CN108494725B - Encrypted communication method for vehicle-mounted CAN bus message - Google Patents

Encrypted communication method for vehicle-mounted CAN bus message Download PDF

Info

Publication number
CN108494725B
CN108494725B CN201810089531.0A CN201810089531A CN108494725B CN 108494725 B CN108494725 B CN 108494725B CN 201810089531 A CN201810089531 A CN 201810089531A CN 108494725 B CN108494725 B CN 108494725B
Authority
CN
China
Prior art keywords
message
replay attack
secret key
check value
vehicle
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810089531.0A
Other languages
Chinese (zh)
Other versions
CN108494725A (en
Inventor
陈秀景
席利君
黎伟如
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou Desay SV Automotive Co Ltd
Original Assignee
Huizhou Desay SV Automotive Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou Desay SV Automotive Co Ltd filed Critical Huizhou Desay SV Automotive Co Ltd
Priority to CN201810089531.0A priority Critical patent/CN108494725B/en
Publication of CN108494725A publication Critical patent/CN108494725A/en
Application granted granted Critical
Publication of CN108494725B publication Critical patent/CN108494725B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)

Abstract

The invention relates to an encrypted communication method of vehicle-mounted CAN bus messages, which specifically comprises the following steps: s11, introducing a dynamic secret key into the sending node, presetting a secret key storage slot and a CAN message ID corresponding table in an internal secure memory of the ECU, and presetting the secret key in the secret key storage slot in the MCU secure hardware module; s12, introducing an anti-replay attack mechanism into the sending node, and setting the first byte of the CAN message as an anti-replay attack check value; and S13, the transmitting node integrates the CAN message with the anti-replay attack check value calculated in the step S2 to form a CAN message plaintext, the buffer register transmits the CAN message plaintext and a secret key corresponding to the CAN message ID to the MCU security hardware module for encryption, and the encrypted message formed after the encryption is transmitted to the receiving node through the CAN transmission system. The safety and reliability of the CAN transmission system are ensured, and illegal attack and invasion are avoided.

