and send the encrypted data file to the corresponding firmware receiving unit; and the firmware receiving unit is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to acquire firmware upgrading information.
Preferably, the system further includes a firmware supplying unit configured to take the new firmware upgrade information as a transfer data file, generate an encrypted data file based on the public key authentication information of the firmware distributing unit, and transmit the encrypted data file to the firmware distributing unit; and the firmware distribution unit is also configured to receive and decrypt the encrypted data file sent by the firmware supply unit to acquire firmware upgrading information.
Preferably, the system further comprises a firmware storage unit configured to store the firmware upgrade information sent by the firmware distribution unit and send the firmware upgrade information called by the firmware distribution unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
preferably, the firmware receiving unit includes a production shop receiving unit, a 4S shop receiving unit, and an in-vehicle receiving unit; a shop floor receiving unit configured to perform firmware upgrade on a vehicle at a shop floor; a 4S shop receiving unit configured to perform firmware upgrade on the incoming shop vehicle; and the vehicle-mounted receiving unit is configured to upgrade the firmware of the vehicle loaded by the vehicle-mounted receiving unit.
preferably, the firmware distribution unit is further configured to obtain the public key of the corresponding unit based on the public key authentication information of each other unit, generate a session key and an information authentication code between the firmware distribution unit and each other unit, encrypt the session key and the information authentication code by the public key of the receiving unit, and send the encrypted session key and the information authentication code to the corresponding unit; the encrypted transmission of the firmware upgrading information among the units in the system comprises the following steps:
The method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver; the receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
Accordingly, in order to solve the above problems in the prior art, the present invention further provides a data security transmission method for firmware upgrade, which is based on the above data security transmission system for firmware upgrade, and the method includes:
Generating public key authentication information of the corresponding unit based on the identity identification codes and the public keys of other units through the authentication center, and sending the public key authentication information to the corresponding unit; the selected firmware upgrading information is used as a transmission data file through a firmware distribution unit, an encrypted data file is generated based on public key authentication information of a firmware receiving unit, and the encrypted data file is sent to a corresponding firmware receiving unit; and receiving and decrypting the encrypted data file sent by the firmware distributing unit through the firmware receiving unit to acquire firmware upgrading information.
Preferably, the method further comprises: the new firmware upgrading information is used as a transmission data file through the firmware supply unit, an encrypted data file is generated based on the public key verification information of the firmware distribution unit, and the encrypted data file is sent to the firmware distribution unit; and receiving and decrypting the encrypted data file sent by the firmware supply unit through the firmware distribution unit to acquire firmware upgrading information.
preferably, the method further comprises: storing the firmware upgrading information sent by the firmware distributing unit through the firmware storage unit, and sending the firmware upgrading information called by the firmware distributing unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
Preferably, the method further comprises: the public keys of other units are acquired through the firmware distribution unit based on the public key authentication information of other units, session keys and information authentication codes between the firmware distribution unit and other units are generated, and the session keys and the information authentication codes are encrypted through the public keys of the receiving unit and then sent to the corresponding units; the encrypted transmission of the firmware upgrade information among the units comprises:
The method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver; the receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
Preferably, the firmware provisioning unit transmits the firmware upgrade information to the firmware distribution unit in the following manner:
X1=E[PRVFM,C(KMVFM,F)||IDV||IDECU||IDU||TS1]
E[KSVFM,F||E(PUFDM,X1)]
Wherein E represents encryption, PRVFMProvisioning of Unit private Key, KM, for firmwareVFMauthenticating a code for information between the firmware provision unit and the firmware distribution unit, F denotes firmware upgrade information, C (KM)VFMAnd F) information authentication code processing, ID, is performed on the firmwareVIs firmware vendor ID, IDECUFor upgrading the ID, of the affected componentUIs ID, T, of the component to be upgradedS1Is a time stamp, KSVFMFor session keys between a firmware provisioning unit and a firmware distribution unit, PUFDMThe unit public key is distributed for the firmware.
preferably, the firmware distribution unit transmits the firmware upgrade information to the firmware storage unit in the following manner:
X2=E[PRFDM,C(KMFS,F)||Info||IDU||TS2];
E[KSFS,F||E(PUFS,X2)]
wherein, PRFDMDistributing Unit private Key, KM, for firmwareFSfor the information authentication code between the firmware distribution unit and the firmware storage unit, the Info represents additional information including the upgrade version, the ID of the component to be upgradedsupplier ID, supplier name and upgrade type, TS2Is a time stamp, KSFSFor session keys between a firmware distribution unit and a firmware storage unit, PUFSThe firmware unit public key is stored.
Preferably, the firmware distributing unit transmits the firmware upgrade information to the firmware receiving unit in the following manner:
X3=E[PRFDM,C(KMM,F)||IDECU||IDU||TS3]
E[KSVFM,F||E(PUM,X3)]
Wherein KMMFor authenticating codes for information between firmware distribution unit and firmware reception unit, TS3Is a time stamp, PUMThe unit public key is received for the firmware.
Preferably, the firmware storing unit transmits the firmware upgrade information to the firmware distributing unit in the following manner:
X4=E[PRFS,C(KMFS,F)||IDECU||IDU||TS4]
E[KSFS,F||E(PUFDM,X4)]
Wherein, PRFSStoring the Unit private Key, KM, for firmwareFSFor authenticating codes for information between firmware distribution unit and firmware storage unit, TS6Is a time stamp, KSFSfor session keys between a firmware distribution unit and a firmware storage unit, PUFDMThe unit public key is distributed for the firmware.
Preferably, the method further comprises: and when the firmware distribution unit finds that the firmware has bugs or needs to be repaired, the firmware repair upgrade package is sent to the firmware supply unit.
Preferably, the firmware distribution unit sends the repair upgrade package of the firmware to the firmware provisioning unit by means of equation (1) or equation (2):
X5=E[PUVFM,B||E(PRFDM,H(B)||IDV||IDECU||TS5] (1)
X6=E[PUVFM,I||E(PRFDM,H(I)||IDV||IDECU||TS6] (2)
wherein, PUVFMProvisioning of the Unit public Key, PR, for firmwareFDMDistributing Unit private Key, ID for firmwareVIs supplier ID, IDECUID, T, of a component which is defective or requires repairS5And TS6For the time stamp, B represents details of the vulnerability, I represents details of the repair, H (B) represents the hash value of B, and H (I) represents the hash value of I.
