CN108123805A - Communication security authentication method between vehicle-mounted ECU - Google Patents
Communication security authentication method between vehicle-mounted ECU Download PDFInfo
- Publication number
- CN108123805A CN108123805A CN201711348822.9A CN201711348822A CN108123805A CN 108123805 A CN108123805 A CN 108123805A CN 201711348822 A CN201711348822 A CN 201711348822A CN 108123805 A CN108123805 A CN 108123805A
- Authority
- CN
- China
- Prior art keywords
- opposite end
- random number
- local terminal
- vehicle
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The present invention relates to safe driving of vehicle field more particularly to a kind of communication security authentication methods.Communication security authentication method between a kind of vehicle-mounted ECU, is included in local terminal and opposite end sets identical Encryption Algorithm;Local terminal sends a random number A to opposite end while sending communication request to opposite end;Opposite end generates a random number B after receiving random number A, is sent to local terminal together;Local terminal is calculated local terminal double secret key using Encryption Algorithm with random number A and random number B respectively and issues opposite end;Opposite end is calculated after the double secret key of opposite end using Encryption Algorithm with random number A and random number B verification is compared with local terminal double secret key respectively.The double secret key generated the present invention is based on same algorithm by random number carries out safety certification, so as to resist the attack means of the personation identity such as Brute Force, Replay Attack, key conjecture, operand is small, the confidential information such as key will not be revealed, it can be applied to the secure communication between vehicle-mounted ECU, Replay Attack is can effectively prevent, enhances security.
Description
Technical field
The present invention relates to safe driving of vehicle field more particularly to a kind of communication security authentication methods.
Background technology
With the offer of living standards of the people, the car ownership of the people improves year by year, and automobile is also towards motorized, intelligence
Change, net connectionization development.Intelligent and net connectionization ecology potential must bring the demand for the control that Local or Remote is carried out to vehicle,
For example automatically control throttle size, self-actuating brake, automatic start engine, remote switch car door, remote switch air-conditioning etc..Consider
To vehicle and the safety of driver and passenger, it is necessary to the identity of ECU for sending vehicle control request is verified, trust
The request that ECU is sent can be just performed.The existing identification authentication mode using extensive verification username and password easily by
To Replay Attack, security is not high.
The content of the invention
The technical problems to be solved by the invention are to provide communication security authentication method between a kind of vehicle-mounted ECU, the authenticating party
Method carries out safety certification based on the double secret key that same algorithm is generated by random number, so as to resist Brute Force, reset
The attack means of the personation identity such as attack, key conjecture, operand is small, will not reveal the confidential information such as key, can be applied to
Secure communication between vehicle-mounted ECU, can effectively prevent Replay Attack, enhance security.
What the present invention was realized in:Communication security authentication method, comprises the following steps between a kind of vehicle-mounted ECU:
S1. identical Encryption Algorithm is set in local terminal and opposite end;
S2. a random number A is sent to opposite end while local terminal sends communication request to opposite end;
S3. opposite end generates a random number B after receiving random number A, and random number A and random number B are sent to local terminal together;
S4. local terminal is calculated local terminal double secret key using Encryption Algorithm with random number A and random number B respectively and issues opposite end;
S5. opposite end is calculated dual with local terminal after the double secret key of opposite end with random number A and random number B using Encryption Algorithm respectively
Verification is compared in key, if unanimously, opposite end receives the communication request of local terminal, if inconsistent, represents that authentication is lost
It loses.
The step of further including verification number limitation, sets frequency threshold value, in the step S2, opposite end receives random number A's
The identity code of local terminal is recorded simultaneously, when the local terminal authentication frequency of failure of same identity code is more than frequency threshold value
When, opposite end is refused and this end communication.
Step S6 is further included after the step S5, after Inspection is consistent, opposite end sends comparative result to local terminal, carries
Show that local terminal sends communication data.
ECU, local terminal are vehicle-mounted computer or remotely controlling computer to the local terminal in order to control.
The opposite end is performs ECU, and the request that opposite end performs includes opening the door, close the door, brake, accelerate etc..
Between vehicle-mounted ECU of the present invention communication security authentication method based on same algorithm by the double secret key that random number generates into
Row safety certification, so as to resist the attack means of the personation identity such as Brute Force, Replay Attack, key conjecture, operand
It is small, the confidential information such as key will not be revealed, can be applied to the secure communication between vehicle-mounted ECU, can effectively prevent Replay Attack, are increased
Strong security.
Description of the drawings
The communication logic block diagram of Fig. 1 communication security authentication methods between vehicle-mounted ECU of the present invention.
Specific embodiment
With reference to specific embodiment, the present invention is further explained.It is to be understood that these embodiments are merely to illustrate the present invention
Rather than it limits the scope of the invention.In addition, it should also be understood that, after the content of the invention stated has been read, people in the art
Member can make various changes or modifications the present invention, and such equivalent forms equally fall within the application the appended claims and limited
Scope.
Embodiment 1
Such as Fig. 1, communication security authentication method between a kind of vehicle-mounted ECU, ECU, local terminal are vehicle-mounted computer or remote to the local terminal in order to control
Process control computer etc. sends the equipment of control instruction, program, and to perform ECU, the request that opposite end performs includes opening the door for the opposite end,
It closes the door, brakes, acceleration etc. changes the actuating mechanism of vehicle-state, comprises the following steps:
S1. identical Encryption Algorithm is set in local terminal and opposite end;
S2. a random number A is sent to opposite end while local terminal sends communication request to opposite end;
S3. opposite end generates a random number B after receiving random number A, and random number A and random number B are sent to local terminal together;
S4. local terminal is calculated local terminal double secret key using Encryption Algorithm with random number A and random number B respectively and issues opposite end;
S5. opposite end is calculated dual with local terminal after the double secret key of opposite end with random number A and random number B using Encryption Algorithm respectively
Verification is compared in key, if unanimously, opposite end receives the communication request of local terminal, if inconsistent, represents that authentication is lost
It loses;
S6. after Inspection is consistent, opposite end sends comparative result to local terminal, and local terminal is prompted to send communication data.
In the present invention, in order to avoid Brute Force, the step of verification number limits is further included, sets frequency threshold value, institute
It states in step S2, the identity code of local terminal is recorded in opposite end while receiving random number A, when the local terminal of same identity code
When the authentication frequency of failure is more than frequency threshold value, opposite end refusal and this end communication.
Claims (5)
1. communication security authentication method between a kind of vehicle-mounted ECU, it is characterized in that, comprise the following steps:
S1. identical Encryption Algorithm is set in local terminal and opposite end;
S2. a random number A is sent to opposite end while local terminal sends communication request to opposite end;
S3. opposite end generates a random number B after receiving random number A, and random number A and random number B are sent to local terminal together;
S4. local terminal is calculated local terminal double secret key using Encryption Algorithm with random number A and random number B respectively and issues opposite end;
S5. opposite end is calculated dual with local terminal after the double secret key of opposite end with random number A and random number B using Encryption Algorithm respectively
Verification is compared in key, if unanimously, opposite end receives the communication request of local terminal, if inconsistent, represents that authentication is lost
It loses.
2. communication security authentication method between vehicle-mounted ECU as described in claim 1, it is characterized in that:Further include verification number limitation
The step of, frequency threshold value is set, in the step S2, the identity code of local terminal is recorded in opposite end while receiving random number A,
When the local terminal authentication frequency of failure of same identity code is more than frequency threshold value, opposite end refusal and this end communication.
3. communication security authentication method between vehicle-mounted ECU as claimed in claim 1 or 2, it is characterized in that:After the step S5 also
Including step S6, after Inspection is consistent, opposite end sends comparative result to local terminal, and local terminal is prompted to send communication data.
4. communication security authentication method between vehicle-mounted ECU as claimed in claim 3, it is characterized in that:Local terminal ECU in order to control,
Local terminal is vehicle-mounted computer or remotely controlling computer.
5. communication security authentication method between vehicle-mounted ECU as claimed in claim 3, it is characterized in that:The opposite end is execution ECU,
The request that opposite end performs includes opening the door, and closes the door, and brakes, and accelerates.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711348822.9A CN108123805A (en) | 2017-12-15 | 2017-12-15 | Communication security authentication method between vehicle-mounted ECU |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711348822.9A CN108123805A (en) | 2017-12-15 | 2017-12-15 | Communication security authentication method between vehicle-mounted ECU |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108123805A true CN108123805A (en) | 2018-06-05 |
Family
ID=62229499
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711348822.9A Pending CN108123805A (en) | 2017-12-15 | 2017-12-15 | Communication security authentication method between vehicle-mounted ECU |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108123805A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109286500A (en) * | 2018-09-30 | 2019-01-29 | 百度在线网络技术(北京)有限公司 | Vehicle Electronic Control Unit ECU authentication method, device and equipment |
| CN110189434A (en) * | 2019-05-29 | 2019-08-30 | 深圳市元征科技股份有限公司 | A kind of method and its relevant device of vehicle safety verification |
| WO2021036212A1 (en) * | 2019-08-31 | 2021-03-04 | 华为技术有限公司 | Identity verification method and device |
| CN112637161A (en) * | 2018-09-12 | 2021-04-09 | 宁德时代新能源科技股份有限公司 | Data transmission method and storage medium |
| CN113132092A (en) * | 2019-12-31 | 2021-07-16 | 华为技术有限公司 | Communication method and electronic device |
| CN115361230A (en) * | 2022-10-18 | 2022-11-18 | 江苏智能无人装备产业创新中心有限公司 | In-vehicle safety information communication method, system and medium of vehicle-mounted Ethernet |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101631017A (en) * | 2008-07-14 | 2010-01-20 | 索尼株式会社 | Information processing device, computer program, and information processing system |
| CN102255901A (en) * | 2011-07-06 | 2011-11-23 | 广州汽车集团股份有限公司 | On-vehicle diagnosis security verification method |
| CN104424779A (en) * | 2013-08-30 | 2015-03-18 | 比亚迪股份有限公司 | System and method for controlling vehicle by virtue of mobile terminal |
| CN106027260A (en) * | 2016-05-12 | 2016-10-12 | 成都信息工程大学 | Key pre-distribution based automobile ECU integrity authentication and encrypted communication method |
| US20170026373A1 (en) * | 2015-07-24 | 2017-01-26 | Fujitsu Limited | Communication relay device, communication network, and communication relay method |
| CN106603483A (en) * | 2015-10-19 | 2017-04-26 | 丰田自动车株式会社 | Vehicle system and authentication method |
| CN106792440A (en) * | 2016-11-29 | 2017-05-31 | 宇龙计算机通信科技(深圳)有限公司 | A kind of method of opening car door, mobile terminal, car-mounted terminal and system |
-
2017
- 2017-12-15 CN CN201711348822.9A patent/CN108123805A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101631017A (en) * | 2008-07-14 | 2010-01-20 | 索尼株式会社 | Information processing device, computer program, and information processing system |
| CN102255901A (en) * | 2011-07-06 | 2011-11-23 | 广州汽车集团股份有限公司 | On-vehicle diagnosis security verification method |
| CN104424779A (en) * | 2013-08-30 | 2015-03-18 | 比亚迪股份有限公司 | System and method for controlling vehicle by virtue of mobile terminal |
| US20170026373A1 (en) * | 2015-07-24 | 2017-01-26 | Fujitsu Limited | Communication relay device, communication network, and communication relay method |
| CN106603483A (en) * | 2015-10-19 | 2017-04-26 | 丰田自动车株式会社 | Vehicle system and authentication method |
| CN106027260A (en) * | 2016-05-12 | 2016-10-12 | 成都信息工程大学 | Key pre-distribution based automobile ECU integrity authentication and encrypted communication method |
| CN106792440A (en) * | 2016-11-29 | 2017-05-31 | 宇龙计算机通信科技(深圳)有限公司 | A kind of method of opening car door, mobile terminal, car-mounted terminal and system |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112637161A (en) * | 2018-09-12 | 2021-04-09 | 宁德时代新能源科技股份有限公司 | Data transmission method and storage medium |
| CN112637161B (en) * | 2018-09-12 | 2022-07-08 | 宁德时代新能源科技股份有限公司 | Data transmission method and storage medium |
| CN109286500A (en) * | 2018-09-30 | 2019-01-29 | 百度在线网络技术(北京)有限公司 | Vehicle Electronic Control Unit ECU authentication method, device and equipment |
| CN110189434A (en) * | 2019-05-29 | 2019-08-30 | 深圳市元征科技股份有限公司 | A kind of method and its relevant device of vehicle safety verification |
| WO2021036212A1 (en) * | 2019-08-31 | 2021-03-04 | 华为技术有限公司 | Identity verification method and device |
| CN113132092A (en) * | 2019-12-31 | 2021-07-16 | 华为技术有限公司 | Communication method and electronic device |
| CN113132092B (en) * | 2019-12-31 | 2022-04-22 | 华为技术有限公司 | Communication method and electronic device |
| CN115361230A (en) * | 2022-10-18 | 2022-11-18 | 江苏智能无人装备产业创新中心有限公司 | In-vehicle safety information communication method, system and medium of vehicle-mounted Ethernet |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108123805A (en) | Communication security authentication method between vehicle-mounted ECU | |
| US9870665B2 (en) | Apparatus, system and method for vehicle access and function control utilizing a portable device | |
| CN104363266B (en) | Method, TSP background systems and the car-mounted terminal of remote control vehicle | |
| US9767627B2 (en) | Method and apparatus for providing vehicle security | |
| WO2019128354A1 (en) | Safety authentication apparatus and method for vehicle anti-theft, device and computer program | |
| CN106101111B (en) | Vehicle electronics safe communication system and communication means | |
| CN108122311B (en) | Vehicle virtual key implementation method and system | |
| CN106257861B (en) | By control equipment come the authentication method and its system with auto communication | |
| CN107650863A (en) | Vehicle sharing method and system | |
| CN106027260A (en) | Key pre-distribution based automobile ECU integrity authentication and encrypted communication method | |
| CN104724057B (en) | A kind of hybrid vehicle electronic locking theft preventing method of high security | |
| WO2019004097A1 (en) | Maintenance system and maintenance method | |
| CN106537463B (en) | Method and device for improving vehicle safety | |
| WO2009156108A2 (en) | Releasing a service on an electronic appliance | |
| DE102018101479A1 (en) | CONTROL INTERFACE FOR AN AUTONOMOUS VEHICLE | |
| CN107294912A (en) | Vehicle safety communications method, device, vehicle multimedia system and vehicle | |
| CN110371081A (en) | Vehicle tamper resistant method, device and vehicle | |
| CN105261089A (en) | Intelligent antitheft method, apparatus and system | |
| CN111508110A (en) | Method and device for realizing remote locking of vehicle | |
| CN106627484A (en) | Method, device and system forcontrolling vehicle operation safely | |
| CN111083696A (en) | Communication verification method and system, mobile terminal and vehicle terminal | |
| CN107640124B (en) | Onboard safety systems | |
| CN109547561A (en) | A kind of implementation method of long-range starting encrypted authentication system | |
| CN109147097A (en) | Automobile no-key Verification System | |
| Markham et al. | A balanced approach for securing the OBD-II port |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180605 |