Description

Encrypted communication method for vehicle-mounted CAN bus message
Technical Field
The invention relates to the field of vehicle-mounted network encryption, in particular to an encryption communication method for vehicle-mounted CAN bus messages.
Background
The existing automobile model is fused with various information technologies, and more intelligent application components are applied to automobiles. Among these components, an Electronic Control Unit (ECU) is an important component for controlling a vehicle electronic system, one vehicle electronic system is generally composed of tens of ECUs, each ECU realizes a communication session through a Controller Area Network (CAN), and the vehicle internet and an automatic driving technology have been rapidly developed by the introduction of the CAN in the field of automobiles, and the network security of automobiles is also more and more emphasized. Each vehicle-mounted ECU must be absolutely safe and reliable, so that the CAN bus message encryption method becomes a guarantee. At present, message data of a vehicle-mounted CAN bus are generally encrypted in the following two modes, the first mode is to encrypt the message data by using a pure software security module, software algorithm codes used by the encryption method usually occupy larger Read Only Memory (ROM) and Random Access Memory (RAM) resources, the possibility that the software codes are illegally tampered exists, the operation load of a Micro Control Unit (MCU) CAN be increased, the data encryption efficiency is low, and the encryption method is not suitable for a vehicle-mounted CAN bus message encryption scene. The second method is to use the MCU with a hardware security module to encrypt CAN message data, and the hardware security module is used for more encryption selection modes, so that the data encryption efficiency is higher, the security and the reliability are high, and the method gradually becomes the first choice of the message encryption method. Based on the MCU with the hardware security module, a dynamic secret key is further injected into the encryption process, the uniqueness and confidentiality of the secret key are ensured, meanwhile, an anti-replay attack mechanism is introduced, the CAN bus network is prevented from being invaded by illegal attacks to a certain extent, the security and the reliability of CAN bus messages are effectively ensured, and the network security of a vehicle body is favorably ensured.
Disclosure of Invention
In order to solve the technical problem, the invention provides an encryption communication method for vehicle-mounted CAN bus messages.
An encryption communication method of vehicle-mounted CAN bus messages is based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU safety hardware module, and specifically comprises the following steps:
s11, introducing a dynamic secret key into the sending node, presetting a secret key storage slot and a CAN message ID corresponding table in an internal secure memory of the ECU, and presetting the secret key in the secret key storage slot in the MCU secure hardware module;
s12, a transmitting node introduces an anti-replay attack mechanism, and a check code of the count value of the message and the number of bytes corresponding to the effective application data of the CAN message calculates an anti-replay attack check value through a specific algorithm;
and S13, the transmitting node integrates the anti-replay attack check value calculated in the step S12 to the first byte of the CAN message to form a CAN message plaintext, the buffer register transmits the CAN message plaintext and a secret key corresponding to the CAN message ID to the MCU security hardware module for encryption, and the encrypted message formed after the encryption is transmitted to the receiving node through the CAN transmission system.
Further, the method also comprises the following steps:
s14, the sending node judges whether a specific synchronous message is received in real time, if yes, the step S15 is executed;
s15, the sending node initializes the message counter to a specific value and executes the step S12.
An encryption communication method of vehicle-mounted CAN bus messages is based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU safety hardware module, and specifically comprises the following steps:
s21, the receiving node introduces a dynamic secret key, a secret key storage slot and a CAN message ID corresponding table are preset in an internal secure memory of the ECU, and a secret key is preset in the secret key storage slot in the MCU secure hardware module;
s22, the receiving node introduces an anti-replay attack mechanism, the local message count value and the check code of the number of bytes corresponding to the CAN message effective application data calculate the local anti-replay attack check value through a specific algorithm;
s23, after receiving the encrypted message, the receiving node finds out a corresponding secret key through the CAN message ID, inputs the encrypted message and the secret key into the MCU security hardware module together for decryption processing to obtain a CAN message plaintext, and calculates a local anti-replay attack check value according to the method in the step S22;
s24, judging whether the local anti-replay attack check value calculated by the receiving node is consistent with the anti-replay attack check value sent by the sending node or not, if so, taking the CAN message into effect, and if not, discarding the CAN message.
Further, when the local anti-replay attack check value calculated by the receiving node is inconsistent with the anti-replay attack check value sent by the sending node for 5 consecutive times, the receiving node will require the sending node to initialize the message counter to a specific value through a specific synchronous message, so as to realize synchronization between the sending node and the receiving node.