Preferably, the method further comprises: and the firmware receiving unit sends successful upgrading information and a VIN code list of the vehicle which finishes upgrading to the firmware distribution unit after the firmware is upgraded.
Preferably, the firmware receiving unit transmits the upgrade success information to the firmware distributing unit in the following manner:
X7=E[PRM||IDECU||IDU||VIN||TS7]
E(PUFDM,X7)
Wherein E represents encryption, PRMFor firmware to receive unit private key, IDECUFor upgrading the ID, of the affected componentUIs the ID of the upgraded component, VIN is the VIN code, T, of the vehicle that completed the firmware upgradeS7Being time stamps, PUFDMthe unit public key is distributed for the firmware.
Preferably, the firmware receiving unit transmits the VIN list of the vehicle that completed the firmware upgrade to the firmware distributing unit in the following manner:
X8=E[PRM,C(KMM,L)||UID||TS8]
E[KSM,L||E(PUFDM,X8)]
where E denotes encryption, L is the VIN list of the vehicle that completed the firmware upgrade, PRMReceiving a Unit private Key, KM, for firmwareMFor the authentication code of information between the firmware receiving unit and the firmware distributing unit, C (KM)Ml) denotes information authentication code processing for L, UIDTo upgrade an element ID, KSMIs a firmware distributing unit and a firmware receiving unitsession key between elements, TS8Is a time stamp, PUFDMThe unit public key is distributed for the firmware.
Preferably, the public key authentication information of each unit is as follows:
E[PRCA,(PUX||IDX||T1||T2)];
Wherein PRCAas authentication center private key, PUXIs a public key, ID, of a corresponding unitXIs an identification code of the corresponding unit, T1is a time stamp, T2Is the validity period of the public key authentication information.
The invention provides a data security transmission system and a data security transmission method for firmware upgrading.A public key authentication information of a corresponding unit is generated by an authentication center based on an identification code and a public key of other units and is sent to the corresponding unit; the selected firmware upgrading information is used as a transmission data file through a firmware distribution unit, an encrypted data file is generated based on public key authentication information of a firmware receiving unit, and the encrypted data file is sent to a corresponding firmware receiving unit; and receiving and decrypting the encrypted data file sent by the firmware distributing unit through the firmware receiving unit to acquire firmware upgrading information. Therefore, the safe transmission of data in the firmware upgrading process is fully ensured.
Scheme 1, a data security transmission system for firmware upgrade, characterized by that, the said system includes authentication center, firmware distributing unit, firmware receiving element;
The authentication center is configured to generate public key authentication information of the corresponding unit based on the identity identification code and the public key of each unit and send the public key authentication information to the corresponding unit;
the firmware distribution unit is configured to take the selected firmware upgrading information as a transmission data file, generate an encrypted data file based on public key authentication information of the firmware receiving unit, and send the encrypted data file to the corresponding firmware receiving unit;
And the firmware receiving unit is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to acquire firmware upgrading information.
Scheme 2, the transmission system according to scheme 1, characterized in that the system further comprises a firmware supply unit configured to take the new firmware upgrade information as the transmission data file, generate an encrypted data file based on the public key authentication information of the firmware distribution unit, and send to the firmware distribution unit;
the firmware distribution unit is also configured to receive and decrypt the encrypted data file sent by the firmware supply unit to acquire firmware upgrading information.
Scheme 3, the transmission system according to scheme 2, characterized in that the system further comprises a firmware storage unit configured to store the firmware upgrade information sent by the firmware distribution unit and send the firmware upgrade information called by the firmware distribution unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
the transmission system according to claim 4 or 3, wherein the firmware receiving unit includes a production shop receiving unit, a 4S shop receiving unit, and a vehicle-mounted receiving unit;
The production workshop receiving unit is configured to upgrade the firmware of the vehicle in the production workshop;
the 4S shop receiving unit is configured to perform firmware upgrade on the coming shop vehicle;
The vehicle-mounted receiving unit is configured to upgrade firmware of a vehicle loaded by the vehicle-mounted receiving unit.
Scheme 5, the transmission system according to any one of schemes 1 to 4, wherein the firmware distribution unit is further configured to obtain a public key of the corresponding unit based on public key authentication information of other units, generate a session key and an information authentication code between the firmware distribution unit and other units, encrypt the session key and the information authentication code with the public key of the receiving unit, and send the encrypted session key and the information authentication code to the corresponding unit;
The encrypted transmission of the firmware upgrade information among the units in the system comprises:
The method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver;
the receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
Scheme 6, a data secure transmission method for firmware upgrade, based on any one of schemes 1 to 5, the data secure transmission system for firmware upgrade, the method comprising:
generating public key authentication information of the corresponding unit based on the identity identification codes and the public keys of other units through the authentication center, and sending the public key authentication information to the corresponding unit;
The selected firmware upgrading information is used as a transmission data file through a firmware distribution unit, an encrypted data file is generated based on public key authentication information of a firmware receiving unit, and the encrypted data file is sent to a corresponding firmware receiving unit;
And receiving and decrypting the encrypted data file sent by the firmware distributing unit through the firmware receiving unit to acquire firmware upgrading information.
scheme 7, the transmission method according to scheme 6, characterized in that the method further comprises:
The new firmware upgrading information is used as a transmission data file through the firmware supply unit, an encrypted data file is generated based on the public key verification information of the firmware distribution unit, and the encrypted data file is sent to the firmware distribution unit;
And receiving and decrypting the encrypted data file sent by the firmware supply unit through the firmware distribution unit to acquire firmware upgrading information.
Scheme 8, the transmission method according to scheme 7, characterized in that the method further comprises:
Storing the firmware upgrading information sent by the firmware distributing unit through the firmware storage unit, and sending the firmware upgrading information called by the firmware distributing unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
Scheme 9, the transmission method according to any one of schemes 6 to 8, characterized in that the method further comprises:
The public keys of other units are acquired through the firmware distribution unit based on the public key authentication information of other units, session keys and information authentication codes between the firmware distribution unit and other units are generated, and the session keys and the information authentication codes are encrypted through the public keys of the receiving unit and then sent to the corresponding units;
The encrypted transmission of the firmware upgrade information among the units comprises:
the method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver;
The receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
the transmission method according to claim 10 or 9, wherein the firmware supplying unit transmits the firmware upgrade information to the firmware distributing unit in the following manner:
X1=E[PRVFM,C(KMVFM,F)||IDV||IDECU||IDU||TS1]
E[KSVFM,F||E(PUFDM,X1)]
Wherein E represents encryption, PRVFMProvisioning of Unit private Key, KM, for firmwareVFMAuthenticating a code for information between the firmware provision unit and the firmware distribution unit, F denotes firmware upgrade information, C (KM)VFMAnd F) information authentication code processing, ID, is performed on the firmwareVIs firmware vendor ID, IDECUFor upgrading the ID, of the affected componentUIs ID, T, of the component to be upgradedS1Is a time stamp, KSVFMFor session keys between a firmware provisioning unit and a firmware distribution unit, PUFDMThe unit public key is distributed for the firmware.
the transmission method according to claim 11 or 10, wherein the firmware distribution unit transmits the firmware upgrade information to the firmware storage unit in the following manner:
X2=E[PRFDM,C(KMFS,F)||Info||IDU||TS2];
E[KSFS,F||E(PUFS,X2)]
Wherein, PRFDMDistributing Unit private Key, KM, for firmwareFSfor the information authentication code between the firmware distribution unit and the firmware storage unit, the Info represents additional information including an upgrade version, an ID of a component to be upgraded, a vendor ID, a vendor name, and an upgrade type, TS2Is a time stamp, KSFSFor session keys between a firmware distribution unit and a firmware storage unit, PUFSThe firmware unit public key is stored.
The transmission method according to claim 12 or 11, wherein the firmware distributing unit transmits the firmware upgrade information to the firmware receiving unit in the following manner:
X3=E[PRFDM,C(KMM,F)||IDECU||IDU||TS3]
E[KSVFM,F||E(PUM,X3)]
Wherein KMMfor authenticating codes for information between firmware distribution unit and firmware reception unit, TS3Is a time stamp, PUMThe unit public key is received for the firmware.
the transmission method according to claim 13 or 12, wherein the firmware storing unit transmits the firmware upgrade information to the firmware distributing unit in the following manner:
X4=E[PRFS,C(KMFS,F)||IDECU||IDU||TS4]
E[KSFS,F||E(PUFDM,X4)]
Wherein, PRFSto store the private key of the location for the firmware,KMFSFor authenticating codes for information between firmware distribution unit and firmware storage unit, TS6Is a time stamp, KSFSfor session keys between a firmware distribution unit and a firmware storage unit, PUFDMThe unit public key is distributed for the firmware.
Scheme 14, the transmission method according to scheme 9, characterized in that the method further comprises: and when the firmware distribution unit finds that the firmware has bugs or needs to be repaired, the firmware repair upgrade package is sent to the firmware supply unit.
The transmission method according to claim 15 or 14, wherein the firmware distribution unit sends the firmware repair upgrade package to the firmware provision unit by using the following equation (1) or equation (2):
X5=E[PUVFM,B||E(PRFDM,H(B)||IDV||IDECU||TS5](1)
X6=E[PUVFM,I||E(PRFDM,H(I)||IDV||IDECU||TS6](2)
wherein, PUVFMProvisioning of the Unit public Key, PR, for firmwareFDMDistributing Unit private Key, ID for firmwareVis supplier ID, IDECUID, T, of a component which is defective or requires repairS5And TS6For the time stamp, B represents details of the vulnerability, I represents details of the repair, H (B) represents the hash value of B, and H (I) represents the hash value of I.
Scheme 16, the transmission method according to scheme 9, characterized in that the method further comprises: and the firmware receiving unit sends successful upgrading information and a VIN code list of the vehicle which finishes upgrading to the firmware distribution unit after the firmware is upgraded.
The transmission method according to claim 17 or 16, wherein the firmware receiving unit transmits the upgrade success information to the firmware distributing unit in the following manner:
X7=E[PRM||IDECU||IDU||VIN||TS7]
E(PUFDM,X7)
Wherein E represents encryption, PRMFor firmware to receive unit private key, IDECUfor upgrading the ID, of the affected componentUIs the ID of the upgraded component, VIN is the VIN code, T, of the vehicle that completed the firmware upgradeS7Being time stamps, PUFDMThe unit public key is distributed for the firmware.
The transmission method according to claim 18 or 16, wherein the firmware reception unit transmits the VIN list of the vehicle in which the firmware upgrade is completed to the firmware distribution unit in the following manner:
X8=E[PRM,C(KMM,L)||UID||TS8]
E[KSM,L||E(PUFDM,X8)]
Where E denotes encryption, L is the VIN list of the vehicle that completed the firmware upgrade, PRMReceiving a Unit private Key, KM, for firmwareMFor the authentication code of information between the firmware receiving unit and the firmware distributing unit, C (KM)ML) denotes information authentication code processing for L, UIDTo upgrade an element ID, KSMIs a session key between a firmware distributing unit and a firmware receiving unit, TS8Is a time stamp, PUFDMThe unit public key is distributed for the firmware.
The transmission method according to claim 19 or 6, wherein the public key authentication information of each unit is as follows: e [ PR ]CA,(PUX||IDX||T1||T2)];
wherein PRCAAs authentication center private key, PUXis a public key, ID, of a corresponding unitXis an identification code of the corresponding unit, T1Is a time stamp, T2is the validity period of the public key authentication information.
Drawings
Fig. 1 is a schematic structural diagram of a data secure transmission system for firmware upgrade in a first embodiment of the present invention;
Fig. 2 is a flowchart illustrating a data security transmission method for firmware upgrade according to a second embodiment of the present invention.
Detailed Description
Preferred embodiments of the present invention are described below with reference to the accompanying drawings. It should be understood by those skilled in the art that these embodiments are only for explaining the technical principle of the present invention, and are not intended to limit the scope of the present invention.
first embodiment
Referring to fig. 1, fig. 1 is a schematic structural diagram illustrating a data secure transmission system for firmware upgrade in a first embodiment of the present invention, where the specific structure includes:
The authentication center 101 is configured to generate public key authentication information of the corresponding unit based on the identification code and the public key of each unit, encrypt the public key of the corresponding unit, and send the public key to the corresponding unit. After the authentication of the authentication center 101, the units can perform secure data transmission based on the public key authentication information. Specifically, in this embodiment, each unit encrypts its id and public key with the public key of the certificate authority 101 and sends them to the certificate authority 101, and the certificate authority 101 generates the following public key authentication information:
E[PRCA,(PUX||IDX||T1||T2)];
Wherein PRCAIs authentication center 101 private key, PUXIs a public key, ID, of a corresponding unitXis an identification code of the corresponding unit, T1Is a time stamp, T2is the validity period of the public key authentication information. The public key authentication information is encrypted and sent through the public key of the corresponding unit, so that the corresponding public key authentication information can be obtained only by the specific unit.
The firmware distribution unit 102 is configured to use the selected firmware upgrade information as a transmission data file, generate an encrypted data file based on the public key authentication information of the firmware reception unit, and transmit the encrypted data file to the corresponding firmware reception unit. In addition, the firmware distribution unit 102 is further configured to acquire new firmware upgrade information from the firmware provisioning unit 104. And when finding that the firmware has a bug or needs to be repaired, the firmware distribution unit 102 will actively encrypt the firmware upgrade repair package and send the encrypted firmware upgrade repair package to the firmware supply unit 104, and after receiving the firmware upgrade repair package, the firmware supply unit 104 will prepare new firmware upgrade information and encrypt the new firmware upgrade information and send the encrypted firmware upgrade information to the firmware distribution unit 102. In reality, multiple firmware suppliers need to be involved, and only one firmware supplier is illustrated in fig. 1.
In addition, for encryption during firmware transmission, the firmware distribution unit 102 is further configured to obtain a public key of the corresponding unit based on the public key authentication information of each other unit, generate a session key and an information authentication code between the firmware distribution unit 102 and each other unit, encrypt the session key and the information authentication code with the public key of the receiving unit, and send the encrypted session key and the information authentication code to the corresponding unit.
And the firmware receiving unit 103 is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to obtain firmware upgrading information. And after the firmware is upgraded, the firmware receiving unit 103 transmits upgrade success information and a VIN code list of the vehicle that has completed the upgrade to the firmware distributing unit 102. Specifically, in the present embodiment, the firmware receiving unit 103 includes a production shop receiving unit 1032, a 4S shop receiving unit 1031, and an in-vehicle receiving unit 1033; a plant floor receiving unit 1032 configured to perform firmware upgrade on the vehicle at the plant floor; a 4S shop receiving unit 1031 configured to perform firmware upgrade on the incoming shop vehicle; the in-vehicle receiving unit 1033 is configured to perform firmware upgrade on the vehicle loaded therein.
in addition, in order to complete the storage of the firmware, the system further includes a firmware storage unit 105 configured to store the firmware upgrade information sent by the firmware distribution unit 102, and send the firmware to the firmware distribution unit 102 according to a call instruction after receiving the call instruction of the firmware distribution unit 102. The firmware upgrade information encryption and decryption configuration method of the firmware storage unit 105 is consistent with that of the firmware distribution unit 102.
The encrypted transmission of the firmware upgrade information between the units in the system comprises: the method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver; the receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
In the data security transmission system for firmware upgrade in this embodiment, the authentication center is configured to generate public key authentication information of the corresponding unit based on the identification code and the public key of each unit, and send the public key authentication information to the corresponding unit; the firmware distribution unit is configured to take the selected firmware upgrading information as a transmission data file, generate an encrypted data file based on the public key authentication information of the firmware receiving unit, and send the encrypted data file to the corresponding firmware receiving unit; the firmware receiving unit is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to acquire firmware upgrading information. Therefore, the safe transmission of data in the firmware upgrading process is fully ensured.
second embodiment
Referring to fig. 2, fig. 2 is a schematic flow chart illustrating a data security transmission system for firmware upgrade according to a second embodiment of the present invention, which includes the following specific steps:
And S201, generating public key authentication information of the corresponding unit through the authentication center based on the identification codes and the public keys of other units, and sending the public key authentication information to the corresponding unit.
Specifically, in this embodiment, the process of the certificate authority generating the public key authentication information of each unit is as follows:
The authentication center uses its own public key PUCASent to each unit, each unit receiving the PUCAThen the public key PU of the userXAnd an identification code IDXby PUCASending the encrypted data to an authentication center, and enabling the authentication center to pass through a private key PR of the authentication centerCAObtain PU after decrypting informationXAnd IDXThen, the following public key authentication information is generated:
E[PRCA,(PUX||IDX||T1||T2)];
Wherein the PUXIs a public key, ID, of a corresponding unitXIs the body of the corresponding unitIdentification code, T1Is a time stamp, T2Is the validity period of the public key authentication information. The time stamp may prevent replay and relay attacks. The public key authentication information is encrypted by the public key of the corresponding unit and then sent to the corresponding unit, so that the corresponding public key authentication information can be obtained only by a specific unit.
After each unit obtains the own public key authentication information, the firmware distribution unit exchanges the own public key authentication information with other units to obtain the public keys of other units, generates session keys and information authentication codes between the firmware distribution unit and other units, encrypts the session keys and the information authentication codes by the public key of the receiving unit and then sends the encrypted session keys and the information authentication codes to the corresponding units. The session key is mainly used for encrypting the firmware in the firmware transmission process, because the firmware is generally a large file, the decryption speed can be increased in decryption by the symmetric encryption mode. The information authentication code is used for judging the integrity of a transmission source and data in the firmware transmission process.
Specifically, the data transmission of each unit in the present embodiment is based on the following manner:
the method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver; the receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
S202, the firmware upgrading information is generated into an encrypted data file based on the public key authentication information of the firmware receiving unit and is sent to the corresponding firmware receiving unit.
The firmware upgrading information is a series of data for firmware upgrading, and the firmware upgrading information is sent to the firmware distribution unit by the firmware supply unit and is sent to the corresponding firmware receiving unit by the firmware distribution unit according to the specific content of the firmware upgrading information. In addition, except that the firmware supply unit actively sends new firmware to the firmware distribution unit, when finding that the firmware has bugs or needs to be upgraded, the firmware distribution unit sends an upgrade repair package of the firmware to the firmware supply unit.
when acquiring a new firmware, the firmware distribution unit sends the firmware to the corresponding firmware receiving unit, and also sends the firmware to the firmware storage unit for storage, and calls the corresponding firmware from the firmware storage unit when the firmware is needed.
Specifically, the firmware provisioning unit transmits the firmware upgrade information to the firmware distribution unit in the following manner:
X1=E[PRVFM,C(KMVFM,F)||IDV||IDECU||IDU||TS1]
E[KSVFM,F||E(PUFDM,X1)]
Wherein, PRVFMProvisioning of Unit private Key, KM, for firmwareVFMAuthenticating a code for information between the firmware provision unit and the firmware distribution unit, F denotes firmware upgrade information, C (KM)VFMAnd F) information authentication code processing, ID, is performed on the firmwareVIs firmware vendor ID, IDECUFor upgrading the ID, of the affected componentUIs ID, T, of the component to be upgradedS1is a time stamp, KSVFMFor session keys between a firmware provisioning unit and a firmware distribution unit, PUFDMThe unit public key is distributed for the firmware.
In the above manner, both symmetric and asymmetric encryption methods are used. The symmetric encryption method is mainly applied to large files, and the object is firmware. The asymmetric encryption method mainly applies the transmission of a secret key and the authentication of identity. The firmware supply unit uses PRVFMThe MAC is signed. X1use PUFDMEncryption is performed to ensure that only the firmware distribution unit can use its private key to unlock it.
Similarly, the firmware distribution unit transmits the firmware upgrade information to the firmware storage unit in the following manner:
X2=E[PRFDM,C(KMFS,F)||Info||IDU||TS2];
E[KSFS,F||E(PUFS,X2)]
Wherein, PRFDMDistributing Unit private Key, KM, for firmwareFSFor the information authentication code between the firmware distribution unit and the firmware storage unit, the Info represents additional information including an upgrade version, an ID of a component to be upgraded, a vendor ID, a vendor name, and an upgrade type, TS2Is a time stamp, KSFSFor session keys between a firmware distribution unit and a firmware storage unit, PUFSthe firmware unit public key is stored.
The firmware distributing unit transmits the firmware upgrade information to the firmware receiving unit in the following manner:
X3=E[PRFDM,C(KMM,F)||IDECU||IDU||TS3]
E[KSVFM,F||E(PUM,X3)]
Wherein KMMfor authenticating codes for information between firmware distribution unit and firmware reception unit, TS3Is a time stamp, PUMthe unit public key is received for the firmware.
The firmware storing unit transmits the firmware upgrade information to the firmware distributing unit in the following manner:
X4=E[PRFS,C(KMFS,F)||IDECU||IDU||TS4]
E[KSFS,F||E(PUFDM,X4)]
Wherein, PRFSStoring the Unit private Key, KM, for firmwareFSfor authenticating codes for information between firmware distribution unit and firmware storage unit, TS6is a time stamp, KSFSFor session keys between a firmware distribution unit and a firmware storage unit, PUFDMThe unit public key is distributed for the firmware.
Further, the firmware distribution unit transmits the repair upgrade package of the firmware to the firmware provision unit by the way of equation (1) or equation (2):
X5=E[PUVFM,B||E(PRFDM,H(B)||IDV||IDECU||TS5] (1)
X6=E[PUVFM,I||E(PRFDM,H(I)||IDV||IDECU||TS6] (2)
Wherein, PUVFMProvisioning of the Unit public Key, PR, for firmwareFDMdistributing Unit private Key, ID for firmwareVis supplier ID, IDECUID, T, of a component which is defective or requires repairS5And TS6For the time stamp, B represents details of the vulnerability, I represents details of the repair, H (B) represents the hash value of B, and H (I) represents the hash value of I.
Due to message X5And X6not so large, so only asymmetric encryption is employed in the above approach. The firmware supply unit compares the hash value after receiving the message, and if the verification is passed, the upgrading process is started.
S203, the encrypted data file sent by the firmware distributing unit is received and decrypted by the firmware receiving unit, and firmware upgrading information is obtained.
After the firmware receiving unit obtains the firmware upgrading information, corresponding firmware can be upgraded according to the firmware upgrading information, and after the firmware upgrading is completed, upgrading success information and a VIN code list of the vehicle which completes the upgrading are sent to the firmware distributing unit.
Specifically, in the present embodiment, the firmware receiving unit transmits the upgrade success information to the firmware distributing unit in the following manner:
X7=E[PRM||IDECU||IDU||VIN||TS7]
E(PUFDM,X7)
Wherein E represents encryption, PRMFor firmware to receive unit private key, IDECUFor upgrading the ID, of the affected componentUIs the ID of the upgraded component, VIN is the VIN code, T, of the vehicle that completed the firmware upgradeS7being time stamps, PUFDMThe unit public key is distributed for the firmware.
The VIN list of the vehicle that completed the firmware upgrade is sent to the firmware distribution unit in the following manner:
X8=E[PRM,C(KMM,L)||UID||TS8]
E[KSM,L||E(PUFDM,X8)]
Where E denotes encryption, L is the VIN list of the vehicle that completed the firmware upgrade, PRMReceiving a Unit private Key, KM, for firmwareMFor the authentication code of information between the firmware receiving unit and the firmware distributing unit, C (KM)ML) denotes information authentication code processing for L, UIDto upgrade an element ID, KSMIs a session key between a firmware distributing unit and a firmware receiving unit, TS8Is a time stamp, PUFDMThe unit public key is distributed for the firmware.
Further, the firmware receiving unit in the present embodiment includes a production shop receiving unit, a 4S shop receiving unit, and an in-vehicle receiving unit. A shop floor receiving unit configured to perform firmware upgrade on a vehicle at a shop floor; a 4S shop receiving unit configured to perform firmware upgrade on the incoming shop vehicle; and the vehicle-mounted receiving unit is configured to upgrade the firmware of the vehicle loaded by the vehicle-mounted receiving unit.
In the data security transmission method for firmware upgrade in this embodiment, public key authentication information of a corresponding unit is generated by an authentication center based on the identification codes and public keys of other units, and is sent to the corresponding unit; the selected firmware upgrading information is used as a transmission data file through a firmware distribution unit, an encrypted data file is generated based on public key authentication information of a firmware receiving unit, and the encrypted data file is sent to a corresponding firmware receiving unit; and receiving and decrypting the encrypted data file sent by the firmware distributing unit through the firmware receiving unit to acquire firmware upgrading information. Therefore, the safe transmission of data in the firmware upgrading process is fully ensured.
So far, the technical solutions of the present invention have been described in connection with the preferred embodiments shown in the drawings, but it is easily understood by those skilled in the art that the scope of the present invention is obviously not limited to these specific embodiments. Equivalent changes or substitutions of related technical features can be made by those skilled in the art without departing from the principle of the invention, and the technical scheme after the changes or substitutions can fall into the protection scope of the invention.

Claims (17)

1. A data security transmission system for firmware upgrade is characterized by comprising an authentication center, a firmware distribution unit and a firmware receiving unit;
The authentication center is configured to generate public key authentication information of the corresponding unit based on the identity identification code and the public key of each unit and send the public key authentication information to the corresponding unit;
the firmware distribution unit is configured to take the selected firmware upgrading information as a transmission data file, generate an encrypted data file based on public key authentication information of the firmware receiving unit, and send the encrypted data file to the corresponding firmware receiving unit;
the firmware receiving unit is configured to receive and decrypt the encrypted data file sent by the firmware distributing unit to acquire firmware upgrading information;
The firmware distribution unit is also configured to acquire the public key of the corresponding unit based on the public key authentication information of other units, generate session keys and information authentication codes between the firmware distribution unit and other units, encrypt the session keys and the information authentication codes by the public key of the receiving unit and send the encrypted session keys and the information authentication codes to the corresponding unit;
The encrypted transmission of the firmware upgrade information among the units in the system comprises:
The method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver;
The receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
2. The transmission system according to claim 1, further comprising a firmware supplying unit configured to generate an encrypted data file based on public key authentication information of the firmware distributing unit with new firmware upgrade information as the transmission data file, and send the encrypted data file to the firmware distributing unit;
The firmware distribution unit is also configured to receive and decrypt the encrypted data file sent by the firmware supply unit to acquire firmware upgrading information.
3. The transmission system according to claim 2, wherein the system further comprises a firmware storage unit configured to store the firmware upgrade information transmitted by the firmware distribution unit and transmit the firmware upgrade information called by the firmware distribution unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
4. The transmission system according to claim 3, wherein the firmware receiving unit includes a production shop receiving unit, a 4S shop receiving unit, and an in-vehicle receiving unit;
The production workshop receiving unit is configured to upgrade the firmware of the vehicle in the production workshop;
The 4S shop receiving unit is configured to perform firmware upgrade on the coming shop vehicle;
the vehicle-mounted receiving unit is configured to upgrade firmware of a vehicle loaded by the vehicle-mounted receiving unit.
5. a data secure transmission method for firmware upgrade, which is based on the data secure transmission system for firmware upgrade of any one of claims 1 to 4, and comprises:
Generating public key authentication information of the corresponding unit based on the identity identification codes and the public keys of other units through the authentication center, and sending the public key authentication information to the corresponding unit;
The selected firmware upgrading information is used as a transmission data file through a firmware distribution unit, an encrypted data file is generated based on public key authentication information of a firmware receiving unit, and the encrypted data file is sent to a corresponding firmware receiving unit;
receiving and decrypting the encrypted data file sent by the firmware distributing unit through the firmware receiving unit to acquire firmware upgrading information;
the method further comprises the following steps:
The public keys of other units are acquired through the firmware distribution unit based on the public key authentication information of other units, session keys and information authentication codes between the firmware distribution unit and other units are generated, and the session keys and the information authentication codes are encrypted through the public keys of the receiving unit and then sent to the corresponding units;
The encrypted transmission of the firmware upgrade information among the units comprises:
The method comprises the steps that a sender encrypts and sends firmware upgrading information based on a session key between the sender and a receiver, obtains authentication code information of the firmware upgrading information based on an information authentication code between the sender and the sender, and encrypts and sends the authentication code information through a public key of the receiver;
The receiver decrypts the encrypted data file based on the private key of the receiver to obtain corresponding authentication code information, authenticates the authentication code information, and decrypts the encrypted data file based on the session key between the receiver and the sender after the authentication is passed to obtain firmware upgrading information.
6. The transmission method according to claim 5, characterized in that the method further comprises:
The new firmware upgrading information is used as a transmission data file through the firmware supply unit, an encrypted data file is generated based on the public key verification information of the firmware distribution unit, and the encrypted data file is sent to the firmware distribution unit;
And receiving and decrypting the encrypted data file sent by the firmware supply unit through the firmware distribution unit to acquire firmware upgrading information.
7. The transmission method according to claim 6, characterized in that the method further comprises:
storing the firmware upgrading information sent by the firmware distributing unit through the firmware storage unit, and sending the firmware upgrading information called by the firmware distributing unit; the configuration method of the firmware upgrading information encryption and decryption of the firmware storage unit is consistent with that of the firmware distribution unit.
8. the transmission method according to claim 5, wherein the firmware provision unit transmits the firmware upgrade information to the firmware distribution unit in the following manner:
X1=E[PRVFM,C(KMVFM,F)||IDV||IDECU||IDU||TS1]
E[KSVFM,F||E(PUFDM,X1)]
Wherein E represents encryption, PRVFMProvisioning of Unit private Key, KM, for firmwareVFMAuthenticating a code for information between the firmware provision unit and the firmware distribution unit, F denotes firmware upgrade information, C (KM)VFMAnd F) information authentication code processing, ID, is performed on the firmwareVis firmware vendor ID, IDECUfor upgrading the ID, of the affected componentUIs ID, T, of the component to be upgradedS1Is a time stamp, KSVFMFor session keys between a firmware provisioning unit and a firmware distribution unit, PUFDMThe unit public key is distributed for the firmware.
9. The transmission method according to claim 8, wherein the firmware distribution unit transmits the firmware upgrade information to the firmware storage unit in the following manner:
X2=E[PRFDM,C(KMFS,F)||Info||IDU||TS2];
E[KSFS,F||E(PUFS,X2)]
Wherein, PRFDMDistributing Unit private Key, KM, for firmwareFSfor the information authentication code between the firmware distribution unit and the firmware storage unit, Info represents additional information including upgrade version, ID of the component to be upgraded, vendor ID, vendor name and upgrade type, TS2Is a time stamp, KSFSAs a firmware distribution unit and a firmware storage unitsession key between, PUFSThe firmware unit public key is stored.
10. The transmission method according to claim 9, wherein the firmware distribution unit transmits the firmware upgrade information to the firmware reception unit in the following manner:
X3=E[PRFDM,C(KMM,F)||IDECU||IDU||TS3]
E[KSVFM,F||E(PUM,X3)]
wherein KMMFor authenticating codes for information between firmware distribution unit and firmware reception unit, TS3Is a time stamp, PUMThe unit public key is received for the firmware.
11. The transmission method according to claim 10, wherein the firmware storing unit transmits the firmware upgrade information to the firmware distributing unit in the following manner:
X4=E[PRFS,C(KMFS,F)||IDECU||IDU||TS4]
E[KSFS,F||E(PUFDM,X4)]
Wherein, PRFSStoring the Unit private Key, KM, for firmwareFSFor authenticating codes for information between firmware distribution unit and firmware storage unit, TS6is a time stamp, KSFSFor session keys between a firmware distribution unit and a firmware storage unit, PUFDMThe unit public key is distributed for the firmware.
12. the transmission method according to claim 5, characterized in that the method further comprises: and when the firmware distribution unit finds that the firmware has bugs or needs to be repaired, the firmware repair upgrade package is sent to the firmware supply unit.
13. The transmission method according to claim 12, wherein the firmware distribution unit transmits the repair upgrade package of the firmware to the firmware provisioning unit by means of equation (1) or equation (2):
X5=E[PUVFM,B||E(PRFDM,H(B)||IDV||IDECU||TS5] (1)
X6=E[PUVFM,I||E(PRFDM,H(I)||IDV||IDECU||TS6] (2)
wherein, PUVFMProvisioning of the Unit public Key, PR, for firmwareFDMDistributing Unit private Key, ID for firmwareVis supplier ID, IDECUID, T, of a component which is defective or requires repairS5And TS6For the time stamp, B represents details of the vulnerability, I represents details of the repair, H (B) represents the hash value of B, and H (I) represents the hash value of I.
14. The transmission method according to claim 5, characterized in that the method further comprises: and the firmware receiving unit sends successful upgrading information and a VIN code list of the vehicle which finishes upgrading to the firmware distribution unit after the firmware is upgraded.
15. The transmission method according to claim 14, wherein the firmware reception unit transmits the upgrade success information to the firmware distribution unit in the following manner:
X7=E[PRM||IDECU||IDU||VIN||TS7]
E(PUFDM,X7)
wherein E represents encryption, PRMFor firmware to receive unit private key, IDECUFor upgrading the ID, of the affected componentUIs the ID of the upgraded component, VIN is the VIN code, T, of the vehicle that completed the firmware upgradeS7Being time stamps, PUFDMThe unit public key is distributed for the firmware.
16. The transmission method according to claim 14, wherein the firmware reception unit transmits the VIN list of the vehicle that completed the firmware upgrade to the firmware distribution unit in the following manner:
X8=E[PRM,C(KMM,L)||UID||TS8]
E[KSM,L||E(PUFDM,X8)]
Where E denotes encryption, L is the VIN list of the vehicle that completed the firmware upgrade, PRMReceiving a Unit private Key, KM, for firmwareMFor the authentication code of information between the firmware receiving unit and the firmware distributing unit, C (KM)ML) denotes information authentication code processing for L, UIDto upgrade an element ID, KSMIs a session key between a firmware distributing unit and a firmware receiving unit, TS8Is a time stamp, PUFDMthe unit public key is distributed for the firmware.
17. The transmission method according to claim 5, wherein the public key authentication information of each unit is as follows: e [ PR ]CA,(PUX||IDX||T1||T2)];
Wherein PRCAAs authentication center private key, PUXIs a public key, ID, of a corresponding unitXIs an identification code of the corresponding unit, T1Is a time stamp, T2Is the validity period of the public key authentication information.
CN201710123213.7A 2017-03-03 2017-03-03 Data security transmission system and method for firmware upgrade Active CN106850311B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710123213.7A CN106850311B (en) 2017-03-03 2017-03-03 Data security transmission system and method for firmware upgrade

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710123213.7A CN106850311B (en) 2017-03-03 2017-03-03 Data security transmission system and method for firmware upgrade

Publications (2)

Publication Number Publication Date
CN106850311A CN106850311A (en) 2017-06-13
CN106850311B true CN106850311B (en) 2019-12-13

Family

ID=59137836

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710123213.7A Active CN106850311B (en) 2017-03-03 2017-03-03 Data security transmission system and method for firmware upgrade

Country Status (1)

Country Link
CN (1) CN106850311B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109977674A (en) * 2017-12-28 2019-07-05 航天信息股份有限公司 The method for upgrading software and device of embedded device
CN108228230A (en) * 2017-12-28 2018-06-29 努比亚技术有限公司 Upgrade method, terminal and the computer readable storage medium of UFS firmwares
CN108762788B (en) * 2018-05-31 2023-07-28 杭州吉吉知识产权运营有限公司 Method and system for encrypting firmware of embedded equipment based on server
CN108874432B (en) * 2018-08-17 2022-07-12 深圳市优驰科技有限公司 Wireless firmware upgrade system
CN110225063B (en) * 2019-07-02 2021-09-03 广州小鹏汽车科技有限公司 Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
CN110650478B (en) * 2019-10-12 2023-11-28 捷德(江西)技术有限公司 OTA method, system, device, SE module, program server and medium
CN110908695A (en) * 2019-10-18 2020-03-24 中国第一汽车股份有限公司 Vehicle remote upgrading method, device and system
CN113867818B (en) * 2021-09-28 2024-04-16 潍柴动力股份有限公司 Method, device, computer equipment and medium for generating ini file

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101184301A (en) * 2007-12-14 2008-05-21 中兴通讯股份有限公司 Mobile terminal remote firmware updating method and system
CN101436141A (en) * 2008-11-21 2009-05-20 深圳创维数字技术股份有限公司 Firmware upgrading and encapsulating method and device based on digital signing
CN101470411A (en) * 2007-12-28 2009-07-01 联合汽车电子有限公司 System and method for safely updating ECU data
CN101924607A (en) * 2010-08-27 2010-12-22 华为终端有限公司 Firmware processing method based on firmware air transmission technology, device and system thereof
CN102611720A (en) * 2011-01-21 2012-07-25 基信康信息技术(上海)有限公司 Mobile phone firmware upgrade method
CN104090790A (en) * 2014-06-30 2014-10-08 飞天诚信科技股份有限公司 Two-chip scheme firmware updating method for safety terminal

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101184301A (en) * 2007-12-14 2008-05-21 中兴通讯股份有限公司 Mobile terminal remote firmware updating method and system
CN101470411A (en) * 2007-12-28 2009-07-01 联合汽车电子有限公司 System and method for safely updating ECU data
CN101436141A (en) * 2008-11-21 2009-05-20 深圳创维数字技术股份有限公司 Firmware upgrading and encapsulating method and device based on digital signing
CN101924607A (en) * 2010-08-27 2010-12-22 华为终端有限公司 Firmware processing method based on firmware air transmission technology, device and system thereof
CN102611720A (en) * 2011-01-21 2012-07-25 基信康信息技术(上海)有限公司 Mobile phone firmware upgrade method
CN104090790A (en) * 2014-06-30 2014-10-08 飞天诚信科技股份有限公司 Two-chip scheme firmware updating method for safety terminal

Also Published As

Publication number Publication date
CN106850311A (en) 2017-06-13

Similar Documents

Publication Publication Date Title
CN106850311B (en) Data security transmission system and method for firmware upgrade
JP6754325B2 (en) Authentication method for in-vehicle authentication system, in-vehicle authentication device, computer program and communication device
US10999078B2 (en) Software distribution processing device, software distribution processing method, and vehicle
CN109479000B (en) Reuse system, key generation device, data security device, vehicle-mounted computer, reuse method, and storage medium
US10419220B2 (en) Management device, key generating device, vehicle, maintenance tool, management system, management method, and computer program
CN111131313B (en) Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile
CN103546576B (en) A kind of embedded device remote automatic upgrading method and system
CN101145906B (en) Method and system for authenticating legality of receiving terminal in unidirectional network
CN106572106B (en) Method for transmitting message between TBOX terminal and TSP platform
WO2017147207A1 (en) Method to establish and update keys for secure in-vehicle network communication
CN107409045B (en) Management device, management method, and storage medium
CN102006171B (en) Method for updating internal clock of dynamic password token, token, authentication equipment and system
CN101944170B (en) Method, system and device for issuing software version
US11522685B2 (en) Key management system, communication device and key sharing method
US20140016781A1 (en) Motor vehicle control unit having a cryptographic device
US9998476B2 (en) Data distribution apparatus, communication system, moving object, and data distribution method
US8949611B1 (en) Methods, apparatus and computer program products for authenticating and determining integrity of a software part of an air vehicle
CN110768938A (en) Vehicle safety communication method and device
WO2018092356A1 (en) Communication system, vehicle, server device, communication method, and computer program
CN102413132A (en) Two-way-security-authentication-based data downloading method and system
JP2016092811A (en) Key management system, key management server device, management device, vehicle, key management method and computer program
CN110621014A (en) Vehicle-mounted equipment, program upgrading method thereof and server
CN113015159B (en) Initial security configuration method, security module and terminal
CN105592071A (en) Method and device for authorization between devices
US11516194B2 (en) Apparatus and method for in-vehicle network communication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant