CN107784712A - A kind of method of car networking embedded system car telephone control cryptographic check - Google Patents

A kind of method of car networking embedded system car telephone control cryptographic check Download PDF

Info

Publication number
CN107784712A
CN107784712A CN201610723855.6A CN201610723855A CN107784712A CN 107784712 A CN107784712 A CN 107784712A CN 201610723855 A CN201610723855 A CN 201610723855A CN 107784712 A CN107784712 A CN 107784712A
Authority
CN
China
Prior art keywords
password
hash
car
character
embedded system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610723855.6A
Other languages
Chinese (zh)
Inventor
田雨农
宋涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dalian Roiland Technology Co Ltd
Original Assignee
Dalian Roiland Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dalian Roiland Technology Co Ltd filed Critical Dalian Roiland Technology Co Ltd
Priority to CN201610723855.6A priority Critical patent/CN107784712A/en
Publication of CN107784712A publication Critical patent/CN107784712A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to field of information security technology, specifically a kind of method of car networking embedded system car telephone control cryptographic check.This method is specific as follows:S1. key and HASH are shared in cell phone application and ARM mainboards;When S2. carrying out control car using cell phone application, password can be generated in real time, and the password is sent to ARM mainboards by DTMF modes;The password that S3.ARM mainboards obtain according to DTMF, is verified.The present invention uses time synchronized dynamic password password, can obtain password in real time, and cipher safety is strong, reduces risk cost, overcomes hidden danger and defect existing for existing static password.

Description

A kind of method of car networking embedded system car telephone control cryptographic check
Technical field
The present invention relates to field of information security technology, specifically a kind of car networking embedded system car telephone control is close The method of code check.
Background technology
Numerical ciphers used in subscriber phone control vehicle are generated by control password is static.Traditional " account+close The password referred in code " authentication mode is static password, is by a string of static datas of user oneself setting, static password Once after setting, except non-user is changed, otherwise it will keep constant.This also has led to the security disadvantages of static password, than Such as it is easily stolen and sees, guesses, dictionary attack, Brute Force, steal, monitor, Replay Attack, Trojan attack.In order to from certain The security of static password is improved in degree, user periodically can be modified to password, but this result in static password again In use and managerial difficulty, particularly when a user there are several or even tens passwords to need processing, it is very easy to Cause password to misremember the problems such as forgeing with password, and also be difficult to require all user can strict implement periodic modification it is close The operation of code, even if user's periodic modification, it is fixed that password, which also has a quite a while,.
For on the whole, the shortcomings that static password and deficiency is mainly manifested in the following aspects:
(1), the ease for use of static password and security are mutually exclusive, and both can not take into account, the password simply easily remembered Security is weak, and complicated static password is safe but is not easy to remember and safeguards;
(2), static password security is low, is subject to various forms of security attacks;
(3), the risk cost of static password is high, once divulging a secret will likely cause farthest to lose, and is occurring Before loss, do not know that static password has been divulged a secret generally.
The content of the invention
To solve the above problems, the invention provides a kind of control cryptographic check of car networking embedded system car telephone The method of method, i.e. usage time synchronous dynamic password code verification.
To reach above-mentioned purpose, what the present invention was realized in:Car networking embedded system car telephone control password school The method tested, comprises the following steps:
S1. key and HASH (control password) are shared in cell phone application and ARM mainboards;
When S2. carrying out control car using cell phone application, password can be generated in real time, and the password is sent to ARM master by DTMF modes Plate;
The password that S3.ARM mainboards obtain according to DTMF, is verified.
Further, in step S2, the rule of password generation is as follows:
S2.1. according to time stamp T and time interval STEP, using formula counter N=T/STEP, counter N is calculated. Time stamp T is the UTC time at cell phone application end, when time interval STEP is pre-set between cell phone application and ARM mainboards Between be spaced, the communication required time between described time interval and cell phone application and ARM mainboards is relevant, is preferably by checking STEP=300;
S2.2. HASH and counter N are directly stitched together and carry out HASH calculating;
S2.3. low byte interception modulus is carried out to the result that HASH is calculated, obtains numerical ciphers;
Further, in step S3, the rule of password authentification is as follows:
S3.1. according to time stamp T and time interval STEP, using formula counter N=T/STEP, counter N is calculated;
S3.2.ARM mainboards need three times HASH calculate, that is to say, that by HASH respectively with N+1, N, N-1 be stitched together into Row HASH is calculated;
S3.3. low byte interception modulus is carried out to the result that HASH three times is calculated, obtains numerical ciphers respectively.
S3.4. and then three groups of numerical ciphers are compared with the password that cell phone application calculates, if there is one group can correspond to On, then it is proved to be successful.
Preferably, low byte interception removing step is:Ten are carried out to each character of the character string of HASH result of calculations Senary is changed, and according to order from right to left, the character of low byte is taken to the hexadecimal number of each character, if taken The character obtained is a then preservation of the character as password, if the character obtained is not 0 to 9 in the range of 0 to 9 In the range of, then abandon, low byte interception modulus processing is carried out to character late, by that analogy, until obtaining enough digits Numerical ciphers.
Beneficial effect:The method of the car networking embedded system car telephone control cryptographic check of the present invention is same using the time Dynamic password password is walked, password can be obtained in real time, cipher safety is strong, reduces risk cost, it is close to overcome existing static state Hidden danger and defect existing for code.
Brief description of the drawings
Fig. 1 is the method schematic diagram that car networking embedded system car telephone of the present invention controls cryptographic check.
Embodiment
Below in conjunction with the accompanying drawings, by specific embodiment, the invention will be further described.Following examples are descriptive , it is not limited, it is impossible to which protection scope of the present invention is limited with this.
Embodiment 1
A kind of method of car networking embedded system car telephone control cryptographic check, comprises the following steps:
S1. usage time synchronous dynamic password, key and HASH are shared in cell phone application and ARM mainboards;
The Basic Authentication principle of time synchronized dynamic password is:In certification both sides' shared key, in pre-set interval Different dynamic passwords can be produced by being counted in time according to current time and carrying out computing with key.
When S2. carrying out control car using cell phone application, 4 bit digital passwords can be generated in real time, and then user is by the digital close of generation Code is input in Password Input frame, and is sent to ARM mainboards by DTMF modes;
The rule of numerical ciphers generation is as follows:
(1) using formula counter N=T/STEP, calculates counter N according to time stamp T and time interval STEP, Counter N is direct round numbers part, is not rounded up;
(2) HASH and counter N is directly stitched together and carries out HASH calculating by;
It is up-down error between 301 seconds and 599 seconds if taking STEP=300;
(3) result that is calculated HASH carries out low byte interception modulus, obtains 4 bit digital passwords;
Low byte intercept modulus the step of be:
The result that HASH is calculated is character string, each character progress hexadecimal conversion to character string, and according to Order from right to left, the character of low byte is taken to the hexadecimal number of each character.If the character obtained is 0 to 9 In the range of, then a preservation as password.If the character obtained is abandoned not in the range of 0 to 9.To next word Symbol carries out low byte interception modulus processing.By that analogy, until getting 4 bit digital passwords.Above-mentioned 4 bit digital password is by artificial 4 of definition.
It is shared that low byte, which intercepts modulus in mobile phone terminal and ARM mainboards end, so both can guarantee that cipher safety, and can Password is set to be shared in mobile phone terminal and ARM mainboards end.
The password that S3.ARM mainboards obtain according to DTMF, is verified.
The rule of password authentification is as follows:
(1), using formula counter N=T/STEP, calculates counter N according to time stamp T and time interval STEP. Counter N is direct round numbers part, is not rounded up.Wherein:
Time stamp T be ARM mainboards UTC time, i.e., when 1 day 0 January in 1970 with the second remember time;
Time interval pre-set between cell phone application and ARM mainboards time interval STEP, such as STEP=300.
(2) .ARM mainboards need HASH calculating three times, i.e. N+1, N, N-1
HASH and N are directly stitched together and carry out HASH calculating;
HASH and N-1 are directly stitched together and carry out HASH calculating;
HASH and N+1 are directly stitched together and carry out HASH calculating;
Time when sending packet is preserved in the message that mobile phone terminal is sent.And from mobile phone terminal by mobile network to The time that ARM mainboards need is uncertain, therefore when HASH is calculated, takes value three times using counter, both N+1, N, N-1's Mode separately verifies, if wherein one-time authentication success, passes through checking.It is if all unsuccessful three times, then it is assumed that checking is lost Lose, notify mobile phone terminal, timing error.
(3) low byte interception modulus is carried out to the result that HASH three times is calculated, obtains 4 bit digital passwords respectively.
(4) three groups of numerical ciphers are compared with the password that cell phone application calculates, if there is one group can correspond to, tested Demonstrate,prove successfully.
The result of verification is successfully, then it is assumed that cryptographic check is correct, and user can be carried out controlling car;If verify three times As a result all it is failure, then it is assumed that cryptographic check mistake, user can not carry out control car.
It is described above, the only preferable embodiment of the invention, but the protection domain of the invention is not This is confined to, any one skilled in the art is in the technical scope that the invention discloses, according to the present invention The technical scheme of creation and its inventive concept are subject to equivalent substitution or change, should all cover the invention protection domain it It is interior.

Claims (5)

  1. A kind of 1. method of car networking embedded system car telephone control cryptographic check, it is characterised in that comprise the following steps:
    S1. key and HASH are shared in cell phone application end and ARM mainboards;
    When S2. carrying out control car using cell phone application, password can be generated in real time, and the password is sent to ARM mainboards by DTMF modes;
    The password that S3.ARM mainboards obtain according to DTMF is verified.
  2. 2. a kind of method of car networking embedded system car telephone control cryptographic check according to claim 1, it is special Sign is, in step S2, the rule of password generation is as follows:
    S2.1. according to time stamp T and time interval STEP, using formula counter N=T/STEP, counter N is calculated;
    S2.2. HASH and counter N are directly stitched together and carry out HASH calculating;
    S2.3. low byte interception modulus is carried out to the result that HASH is calculated, obtains numerical ciphers.
  3. 3. a kind of method of car networking embedded system car telephone control cryptographic check according to claim 1, it is special Sign is, in step S3, the rule of password authentification is as follows:
    S3.1. according to time stamp T and time interval STEP, using formula counter N=T/STEP, counter N is calculated;
    S3.2.ARM mainboards need to calculate three times, and by HASH respectively with N+1, N, N-1, which are stitched together, carries out HASH calculating;
    S3.3. low byte interception modulus is carried out to the result that HASH three times is calculated, obtains numerical ciphers respectively;
    S3.4. three groups of numerical ciphers S3.3 obtained are compared with the password that cell phone application calculates, if there is one group can correspond to On, then it is proved to be successful.
  4. 4. a kind of method of car networking embedded system car telephone control cryptographic check according to Claims 2 or 3, its It is characterised by, time stamp T is the UTC time of ARM mainboards;Time interval STEP is preset between cell phone application and ARM mainboards Good time interval.
  5. 5. a kind of method of car networking embedded system car telephone control cryptographic check according to Claims 2 or 3, its It is characterised by, low byte interception removing step is:
    Carry out hexadecimal conversion to each character of the character strings of HASH result of calculations, and it is suitable according to from right to left Sequence, the character of low byte is taken to the hexadecimal number of each character, if the character obtained is the word in the range of 0 to 9 A preservation as password is accorded with, if the character obtained is abandoned not in the range of 0 to 9, character late is carried out low Byte interception modulus processing, until obtaining the numerical ciphers of enough digits.
CN201610723855.6A 2016-08-25 2016-08-25 A kind of method of car networking embedded system car telephone control cryptographic check Pending CN107784712A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610723855.6A CN107784712A (en) 2016-08-25 2016-08-25 A kind of method of car networking embedded system car telephone control cryptographic check

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610723855.6A CN107784712A (en) 2016-08-25 2016-08-25 A kind of method of car networking embedded system car telephone control cryptographic check

Publications (1)

Publication Number Publication Date
CN107784712A true CN107784712A (en) 2018-03-09

Family

ID=61439732

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610723855.6A Pending CN107784712A (en) 2016-08-25 2016-08-25 A kind of method of car networking embedded system car telephone control cryptographic check

Country Status (1)

Country Link
CN (1) CN107784712A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109859362A (en) * 2019-03-13 2019-06-07 江苏金致新能源车业有限公司 A kind of electric motor intelligent key controller method
CN111586637A (en) * 2020-04-21 2020-08-25 汉腾汽车有限公司 Automobile and mobile phone network connection method based on dynamic password
CN111612945A (en) * 2020-05-06 2020-09-01 浙江中邦数码科技有限公司 Method for generating dynamic password by intelligent lock and intelligent lock system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103874061A (en) * 2012-12-14 2014-06-18 通用汽车环球科技运作有限责任公司 Method and system for secure and authorized communication between a vehicle and wireless communication devices or key fobs
CN104717230A (en) * 2015-04-09 2015-06-17 赵姗姗 Composite dynamic password authentication method and authentication system applicable to plug-and-play terminal
CN105678191A (en) * 2016-03-02 2016-06-15 上海瓶钵信息科技有限公司 Method for improving system safety by utilizing SoC Internal memory, terminal and system
CN105827656A (en) * 2016-05-30 2016-08-03 宇龙计算机通信科技(深圳)有限公司 Identity authentication method based on NFC payment and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103874061A (en) * 2012-12-14 2014-06-18 通用汽车环球科技运作有限责任公司 Method and system for secure and authorized communication between a vehicle and wireless communication devices or key fobs
CN104717230A (en) * 2015-04-09 2015-06-17 赵姗姗 Composite dynamic password authentication method and authentication system applicable to plug-and-play terminal
CN105678191A (en) * 2016-03-02 2016-06-15 上海瓶钵信息科技有限公司 Method for improving system safety by utilizing SoC Internal memory, terminal and system
CN105827656A (en) * 2016-05-30 2016-08-03 宇龙计算机通信科技(深圳)有限公司 Identity authentication method based on NFC payment and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109859362A (en) * 2019-03-13 2019-06-07 江苏金致新能源车业有限公司 A kind of electric motor intelligent key controller method
CN109859362B (en) * 2019-03-13 2021-04-27 江苏金致新能源车业有限公司 Intelligent key control method for electric vehicle
CN111586637A (en) * 2020-04-21 2020-08-25 汉腾汽车有限公司 Automobile and mobile phone network connection method based on dynamic password
CN111612945A (en) * 2020-05-06 2020-09-01 浙江中邦数码科技有限公司 Method for generating dynamic password by intelligent lock and intelligent lock system

Similar Documents

Publication Publication Date Title
Xie et al. Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model
CN108418691A (en) Dynamic network identity identifying method based on SGX
CN110401615B (en) Identity authentication method, device, equipment, system and readable storage medium
Uymatiao et al. Time-based OTP authentication via secure tunnel (TOAST): A mobile TOTP scheme using TLS seed exchange and encrypted offline keystore
Liu et al. A physically secure, lightweight three-factor and anonymous user authentication protocol for IoT
CN114157451B (en) Internet of things equipment identity authentication method, device and system and storage medium
CN106612180A (en) Method and device for realizing session identifier synchronization
US10069822B2 (en) Authenticated network time for mobile device smart cards
Wang et al. A Robust IoT‐Based Three‐Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure
CN110659467A (en) Remote user identity authentication method, device, system, terminal and server
CN110149209A (en) Internet of things equipment and its method and apparatus of improve data transfer safety
CN104125064B (en) A kind of dynamic cipher authentication method, client and Verification System
CN106576237A (en) Mobility management entity, home server, terminal, and identity authentication system and method
CN105187382A (en) Multi-factor identity authentication method for preventing library collision attacks
CN105281902A (en) Web system safety login method based on mobile terminal
CN111464287A (en) Method and device for generating secret key
Ahmed et al. Dynamic reciprocal authentication protocol for mobile cloud computing
CN107784712A (en) A kind of method of car networking embedded system car telephone control cryptographic check
KR101358375B1 (en) Prevention security system and method for smishing
Khan et al. Offline OTP based solution for secure internet banking access
Zhang et al. Security vulnerabilities of an remote password authentication scheme with smart card
Mehraj et al. Contemplation of effective security measures in access management from adoptability perspective
Dharminder et al. Construction of lightweight authentication scheme for network applicants using smart cards
Yoon et al. Cryptanalysis of robust mutual authentication protocol for wireless sensor networks
CN101547091A (en) Method and device for transmitting information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180309

RJ01 Rejection of invention patent application after publication