Further, when the local anti-replay attack check value calculated by the receiving node is inconsistent with the anti-replay attack check value sent by the sending node for 20 consecutive times, the receiving node stops message reception and records fault code information.
Further, the receiving node uploads the fault code information to a server of a manufacturer.
Furthermore, a specific algorithm for calculating the anti-replay attack check value is uniformly specified by a manufacturer, the key storage slot, the CAN message ID corresponding table and the key are also provided by the manufacturer, the key storage slot, the CAN message ID corresponding table and the key CAN be modified in a CAN diagnosis calibration mode, and the configuration is uniformly modified by the manufacturer.
Furthermore, the number of the key storage slots is determined by the MCU security hardware module.
Further, the message count value is obtained by counting by a message counter, and the message count value is initialized to 0 when the ECU is powered on and reset.
Further, the key slot and CAN packet ID correspondence table is composed of 4 bytes representing CAN packet IDs and 1 byte representing key slot IDs.
The invention has the following beneficial technical effects:
compared with the prior art, the invention discloses an encryption communication method of vehicle-mounted CAN bus messages, which realizes the introduction of a dynamic secret key by presetting a secret key storage tank and a CAN message ID corresponding table in an internal safety memory of an ECU and presetting the secret key in the secret key storage tank in an MCU safety hardware module, thereby ensuring the uniqueness and confidentiality of the secret key and improving the safety of a CAN transmission system. In addition, the CAN transmission system also introduces an anti-replay attack mechanism, thereby effectively preventing the CAN transmission system from being invaded by illegal attack and better ensuring the network security of the vehicle body.
Drawings
Fig. 1 is a schematic diagram of an encryption communication method of a vehicle-mounted CAN bus message according to the present invention.
Fig. 2 is a schematic diagram of a key storage slot, a CAN message ID mapping table and a key presetting process according to the present invention.
Fig. 3 is a schematic diagram of the key slot and the CAN packet ID mapping table according to the present invention.
Fig. 4 is a comparison diagram before and after the encryption of the CAN message of the present invention.
Fig. 5 is a flow chart of the processing of the transmitting node of the present invention.
FIG. 6 is a flow chart of a process of a receiving node of the present invention.
Detailed Description
The following detailed description of the preferred embodiments of the present invention, taken in conjunction with the accompanying drawings, will make the advantages and features of the invention easier to understand for those skilled in the art and will therefore make the scope of the invention more clearly defined.
Example 1:
the embodiment provides an encrypted communication method of a vehicle-mounted CAN bus message, which is based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU safety hardware module, and specifically comprises the following steps:
s11, a sending node introduces a dynamic secret key, a secret key storage slot and a CAN message ID corresponding table are preset in an internal security memory of the ECU, secret keys are preset in secret key storage slots in the MCU security hardware module, and the same CAN message ID or the same group of CAN messages are encrypted by using the secret keys in the same secret key storage slot;
s12, a transmitting node introduces an anti-replay attack mechanism, and a check code of the count value of the message and the number of bytes corresponding to the effective application data of the CAN message calculates an anti-replay attack check value through a specific algorithm;
and S13, the transmitting node integrates the anti-replay attack check value calculated in the step S12 to the first byte of the CAN message to form a CAN message plaintext, the buffer register transmits the CAN message plaintext and a secret key corresponding to the CAN message ID to the MCU security hardware module for encryption, and the encrypted message formed after the encryption is transmitted to the receiving node through the CAN transmission system.
In addition, the sending node also needs to determine whether the message counter needs to be set correspondingly, and the specific determination process includes the following steps:
s14, the sending node judges whether a specific synchronous message is received in real time, if so, the step S15 is executed, otherwise, the sending node does not need any operation;
s15, the sending node initializes the message counter to a specific value and executes the step S12.
The specific algorithm for calculating the anti-replay attack check value is uniformly specified by manufacturers, all ECU suppliers are uniformly kept secret, a message count value for calculating the anti-replay attack check value is obtained by counting through a message counter, and the message count value is initialized to 0 generally when the ECU is powered on and reset. The key slot and CAN packet ID correspondence table is composed of 4 bytes representing CAN packet IDs and 1 byte representing key slot IDs. The key storage tank, the CAN message ID corresponding table and the key are also provided by a manufacturer, the specific process is that the key storage tank and the CAN message ID corresponding table are downloaded by a server of the manufacturer and then are burnt into a CAN diagnostic tool, the CAN diagnostic tool introduces the key storage tank and the CAN message ID corresponding table into an internal safety memory of an ECU through a CAN diagnostic service command, and the key is introduced into the key storage tank in the MCU safety hardware module. The number of the key storage slots is determined by the MCU security hardware module. And the key storage slot and the CAN message ID corresponding table are introduced into an internal secure memory of the ECU, so that malicious tampering of data CAN be effectively avoided. The key storage tank, the CAN message ID corresponding table and the key CAN be modified in a CAN diagnosis and calibration mode, and related configuration is also modified uniformly by manufacturers.
Example 2
The embodiment is similar to the embodiment, and further, an encryption communication method for a vehicle-mounted CAN bus message is based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU security hardware module, and specifically includes the following steps:
s21, the receiving node introduces a dynamic secret key, a secret key storage slot and a CAN message ID corresponding table are preset in an internal secure memory of the ECU, and a secret key is preset in the secret key storage slot in the MCU secure hardware module;
s22, the receiving node introduces an anti-replay attack mechanism, the local message count value and the check code of the number of bytes corresponding to the CAN message effective application data calculate the local anti-replay attack check value through a specific algorithm;
s23, after receiving the encrypted message, the receiving node finds out a corresponding secret key through the CAN message ID, inputs the encrypted message and the secret key into the MCU security hardware module together for decryption processing to obtain a CAN message plaintext, and calculates a local anti-replay attack check value according to the method in the step S22;
s24, judging whether the local anti-replay attack check value calculated by the receiving node is consistent with the anti-replay attack check value sent by the sending node or not, if so, taking the CAN message into effect, and if not, discarding the CAN message.
When the local anti-replay attack check value calculated by the receiving node is inconsistent with the anti-replay attack check value sent by the sending node for 5 times continuously, the receiving node requires the sending node to initialize a message counter to a specific value through a specific synchronous message, and once the sending node receives the synchronous message, the message counter is initialized to the specific value, so that the synchronization of the sending node and the receiving node is realized.
And when the local anti-replay attack check value calculated by the receiving node is inconsistent with the anti-replay attack check value sent by the sending node for 20 times continuously, stopping message receiving by the receiving node and recording fault code information. And under the condition that the condition allows, the receiving node can upload the fault information code to a server side of a manufacturer, and the manufacturer maintains the fault information code.
The complete transmission process of the CAN message is as follows:
taking a standard CAN message as an example, the sending node and the receiving node encrypt the message data in a symmetric encryption mode, and the secret keys used by the sending node and the receiving node are the same and are provided by manufacturers uniformly. The standard CAN message comprises 8 bytes, wherein the first byte is used as an anti-replay attack check value, the remaining 7 bytes are used as application function data, and the anti-replay attack check value is obtained by a message count value and a CRC-8 check code of the application data of the remaining 7 bytes of the CAN message through a special algorithm. The transmitting node integrates the anti-replay attack check value and the application function data to form a CAN message plaintext, the CAN message plaintext is input to the MCU security hardware module, meanwhile, a corresponding secret key storage slot is mapped in the secret key storage slot and the CAN message ID corresponding table according to the CAN message ID, the secret key stored in the MCU security hardware module is found out according to the secret key storage slot, the secret key and the CAN message plaintext are subjected to an encryption algorithm to form an encrypted message, the encrypted message is uploaded to a CAN transmission bus through the CAN controller and the CAN transceiver, and the encrypted message is transmitted to the receiving node through the CAN transmission bus. The receiving node receives the encrypted message on the CAN transmission bus through the CAN transceiver and the CAN controller, uploading the encrypted message to an MCU security hardware module, mapping a corresponding secret key storage slot in a secret key storage slot and a CAN message ID corresponding table according to the CAN message ID, finding out a corresponding secret key according to the secret key storage slot, performing a decryption algorithm on the secret key and the encrypted message to obtain a CAN message plaintext, calculating a local anti-replay attack check value according to the local message count value of the receiving node and the CRC-8 check code of the application data of the remaining 7 bytes of the CAN message, further judging whether the local anti-replay attack check value calculated by the receiving node is consistent with the anti-replay attack check value sent by the sending node or not, if so, the CAN message takes effect to finish the transmission of the CAN message, and if the CAN message is not consistent, the CAN message is discarded.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (10)

1. An encryption communication method of CAN bus messages is characterized in that based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU safety hardware module, the encryption communication method specifically comprises the following steps:
s11, introducing a dynamic secret key into the sending node, presetting a secret key storage slot and a CAN message ID corresponding table in an internal secure memory of the ECU, and presetting the secret key in the secret key storage slot in the MCU secure hardware module;
s12, a transmitting node introduces an anti-replay attack mechanism, and a check code of the count value of the message and the number of bytes corresponding to the effective application data of the CAN message calculates an anti-replay attack check value through a specific algorithm;
s13, the transmitting node integrates the anti-replay attack check value calculated in the step S12 to the first byte of the CAN message to form a CAN message plaintext, a buffer register transmits the CAN message plaintext and a secret key corresponding to the CAN message ID to an MCU security hardware module for encryption processing, the processed encrypted message is transmitted to a receiving node through a CAN transmission system, the receiving node decrypts the received message, and calculates the local anti-replay attack check value through a specific algorithm according to the local message count value of the receiving node and the check code of the byte number corresponding to the effective application data of the CAN message, if the local anti-replay attack check value is consistent with the anti-replay attack check value sent by the transmitting node, the CAN message is valid, otherwise, the CAN message is regarded as invalid.
2. The method of claim 1 for encrypted communication of CAN bus messages, further comprising the steps of:
s14, the sending node judges whether a specific synchronous message is received in real time, if yes, the step S15 is executed;
s15, the sending node initializes the message counter to a specific value and executes the step S12.
3. An encryption communication method of vehicle-mounted CAN bus messages is characterized by comprising the following steps based on a vehicle-mounted ECU, a CAN transmission system (Controller Area Network) and a vehicle-mounted MCU safety hardware module:
s21, the receiving node introduces a dynamic secret key, a secret key storage slot and a CAN message ID corresponding table are preset in an internal secure memory of the ECU, and a secret key is preset in the secret key storage slot in the MCU secure hardware module;
s22, the receiving node introduces an anti-replay attack mechanism, the local message count value and the check code of the number of bytes corresponding to the CAN message effective application data calculate the local anti-replay attack check value through a specific algorithm;
s23, after receiving the encrypted message, the receiving node finds out a corresponding secret key through the CAN message ID, inputs the encrypted message and the secret key into the MCU security hardware module together for decryption processing to obtain a CAN message plaintext, and calculates a local anti-replay attack check value according to the method in the step S22;
s24, judging whether the local anti-replay attack check value calculated by the receiving node is consistent with the anti-replay attack check value sent by the sending node or not, if so, taking the CAN message into effect, and if not, discarding the CAN message.
4. The encrypted communication method according to claim 3, wherein when the local replay attack check value calculated by the receiving node is inconsistent with the replay attack check value sent by the sending node for 5 consecutive times, the receiving node will require the sending node to initialize the message counter to a specific value through a specific synchronization message, so as to synchronize the sending node with the receiving node.
5. The encrypted communication method for the vehicle-mounted CAN bus message according to claim 3 or 4, wherein when the local replay attack check value calculated by the receiving node is inconsistent with the replay attack check value sent by the sending node for 20 consecutive times, the receiving node stops message reception and records fault code information.
6. The encrypted communication method for the vehicle-mounted CAN bus message according to claim 5, wherein the receiving node uploads the fault code information to a server of a manufacturer.
7. The encryption communication method for the vehicle-mounted CAN bus message according to claim 3, wherein a specific algorithm for calculating the anti-replay attack check value is uniformly specified by a manufacturer, the key storage slot, the CAN message ID correspondence table and the key are also provided by the manufacturer, the key storage slot, the CAN message ID correspondence table and the key CAN be modified in a CAN diagnosis calibration mode, and the configuration is uniformly modified by the manufacturer.
8. The method according to claim 3, wherein the number of key slots is determined by the MCU security hardware module.
9. The method according to claim 3, wherein the message count value is obtained by counting by a message counter, and the message count value is initialized to 0 when the ECU is powered on and reset.
10. The encrypted communication method for the vehicle-mounted CAN bus message according to claim 3, wherein the key slot and CAN message ID correspondence table is composed of 4 bytes representing CAN message ID and 1 byte representing key slot ID.
CN201810089531.0A 2018-01-30 2018-01-30 Encrypted communication method for vehicle-mounted CAN bus message Active CN108494725B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810089531.0A CN108494725B (en) 2018-01-30 2018-01-30 Encrypted communication method for vehicle-mounted CAN bus message

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810089531.0A CN108494725B (en) 2018-01-30 2018-01-30 Encrypted communication method for vehicle-mounted CAN bus message

Publications (2)

Publication Number Publication Date
CN108494725A CN108494725A (en) 2018-09-04
CN108494725B true CN108494725B (en) 2021-03-30

Family

ID=63343919

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810089531.0A Active CN108494725B (en) 2018-01-30 2018-01-30 Encrypted communication method for vehicle-mounted CAN bus message

Country Status (1)

Country Link
CN (1) CN108494725B (en)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109495449A (en) * 2018-10-18 2019-03-19 东南(福建)汽车工业有限公司 A kind of vehicle CAN bus encryption method
CN111447165B (en) * 2018-12-29 2023-10-31 北京奇虎科技有限公司 Vehicle safety protection method and device
US11240006B2 (en) * 2019-03-25 2022-02-01 Micron Technology, Inc. Secure communication for a key exchange
CN110213018B (en) * 2019-05-09 2022-07-15 北京汽车股份有限公司 Data communication method and device of vehicle-mounted bus and vehicle
CN110198314A (en) * 2019-05-28 2019-09-03 中山安信通机器人制造有限公司 Method, computer installation and the computer readable storage medium that the data transmitted in a kind of couple of on-vehicle machines people are encrypted
CN110377002B (en) * 2019-06-06 2021-07-30 西安电子科技大学 Self-adaptive in-vehicle CAN bus safety control method and system
CN110430215B (en) * 2019-08-16 2021-11-09 深圳特蓝图科技有限公司 Robot communication control method
CN111210539B (en) * 2020-01-02 2023-09-19 浙江吉利新能源商用车集团有限公司 Data analysis system for power storage battery
WO2021168859A1 (en) * 2020-02-29 2021-09-02 华为技术有限公司 Secure communication method for controller area network bus, and device
CN111404925B (en) * 2020-03-12 2021-05-11 北京航空航天大学 Vehicle-mounted CAN bus data encryption method based on dynamic digital watermarking
CN112291125B (en) * 2020-10-16 2022-03-15 江苏徐工工程机械研究院有限公司 Multi-node automatic identification method and device for CAN bus
CN115314230A (en) * 2021-05-06 2022-11-08 上汽通用汽车有限公司 Method and system based on CANFD bus protocol
CN113364805B (en) * 2021-06-29 2022-04-05 潍柴动力股份有限公司 CAN message protection method, device, storage medium and equipment
CN114095302A (en) * 2021-11-23 2022-02-25 北京云迹科技有限公司 Encryption system based on CAN bus transmission
CN114301623A (en) * 2021-11-24 2022-04-08 岚图汽车科技有限公司 Message encryption method and related equipment
CN114142998B (en) * 2021-11-26 2024-03-15 北京神经元网络技术有限公司 Data encryption processing method and device, electronic equipment and storage medium
CN114567521B (en) * 2022-02-28 2024-08-06 湖南三一中型起重机械有限公司 CAN bus communication method, transmitting device, receiving device and automobile
CN114760163B (en) * 2022-04-22 2024-01-12 惠州华阳通用电子有限公司 CAN communication method
CN115242530B (en) * 2022-07-27 2023-10-13 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on national cryptographic algorithm and automobile
CN115396190A (en) * 2022-08-24 2022-11-25 北京天融信网络安全技术有限公司 Data encryption method, decryption method and device
CN115242411B (en) * 2022-09-23 2022-12-02 合肥工业大学 Vehicle-interior network secure communication method based on quantum random number generator

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104025506A (en) * 2011-10-31 2014-09-03 丰田自动车株式会社 Message authentication method in communication system and communication system
CN106453326A (en) * 2016-10-19 2017-02-22 中国第汽车股份有限公司 Authentication and access control method for CAN (Controller Area Network) bus
CN106572106A (en) * 2016-11-07 2017-04-19 福建星海通信科技有限公司 Method of transmitting message between TBOX terminal and TSP platform
CN106790053A (en) * 2016-12-20 2017-05-31 江苏大学 A kind of method of ECU secure communications in CAN
CN106899404A (en) * 2017-02-15 2017-06-27 同济大学 Vehicle-mounted CAN FD bus communication systems and method based on wildcard
CN107426187A (en) * 2017-06-27 2017-12-01 江苏大学 A kind of in-vehicle network fine granularity mandate access method based on ECU identity attributes

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20140110639A (en) * 2013-03-08 2014-09-17 삼성전자주식회사 Data security method and electronic device implementing the same

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104025506A (en) * 2011-10-31 2014-09-03 丰田自动车株式会社 Message authentication method in communication system and communication system
CN106453326A (en) * 2016-10-19 2017-02-22 中国第汽车股份有限公司 Authentication and access control method for CAN (Controller Area Network) bus
CN106572106A (en) * 2016-11-07 2017-04-19 福建星海通信科技有限公司 Method of transmitting message between TBOX terminal and TSP platform
CN106790053A (en) * 2016-12-20 2017-05-31 江苏大学 A kind of method of ECU secure communications in CAN
CN106899404A (en) * 2017-02-15 2017-06-27 同济大学 Vehicle-mounted CAN FD bus communication systems and method based on wildcard
CN107426187A (en) * 2017-06-27 2017-12-01 江苏大学 A kind of in-vehicle network fine granularity mandate access method based on ECU identity attributes

Also Published As

Publication number Publication date
CN108494725A (en) 2018-09-04

Similar Documents

Publication Publication Date Title
CN108494725B (en) Encrypted communication method for vehicle-mounted CAN bus message
US11606341B2 (en) Apparatus for use in a can system
US20220191006A1 (en) Selective real-time cryptography in a vehicle communication network
US9252945B2 (en) Method for recognizing a manipulation of a sensor and/or sensor data of the sensor
US9288048B2 (en) Real-time frame authentication using ID anonymization in automotive networks
Radu et al. Leia: Al ightweight auth e nticat i on protocol for can
US8520839B2 (en) Data transmitter with a secure and efficient signature
EP3913880B1 (en) Method of and system for secure data export from an automotive engine control unit
US20100058052A1 (en) Methods, systems and devices for securing supervisory control and data acquisition (scada) communications
CN112487408B (en) Safe access method and system for in-vehicle ECU and storage medium
KR20130083619A (en) Data certification and acquisition method for vehicle
US20220353056A1 (en) Communication method and apparatus
US20230318823A1 (en) Vehicle Diagnostic System, Method, and Apparatus
CN110602055A (en) Long connection authentication method, device, server and storage medium
Zou et al. The study of secure CAN communication for automotive applications
JP2023519059A (en) Methods and systems for exchanging data over networks to enhance network security measures and vehicles including such systems
Carsten et al. A system to recognize intruders in controller area network (can)
Lotto et al. A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols
CN114157489A (en) Communication domain controller safety communication method based on periodic authentication handshake mechanism
CN117714055B (en) In-vehicle network communication method based on identity information
KR20230121137A (en) Data transmission method and device
CN118233164A (en) Security authentication method and device and vehicle
Yoshikawa et al. Secure in-vehicle Systems using Authentication
CN116419211A (en) Diagnostic instrument and vehicle-mounted gateway secure communication method based on white box password
CN117041958A (en) Authentication method for communication content between vehicle-mounted V2X-OBU and intelligent domain controller

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant