CN109067548B - Virtual key sharing system and method - Google Patents
Virtual key sharing system and method Download PDFInfo
- Publication number
- CN109067548B CN109067548B CN201811105961.3A CN201811105961A CN109067548B CN 109067548 B CN109067548 B CN 109067548B CN 201811105961 A CN201811105961 A CN 201811105961A CN 109067548 B CN109067548 B CN 109067548B
- Authority
- CN
- China
- Prior art keywords
- target terminal
- terminal
- locked
- key
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000012795 verification Methods 0.000 claims abstract description 297
- 238000004891 communication Methods 0.000 claims abstract description 25
- 230000003993 interaction Effects 0.000 claims description 44
- 238000013329 compounding Methods 0.000 claims description 15
- 239000011159 matrix material Substances 0.000 claims description 12
- 230000008901 benefit Effects 0.000 abstract description 11
- 230000002452 interceptive effect Effects 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 description 9
- 238000007726 management method Methods 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 8
- 238000011161 development Methods 0.000 description 4
- 230000006855 networking Effects 0.000 description 4
- 230000035945 sensitivity Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
- G07C2009/00412—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention relates to the technical field of communication, in particular to a virtual key sharing system and a virtual key sharing method. The system comprises: the user terminal is used for interacting the public key with the target terminal and generating target terminal identity verification information and user terminal identity verification information; the target terminal is used for verifying the received user terminal identity verification information, generating a target terminal session key, and editing an unlocking instruction by using the session key to send the unlocking instruction to the locked end; the locked end is used for verifying the received target terminal identity verification information with the user terminal private key, generating a session key of the locked end and unlocking according to an unlocking instruction sent by the target terminal; and the offline communication module is used for transmitting information between the terminal and the locked end. The user terminal and the target terminal of the invention carry out the authentication of the identity information through the interactive public key, and the target terminal can unlock the locked end by utilizing the identity information of the user terminal only if the authentication is successful, thereby having the advantages of simple structure and method and safe and convenient use.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a virtual key sharing system and a virtual key sharing method.
Background
The internet of things is regarded as a third revolution of development of information technology industry after computers and the internet, and the ubiquitous network characteristic of the internet of things enables the internet of everything. Behind all smart homes, car networking and artificial intelligence, the internet of things is falling to the ground and matured rapidly, and the arrival of the internet of things era is undoubted. The foundation and the core of the internet of things are still the internet, which is an extension and expansion on the basis of the internet, and cloud computing, mobile internet, intelligent terminals and the like are increasingly rich and full in system architecture for helping the internet of things. The Internet of things becomes one of strategic high points of new economic and technological development in the world at present, and the development of the Internet of things has important practical significance for promoting economic development and social progress. However, due to the natural inheritance of the internet of things to the internet, various malicious attacks launched on the internet begin to spread to the field of internet of things.
Taking the internet of vehicles as an example, the internet of vehicles is the core application of the internet of things in the field of intelligent transportation, and the internet of vehicles project is an important component of an intelligent transportation system. The car networking is realized by means of sensing equipment, vehicle-mounted equipment and a communication module which are arranged on a car, and by utilizing a mobile communication technology, a car navigation system, intelligent terminal equipment, an information network platform and the like, the comprehensive network connection of the car and the road, the car and the car, the car and the person and the car and an application platform are realized, and information is analyzed, processed and mined through a service platform, so that richer, more comfortable, safer and more efficient car operation and comprehensive information service are realized.
With the accelerated popularization of mobile internet and car networking technologies, bluetooth is a short-distance and low-power-consumption offline communication technology, has the characteristics of low cost, easy realization and convenient popularization, and the combination of the bluetooth technology and the car technology brings greater convenience to the production, use and service of cars, and the bluetooth technology has great progress in the fields of communication efficiency, low power consumption and safety.
Bluetooth key, one of the virtual keys, will become the standard configuration for the next generation of automobiles. The virtual key can also be called a digital key, and mainly utilizes a near field communication technology, so that a user can unlock, lock and the like a vehicle door, a room door and the like through a smart phone or wearable smart equipment. In addition to greater convenience for users, the digital key itself has a digital nature, so that the digital key becomes an infrastructure of many new car networking applications and services, such as car sharing, time sharing leasing, car renting business, express delivery to a trunk, and the like. Many car manufacturers do not currently take into account when building digital key solutions, and bluetooth keys are indeed a very important service. How to ensure the security of the service requires that the automobile manufacturer analyze specific security requirements through different use cases under the structural business scene in the initial design stage, so as to select proper technology and standard to construct a secure digital key system. It is also important that the life cycle of the bluetooth key service is long (5-10 years), and whether the bluetooth key service has complete updating capability will also determine the security of the bluetooth key service in the whole life cycle.
The current technical scheme for researching virtual keys is mainly based on the design of a Public Key Infrastructure (PKI) technical system, and the design requires that a mobile terminal acquires a digital certificate of a locked terminal such as an automobile and the automobile acquires the digital certificate of the mobile terminal under an online condition, so that mutual authentication between the mobile terminal and the automobile is realized, and then session Key agreement and interaction of a service system are performed. The virtual key in the prior art has the following disadvantages: the certificate exchange is required to be carried out online, and the sensitivity to the network is high; the requirement on a CA system (certificate center) server is high; man-in-the-middle attacks can occur to hijack the certificate; with the increase of the number of users, the construction and operation costs are high, and the system is complex. In addition, the sharing system based on the virtual key is also not safe.
Therefore, a system and a method for sharing a virtual key with high security are urgently needed.
Disclosure of Invention
The invention provides a virtual key sharing system and a virtual key sharing method, which aim to solve the problem that in the prior art, the security of a virtual key is low during sharing.
In one aspect of the present invention, a virtual key sharing system is provided, including:
the user terminal is used for interacting the public key with the target terminal, generating target terminal identity verification information and user terminal identity verification information by using the target terminal public key and the user terminal private key and sending the target terminal identity verification information and the user terminal identity verification information to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, if the verification is passed, a target terminal session key is generated and sent to the locked end for verification, and if the verification is passed, an unlocking instruction is edited by using the session key and sent to the locked end;
the locked terminal is used for verifying the received target terminal identity verification information with the user terminal private key, if the verification is passed, the target terminal public key and the locked terminal private key are used for generating the locked terminal identity verification information and sending the locked terminal identity verification information to the target terminal for verification, if the verification is passed, a locked terminal session key is generated and sent to the target terminal for verification, and if the verification is passed, the unlocked terminal is unlocked according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked end.
The system further comprises a key management device, which is used for generating a user terminal identification key pair according to the user terminal ID and sending the user terminal identification key pair to the user terminal; the system also generates a locked end identification key pair according to the ID of the locked end and sends the locked end identification key pair to the locked end; the system also comprises a target terminal ID generation module, a target terminal identification key pair and a target terminal, wherein the target terminal ID generation module is used for generating a target terminal identification key pair according to the target terminal ID and sending the target terminal identification key pair to the target terminal;
the user terminal is also used for compounding the received user terminal identification key pair with a key pair generated by the user terminal identification key pair to obtain a user terminal key pair;
the locked end is also used for compounding the received locked end identification key pair with a key pair generated by the locked end to obtain a locked end key pair;
and the target terminal is also used for compounding the received target terminal identification key pair with the key pair generated by the target terminal identification key pair to obtain the target terminal key pair.
Further, the key management apparatus substitutes the ID into the preset matrix, and generates a key pair using the CPK encryption algorithm.
Further, the off-line communication module is a bluetooth module.
Further, the user terminal comprises a user terminal public key interaction unit and an identity verification information generation unit, the target terminal comprises a target terminal public key interaction unit, a target terminal verification unit, a target terminal session key generation unit and an instruction editing unit, the locked end comprises a locked end identity verification request information editing unit, a locked end verification unit, a locked end session key generation unit and an unlocking unit, wherein,
the user terminal public key interaction unit is used for interacting a public key with the target terminal public key interaction unit and sending the obtained target terminal public key to the identity verification information generation unit;
the target terminal public key interaction unit is used for interacting a public key with the user terminal public key interaction unit and sending the obtained user terminal public key to the target terminal identity verification request information editing unit;
the identity authentication information generating unit is used for generating target terminal identity authentication information and user terminal identity authentication information by using a target terminal public key and a user terminal private key and sending the target terminal identity authentication information and the user terminal identity authentication information to the target terminal authentication unit;
the target terminal verification unit is used for verifying the received user terminal identity verification information, and if the verification is passed, the received target terminal identity verification information is sent to the locked terminal verification unit; the target terminal session key generation unit is used for receiving the identity verification request information of the locked terminal, verifying whether the received identity verification request information of the locked terminal contains a preset locked terminal ID and whether the signature of the locked terminal is correct, and if the identity verification request information of the locked terminal contains the preset locked terminal ID and the signature of the locked terminal is correct, sending a verification result passing the verification to the target terminal session key generation unit; the system is also used for verifying whether the received locked session key contains a preset locked end ID and whether the locked end signature is correct, and if the received locked session key contains the preset locked end ID and the locked end signature is correct, the system sends a verification result passing the verification to the instruction editing unit;
the locked terminal verification unit is used for verifying whether a user terminal private key in the received target terminal identity verification information is the same as a preset user terminal private key or not, and if so, the information passing the verification is sent to the locked terminal identity verification request information editing unit; the device is also used for verifying whether the received target terminal session key contains a preset target terminal ID and whether the target terminal signature is correct, and if the received target terminal session key contains the preset target terminal ID and the target terminal signature is correct, the device sends the verified information to the locked terminal session key generation unit;
the locked terminal identity verification request information editing unit is used for generating locked terminal identity verification request information according to the target terminal public key and the locked terminal private key and sending the locked terminal identity verification request information to the target terminal verification unit;
the target terminal session key generation unit is used for generating a random number, generating a target terminal session key according to the random number and sending the target terminal session key to the locked terminal verification unit;
the locked terminal session key generation unit is used for generating a random number, generating a locked terminal session key according to the random number and sending the locked terminal session key to the target terminal verification unit;
the instruction editing unit is used for editing an unlocking instruction according to the target terminal session key and sending the unlocking instruction to the unlocking unit;
and the unlocking unit is used for unlocking according to the received unlocking instruction.
In a second aspect of the present invention, a virtual key sharing method implemented based on the virtual key sharing system described above is provided, including the following steps:
the method comprises the steps that a public key is interacted between a user terminal and a target terminal, target terminal identity verification information and user terminal identity verification information are generated by the aid of the public key of the target terminal and a private key of the user terminal, and the target terminal identity verification information and the user terminal identity verification information are sent to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, if the verification is passed, a target terminal session key is generated and sent to the locked end for verification, and if the verification is passed, an unlocking instruction is edited and sent to the locked end by using the session key;
verifying received target terminal identity verification information with a user terminal private key by using a locked terminal, if the verification is passed, generating locked terminal identity verification information by using a target terminal public key and a locked terminal private key, and sending the locked terminal identity verification information to the target terminal for verification, if the verification is passed, generating a locked terminal session key, sending the locked terminal session key to the target terminal for verification, and if the verification is passed, unlocking according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked terminal.
Further, the method also comprises the following steps:
generating a user terminal identification key pair according to the user terminal ID by using a key management device, and sending the user terminal identification key pair to the user terminal; generating a locked end identification key pair according to the ID of the locked end, and sending the locked end identification key pair to the locked end; generating a target terminal identification key pair according to the target terminal ID, and sending the target terminal identification key pair to the target terminal;
compounding the received user terminal identification key pair with a key pair generated by the user terminal by using the user terminal to obtain a user terminal key pair;
the received locked end identification key pair and the key pair generated by the locked end are compounded by the locked end to obtain a locked end key pair;
and compounding the received target terminal identification key pair with a key pair generated by the target terminal by using the target terminal to obtain the target terminal key pair.
Further, the key management apparatus substitutes the ID into the preset matrix, and generates a key pair using the CPK encryption algorithm.
Further, the off-line communication module is a bluetooth module.
Further, the user terminal comprises a user terminal public key interaction unit and an identity verification information generation unit, the target terminal comprises a target terminal public key interaction unit, a target terminal verification unit, a target terminal session key generation unit and an instruction editing unit, the locked end comprises a locked end identity verification request information editing unit, a locked end verification unit, a locked end session key generation unit and an unlocking unit, wherein,
the public key is interacted between the user terminal public key interaction unit and the target terminal public key interaction unit, and the obtained target terminal public key is sent to the identity verification information generation unit;
the public key is interacted between the target terminal public key interaction unit and the user terminal public key interaction unit, and the obtained user terminal public key is sent to the target terminal identity verification request information editing unit;
generating target terminal authentication information and user terminal authentication information by using a target terminal public key and a user terminal private key by using an authentication information generating unit, and sending the target terminal authentication information and the user terminal authentication information to a target terminal authentication unit;
the target terminal verification unit is used for verifying the received user terminal identity verification information, and if the verification is passed, the received target terminal identity verification information is sent to the locked terminal verification unit; verifying whether the received identity verification request information of the locked end contains a preset locked end ID and whether the signature of the locked end is correct, and if the identity verification request information of the locked end contains the preset locked end ID and the signature of the locked end is correct, sending a verification result passing the verification to a target terminal session key generation unit; verifying whether the received locked session key contains a preset locked ID and whether the locked signature is correct, and if the received locked session key contains the preset locked ID and the locked signature is correct, sending a verification result passing the verification to an instruction editing unit;
verifying whether a user terminal private key in the received target terminal identity verification information is the same as a preset user terminal private key or not by using a locked terminal verification unit, and if so, sending the verified information to a locked terminal identity verification request information editing unit; verifying whether the received target terminal session key contains a preset target terminal ID and whether the target terminal signature is correct, and if the received target terminal session key contains the preset target terminal ID and the target terminal signature is correct, sending the verified information to a locked terminal session key generation unit;
generating identity verification request information of the locked end according to the target terminal public key and the private key of the locked end by using the identity verification request information editing unit of the locked end, and sending the identity verification request information of the locked end to the target terminal verification unit;
generating a random number by using a target terminal session key generation unit, generating a target terminal session key according to the random number, and sending the target terminal session key to a locked terminal verification unit;
generating a random number by using a locked terminal session key generation unit, generating a locked terminal session key according to the random number and sending the locked terminal session key to a target terminal verification unit;
editing an unlocking instruction by using an instruction editing unit according to the target terminal session key and sending the unlocking instruction to an unlocking unit;
and unlocking by using the unlocking unit according to the received unlocking instruction.
Compared with the prior art, the virtual key sharing system and the virtual key sharing method provided by the invention have the following advantages that:
(1) the user terminal and the target terminal verify the identity information through the interactive public key, and the target terminal can unlock the locked end by using the identity information of the user terminal only if the verification is successful, so that the method has the advantages of simple structure and method, and safety and convenience in use.
(2) When the target terminal and the locked end carry out information transmission, the target terminal and the locked end directly carry out information transmission without the online authentication of a third party, so that the interaction steps, the interaction data amount and the operation amount are reduced, and the unlocking safety is ensured through double verification; meanwhile, the offline communication module is used for transmitting information between the target terminal and the locked terminal, so that the sensitivity of the whole system and method to the network is reduced, and the safety and reliability in the using process are improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a device connection block diagram of a virtual key sharing system according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a virtual key sharing method according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The embodiment provides a virtual key sharing system and a virtual key sharing method.
As shown in fig. 1, the virtual key sharing system of the present embodiment includes:
the user terminal is used for interacting the public key with the target terminal, generating target terminal identity verification information and user terminal identity verification information by using the target terminal public key and the user terminal private key and sending the target terminal identity verification information and the user terminal identity verification information to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, if the verification is passed, a target terminal session key is generated and sent to the locked end for verification, and if the verification is passed, an unlocking instruction is edited by using the session key and sent to the locked end;
the locked terminal is used for verifying the received target terminal identity verification information with the user terminal private key, if the verification is passed, the target terminal public key and the locked terminal private key are used for generating the locked terminal identity verification information and sending the locked terminal identity verification information to the target terminal for verification, if the verification is passed, a locked terminal session key is generated and sent to the target terminal for verification, and if the verification is passed, the unlocked terminal is unlocked according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked end.
In the virtual key sharing system of the embodiment, the user terminal and the target terminal verify the identity information through the interactive public key, and the target terminal can unlock the locked end by using the identity information of the user terminal only if the verification is successful, so that the virtual key sharing system has the advantages of simple structure and method, and safety and convenience in use.
As shown in fig. 1, in a specific implementation, the virtual key sharing system of this embodiment further includes a key management device, configured to generate a user terminal identification key pair according to a user terminal ID, and send the user terminal identification key pair to the user terminal; the system also generates a locked end identification key pair according to the ID of the locked end and sends the locked end identification key pair to the locked end; the system also comprises a target terminal ID generation module, a target terminal identification key pair and a target terminal, wherein the target terminal ID generation module is used for generating a target terminal identification key pair according to the target terminal ID and sending the target terminal identification key pair to the target terminal;
the user terminal is also used for compounding the received user terminal identification key pair with a key pair generated by the user terminal identification key pair to obtain a user terminal key pair;
the locked end is also used for compounding the received locked end identification key pair with a key pair generated by the locked end to obtain a locked end key pair;
and the target terminal is also used for compounding the received target terminal identification key pair with the key pair generated by the target terminal identification key pair to obtain the target terminal key pair.
The key pair is compounded by adding the public key point and the private key modulo.
In the virtual key sharing system of the embodiment, when the target terminal and the locked end perform information transmission, the target terminal and the locked end directly perform information transmission without online authentication of a third party, so that the interaction steps, the interaction data volume and the operation volume are reduced, and the unlocking safety is ensured through double verification of the identity and the session key; meanwhile, the offline communication module is used for transmitting information between the target terminal and the locked terminal, so that the sensitivity of the whole system to a network is reduced, and the safety and the reliability in the using process are improved.
In specific implementation, the key management device substitutes any one of the user terminal ID, the target terminal ID or the locked terminal ID into a preset matrix, wherein the preset matrix comprises a matrix public key and a matrix private key which are respectively used for generating a public key and a private key to form a key pair; and generating any one of a user terminal Key pair, a target terminal identification Key pair or a locked end identification Key pair by using a CPK (Combined Public Key) encryption algorithm. The CPK encryption algorithm may be specifically any one or more of the national secret SM2/SM3/SM4 and AES/DES/ECC/SHA1/SHA256, and is selected as required. The algorithm can realize the production and distribution of the super-large scale identification key, and can meet the requirements of more users by using very small resources; and the method also has the advantages of less storage space requirement, high operation efficiency, large processing energy and the like.
In specific implementation, the offline communication module is a bluetooth module. The Bluetooth module can realize short-distance and low-power-consumption off-line communication and has the advantages of low cost, easy realization and convenient popularization.
As shown in fig. 1, in a specific implementation of the virtual key sharing system of this embodiment, a user terminal includes a user terminal public key interaction unit and an authentication information generation unit, a target terminal includes a target terminal public key interaction unit, a target terminal authentication unit, a target terminal session key generation unit and an instruction editing unit, a locked end includes a locked end authentication request information editing unit, a locked end authentication unit, a locked end session key generation unit and an unlocking unit, wherein,
the user terminal public key interaction unit is used for interacting a public key with the target terminal public key interaction unit and sending the obtained target terminal public key to the identity verification information generation unit;
the target terminal public key interaction unit is used for interacting a public key with the user terminal public key interaction unit and sending the obtained user terminal public key to the target terminal identity verification request information editing unit;
the identity authentication information generating unit is used for generating target terminal identity authentication information and user terminal identity authentication information by using a target terminal public key and a user terminal private key and sending the target terminal identity authentication information and the user terminal identity authentication information to the target terminal authentication unit;
the target terminal verification unit is used for verifying the received user terminal identity verification information, and if the verification is passed, the received target terminal identity verification information is sent to the locked terminal verification unit; the target terminal session key generation unit is used for receiving the identity verification request information of the locked terminal, verifying whether the received identity verification request information of the locked terminal contains a preset locked terminal ID and whether the signature of the locked terminal is correct, and if the identity verification request information of the locked terminal contains the preset locked terminal ID and the signature of the locked terminal is correct, sending a verification result passing the verification to the target terminal session key generation unit; the system is also used for verifying whether the received locked session key contains a preset locked end ID and whether the locked end signature is correct, and if the received locked session key contains the preset locked end ID and the locked end signature is correct, the system sends a verification result passing the verification to the instruction editing unit;
the locked terminal verification unit is used for verifying whether a user terminal private key in the received target terminal identity verification information is the same as a preset user terminal private key or not, and if so, the information passing the verification is sent to the locked terminal identity verification request information editing unit; the device is also used for verifying whether the received target terminal session key contains a preset target terminal ID and whether the target terminal signature is correct, and if the received target terminal session key contains the preset target terminal ID and the target terminal signature is correct, the device sends the verified information to the locked terminal session key generation unit;
the locked terminal identity verification request information editing unit is used for generating locked terminal identity verification request information according to the target terminal public key and the locked terminal private key and sending the locked terminal identity verification request information to the target terminal verification unit;
the target terminal session key generation unit is used for generating a random number, generating a target terminal session key according to the random number and sending the target terminal session key to the locked terminal verification unit;
the locked terminal session key generation unit is used for generating a random number, generating a locked terminal session key according to the random number and sending the locked terminal session key to the target terminal verification unit;
the instruction editing unit is used for editing an unlocking instruction according to the target terminal session key and sending the unlocking instruction to the unlocking unit;
and the unlocking unit is used for unlocking according to the received unlocking instruction.
The system comprises a target terminal public key interaction unit, a target terminal verification unit, a target terminal session key generation unit, an instruction editing unit, a locked end identity verification request information editing unit, a locked end verification unit, a locked end session key generation unit and an unlocked unit which are all electrically connected with an offline communication module, a key management device is respectively and electrically connected with a user terminal public key interaction unit, a target terminal public key interaction unit and a locked end identity verification request information editing unit, and an identity verification information generation unit is respectively and electrically connected with the user terminal public key interaction unit and the target terminal verification unit. The target terminal and the user terminal can be connected by using a cable or a radio connection, and the radio connection can be in a Bluetooth mode, a wifi mode, an nfc mode, a 3G mode, a 4G mode and the like. The specific connection mode can be selected according to requirements.
As shown in fig. 2, this embodiment further provides a virtual key sharing method implemented by the virtual key sharing system according to the foregoing embodiment, including the following steps:
the method comprises the steps that a public key is interacted between a user terminal and a target terminal, target terminal identity verification information and user terminal identity verification information are generated by the aid of the public key of the target terminal and a private key of the user terminal, and the target terminal identity verification information and the user terminal identity verification information are sent to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, if the verification is passed, a target terminal session key is generated and sent to the locked end for verification, and if the verification is passed, an unlocking instruction is edited and sent to the locked end by using the session key;
verifying received target terminal identity verification information with a user terminal private key by using a locked terminal, if the verification is passed, generating locked terminal identity verification information by using a target terminal public key and a locked terminal private key, and sending the locked terminal identity verification information to the target terminal for verification, if the verification is passed, generating a locked terminal session key, sending the locked terminal session key to the target terminal for verification, and if the verification is passed, unlocking according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked terminal.
According to the virtual key sharing method, the user terminal and the target terminal verify the identity information through the interactive public key, and only after the verification is successful, the target terminal can unlock the locked end by using the identity information of the user terminal.
The virtual key sharing method of the embodiment further includes the following steps:
generating a user terminal identification key pair according to the user terminal ID by using a key management device, and sending the user terminal identification key pair to the user terminal; generating a locked end identification key pair according to the ID of the locked end, and sending the locked end identification key pair to the locked end; generating a target terminal identification key pair according to the target terminal ID, and sending the target terminal identification key pair to the target terminal;
compounding the received user terminal identification key pair with a key pair generated by the user terminal by using the user terminal to obtain a user terminal key pair;
the received locked end identification key pair and the key pair generated by the locked end are compounded by the locked end to obtain a locked end key pair;
and compounding the received target terminal identification key pair with a key pair generated by the target terminal by using the target terminal to obtain the target terminal key pair.
The key pair is compounded by adding the public key point and the private key modulo.
In the virtual key sharing method of the embodiment, when the target terminal and the locked end transmit information, the target terminal and the locked end directly transmit information without online authentication of a third party, so that the interaction steps, the interaction data amount and the operation amount are reduced, and the unlocking safety is ensured through double verification of the identity and the session key; meanwhile, the offline communication module is used for transmitting information between the target terminal and the locked terminal, so that the sensitivity of the whole method to a network is reduced, and the safety and the reliability in the using process are improved.
In specific implementation, the key management device substitutes any one of the user terminal ID, the target terminal ID or the locked terminal ID into a preset matrix, wherein the preset matrix comprises a matrix public key and a matrix private key which are respectively used for generating a public key and a private key to form a key pair; and generating any one of a user terminal Key pair, a target terminal identification Key pair or a locked end identification Key pair by using a CPK (Combined Public Key) encryption algorithm. The CPK encryption algorithm may be specifically any one or more of the national secret SM2/SM3/SM4 and AES/DES/ECC/SHA1/SHA256, and is selected as required. The algorithm can realize the production and distribution of the super-large scale identification key, and can meet the requirements of more users by using very small resources; and the method also has the advantages of less storage space requirement, high operation efficiency, large processing energy and the like.
In specific implementation, the offline communication module is a bluetooth module. The Bluetooth module can realize short-distance and low-power-consumption off-line communication and has the advantages of low cost, easy realization and convenient popularization.
In the specific implementation of the virtual key sharing system of this embodiment, the user terminal includes a user terminal public key interaction unit and an authentication information generation unit, the target terminal includes a target terminal public key interaction unit, a target terminal authentication unit, a target terminal session key generation unit and an instruction editing unit, the locked end includes a locked end authentication request information editing unit, a locked end authentication unit, a locked end session key generation unit and an unlocking unit, wherein,
200, generating target terminal identity verification information and user terminal identity verification information by using a target terminal public key and a user terminal private key by using an identity verification information generating unit, and sending the target terminal identity verification information and the user terminal identity verification information to a target terminal verifying unit;
500, generating locked end identity verification request information according to a target terminal public key and a locked end private key by using a locked end identity verification request information editing unit, and sending the locked end identity verification request information to a target terminal verification unit;
The virtual key sharing system and the virtual key sharing method of the embodiment bind the user terminal and the locked end before use, and the user terminal and the target terminal perform public key interaction firstly, so that the user terminal obtains the public keys of the locked end and the target terminal, the locked end obtains the public key of the terminal, and the target terminal obtains the public key of the user terminal, so that the subsequent encryption and verification by using the secret key can be conveniently performed. When the system is used specifically, the user terminal and the target terminal can be mobile terminals held by a user, the locked terminal can be an automobile, the user terminal firstly encrypts own identity verification information by using a target terminal public key, the identity verification information is sent to the target terminal in a private key signature mode, the target terminal verifies by using the public key of the user terminal, the identity information and the user terminal identity are sent to the locked terminal for verification after verification is successful, and the identity information can be verified with the target terminal only when the identity of the user terminal is verified by the locked terminal to be the same as a preset user terminal ID. And offline information transmission is performed between the mobile terminal and the automobile through Bluetooth, such as transmission of authentication information and an unlocking instruction after encryption by using a session key. The terminal can be a computer, a mobile phone and the like, and the locked end can also be a door lock and the like capable of utilizing Bluetooth to perform offline information transmission. The terminal ID may be any one of a mobile phone Number or a mobile phone factory code, and the locked terminal ID may be a Vehicle Identification Number (VIN) of an automobile. The ID may also be other numbers that may be used to identify the terminal and the locked end. The bluetooth module may be provided with a counter for counting when the target terminal and the locked terminal perform offline data transmission, and when a certain number of times, such as 65535, is reached, the authentication and negotiation of the session key is restarted, thereby improving the security and reliability of the system and method.
For simplicity of explanation, the method embodiments are described as a series of acts or combinations, but those skilled in the art will appreciate that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the embodiments of the invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A virtual key sharing system, comprising:
the user terminal is used for interacting the public key with the target terminal, generating target terminal identity verification information and user terminal identity verification information by using the target terminal public key and the user terminal private key and sending the target terminal identity verification information and the user terminal identity verification information to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, and if the locked end passes the verification of the target terminal identity verification information with the user terminal private key, the locked end identity verification request information generated by the locked end by using the target terminal public key and the locked end private key is received; verifying the identity verification request information of the locked end, if the verification is passed, generating a target terminal session key, sending the target terminal session key to the locked end for verification, and if the verification of the target terminal session key is passed, editing an unlocking instruction by using the session key and sending the unlocking instruction to the locked end;
the locked terminal is used for verifying the received target terminal identity verification information with the user terminal private key, if the verification is passed, generating locked terminal identity verification request information by using the target terminal public key and the locked terminal private key, and sending the locked terminal identity verification request information to the target terminal for verification, and if the verification of the locked terminal identity verification request information by the target terminal is passed, receiving a target terminal session key generated by the target terminal; verifying the session key of the target terminal, if the verification is passed, generating a locked session key, sending the locked session key to the target terminal for verification, and if the verification of the locked session key by the target terminal is passed, unlocking according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked end.
2. The virtual key sharing system according to claim 1, further comprising a key management device configured to generate a user terminal identification key pair according to a user terminal ID, and send the user terminal identification key pair to the user terminal; the system also generates a locked end identification key pair according to the ID of the locked end and sends the locked end identification key pair to the locked end; the system also comprises a target terminal ID generation module, a target terminal identification key pair and a target terminal, wherein the target terminal ID generation module is used for generating a target terminal identification key pair according to the target terminal ID and sending the target terminal identification key pair to the target terminal;
the user terminal is also used for compounding the received user terminal identification key pair with a key pair generated by the user terminal identification key pair to obtain a user terminal key pair;
the locked end is also used for compounding the received locked end identification key pair with a key pair generated by the locked end to obtain a locked end key pair;
and the target terminal is also used for compounding the received target terminal identification key pair with the key pair generated by the target terminal identification key pair to obtain the target terminal key pair.
3. The virtual key sharing system of claim 2, wherein the key management device substitutes the ID into the predetermined matrix and generates the identification key pair using a CPK encryption algorithm.
4. The virtual key sharing system of claim 3, wherein the offline communication module is a Bluetooth module.
5. The virtual key sharing system according to claim 4, wherein the user terminal includes a user terminal public key interacting unit and an authentication information generating unit, the target terminal includes a target terminal public key interacting unit, a target terminal authenticating unit, a target terminal session key generating unit, an instruction editing unit and a target terminal authentication request information editing unit, the locked end includes a locked end authentication request information editing unit, a locked end authenticating unit, a locked end session key generating unit and an unlocking unit, wherein,
the user terminal public key interaction unit is used for interacting a public key with the target terminal public key interaction unit and sending the obtained target terminal public key to the identity verification information generation unit;
the target terminal public key interaction unit is used for interacting a public key with the user terminal public key interaction unit and sending the obtained user terminal public key to the target terminal identity verification request information editing unit;
the identity authentication information generating unit is used for generating target terminal identity authentication information and user terminal identity authentication information by using a target terminal public key and a user terminal private key and sending the target terminal identity authentication information and the user terminal identity authentication information to the target terminal authentication unit;
the target terminal verification unit is used for verifying the received user terminal identity verification information, and if the verification is passed, the received target terminal identity verification information is sent to the locked terminal verification unit; the target terminal session key generation unit is used for receiving the identity verification request information of the locked terminal, verifying whether the received identity verification request information of the locked terminal contains a preset locked terminal ID and whether the signature of the locked terminal is correct, and if the identity verification request information of the locked terminal contains the preset locked terminal ID and the signature of the locked terminal is correct, sending a verification result passing the verification to the target terminal session key generation unit; the system is also used for verifying whether the received locked session key contains a preset locked end ID and whether the locked end signature is correct, and if the received locked session key contains the preset locked end ID and the locked end signature is correct, the system sends a verification result passing the verification to the instruction editing unit;
the locked terminal verification unit is used for verifying whether a user terminal private key in the received target terminal identity verification information is the same as a preset user terminal private key or not, and if so, the information passing the verification is sent to the locked terminal identity verification request information editing unit; the device is also used for verifying whether the received target terminal session key contains a preset target terminal ID and whether the target terminal signature is correct, and if the received target terminal session key contains the preset target terminal I D and the target terminal signature is correct, the device sends the verified information to the locked terminal session key generation unit;
the locked terminal identity verification request information editing unit is used for generating locked terminal identity verification request information according to the target terminal public key and the locked terminal private key and sending the locked terminal identity verification request information to the target terminal verification unit;
the target terminal session key generation unit is used for generating a random number, generating a target terminal session key according to the random number and sending the target terminal session key to the locked terminal verification unit;
the locked terminal session key generation unit is used for generating a random number, generating a locked terminal session key according to the random number and sending the locked terminal session key to the target terminal verification unit;
the instruction editing unit is used for editing an unlocking instruction according to the target terminal session key and sending the unlocking instruction to the unlocking unit;
and the unlocking unit is used for unlocking according to the received unlocking instruction.
6. A virtual key sharing method is characterized by comprising the following steps:
the method comprises the steps that a public key is interacted between a user terminal and a target terminal, target terminal identity verification information and user terminal identity verification information are generated by the aid of the public key of the target terminal and a private key of the user terminal, and the target terminal identity verification information and the user terminal identity verification information are sent to the target terminal;
the target terminal is used for verifying the received user terminal identity verification information, if the verification is passed, the target terminal identity verification information with the user terminal private key is sent to the locked end for verification, and if the locked end passes the verification of the target terminal identity verification information with the user terminal private key, the locked end generates locked end identity verification request information by using the target terminal public key and the locked end private key; the target terminal verifies the identity verification request information of the locked end, if the verification is passed, a target terminal session key is generated and sent to the locked end for verification, and if the verification of the target terminal session key is passed, an unlocking instruction is edited and sent to the locked end by using the session key;
the method comprises the steps that a locked end is used for verifying received target terminal identity verification information with a user terminal private key, if the verification is passed, a locked end identity verification request message is generated by using a target terminal public key and a locked end private key and is sent to a target terminal for verification, and if the target terminal passes the verification of the locked end identity verification request message, the locked end receives a target terminal session key generated by the target terminal; the target terminal session key is verified by the locked terminal, if the verification is passed, the locked terminal session key is generated and sent to the target terminal for verification, and if the verification of the locked terminal session key by the target terminal is passed, the target terminal unlocks according to an unlocking instruction sent by the target terminal;
and the offline communication module is used for transmitting information between the terminal and the locked terminal.
7. The virtual key sharing method according to claim 6, further comprising the steps of:
generating a user terminal identification key pair according to the user terminal ID by using a key management device, and sending the user terminal identification key pair to the user terminal; generating a locked end identification key pair according to the ID of the locked end, and sending the locked end identification key pair to the locked end; generating a target terminal identification key pair according to the target terminal ID, and sending the target terminal identification key pair to the target terminal;
compounding the received user terminal identification key pair with a key pair generated by the user terminal by using the user terminal to obtain a user terminal key pair;
the received locked end identification key pair and the key pair generated by the locked end are compounded by the locked end to obtain a locked end key pair;
and compounding the received target terminal identification key pair with a key pair generated by the target terminal by using the target terminal to obtain the target terminal key pair.
8. The virtual key sharing method of claim 7, wherein the key management device substitutes the ID into the predetermined matrix and generates the identification key pair using a CPK encryption algorithm.
9. The virtual key sharing method of claim 8, wherein the offline communication module is a bluetooth module.
10. The virtual key sharing method according to claim 9, wherein the user terminal includes a user terminal public key interacting unit and an authentication information generating unit, the target terminal includes a target terminal public key interacting unit, a target terminal authenticating unit, a target terminal session key generating unit, an instruction editing unit, and a target terminal authentication request information editing unit, the locked end includes a locked end authentication request information editing unit, a locked end authenticating unit, a locked end session key generating unit, and an unlocked unit,
the public key is interacted between the user terminal public key interaction unit and the target terminal public key interaction unit, and the obtained target terminal public key is sent to the identity verification information generation unit;
the public key is interacted between the target terminal public key interaction unit and the user terminal public key interaction unit, and the obtained user terminal public key is sent to the target terminal identity verification request information editing unit;
generating target terminal authentication information and user terminal authentication information by using a target terminal public key and a user terminal private key by using an authentication information generating unit, and sending the target terminal authentication information and the user terminal authentication information to a target terminal authentication unit;
the target terminal verification unit is used for verifying the received user terminal identity verification information, and if the verification is passed, the received target terminal identity verification information is sent to the locked terminal verification unit; verifying whether the received identity verification request information of the locked end contains a preset locked end ID and whether the signature of the locked end is correct, and if the identity verification request information of the locked end contains the preset locked end ID and the signature of the locked end is correct, sending a verification result passing the verification to a target terminal session key generation unit; verifying whether the received locked session key contains a preset locked ID and whether the locked signature is correct, and if the received locked session key contains the preset locked ID and the locked signature is correct, sending a verification result passing the verification to an instruction editing unit;
verifying whether a user terminal private key in the received target terminal identity verification information is the same as a preset user terminal private key or not by using a locked terminal verification unit, and if so, sending the verified information to a locked terminal identity verification request information editing unit; verifying whether the received target terminal session key contains a preset target terminal ID and whether the target terminal signature is correct, and if the received target terminal session key contains the preset target terminal ID and the target terminal signature is correct, sending the verified information to a locked terminal session key generation unit;
generating identity verification request information of the locked end according to the target terminal public key and the private key of the locked end by using the identity verification request information editing unit of the locked end, and sending the identity verification request information of the locked end to the target terminal verification unit;
generating a random number by using a target terminal session key generation unit, generating a target terminal session key according to the random number, and sending the target terminal session key to a locked terminal verification unit;
generating a random number by using a locked terminal session key generation unit, generating a locked terminal session key according to the random number and sending the locked terminal session key to a target terminal verification unit;
editing an unlocking instruction by using an instruction editing unit according to the target terminal session key and sending the unlocking instruction to an unlocking unit;
and unlocking by using the unlocking unit according to the received unlocking instruction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811105961.3A CN109067548B (en) | 2018-09-21 | 2018-09-21 | Virtual key sharing system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811105961.3A CN109067548B (en) | 2018-09-21 | 2018-09-21 | Virtual key sharing system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109067548A CN109067548A (en) | 2018-12-21 |
| CN109067548B true CN109067548B (en) | 2021-10-22 |
Family
ID=64763350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811105961.3A Active CN109067548B (en) | 2018-09-21 | 2018-09-21 | Virtual key sharing system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109067548B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109895734B (en) * | 2019-01-29 | 2021-11-02 | 上海博泰悦臻网络技术服务有限公司 | Authorized Bluetooth key activation method and system, storage medium and T-BOX |
| CN110167021B (en) * | 2019-04-29 | 2023-03-21 | 江苏大学 | Vehicle-mounted virtual key implementation and communication method |
| CN110766834B (en) * | 2019-10-31 | 2023-09-26 | 上海博泰悦臻网络技术服务有限公司 | Vehicle-mounted intelligent computing device and vehicle Bluetooth key management and maintenance method |
| CN111065081A (en) * | 2019-12-30 | 2020-04-24 | 上海博泰悦臻网络技术服务有限公司 | Bluetooth-based information interaction method and device |
| CN111200807B (en) * | 2019-12-30 | 2024-03-29 | 上海博泰悦臻网络技术服务有限公司 | Bluetooth-based information interaction method and device |
| CN114120498B (en) * | 2022-01-27 | 2022-05-10 | 云丁网络技术(北京)有限公司 | Method and related device for migrating data |
| CN114401515B (en) * | 2022-03-25 | 2022-08-12 | 斯润天朗(北京)科技有限公司 | Method for controlling vehicle based on digital key |
| CN115675361A (en) * | 2022-11-30 | 2023-02-03 | 成都赛力斯科技有限公司 | Cabin state adjusting method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105788037A (en) * | 2014-12-26 | 2016-07-20 | 比亚迪股份有限公司 | Vehicle intelligent key authorization system and method |
| CN108248548A (en) * | 2018-01-08 | 2018-07-06 | 东南(福建)汽车工业有限公司 | A kind of long-range method and device for sharing automobile key |
| CN108573550A (en) * | 2017-03-09 | 2018-09-25 | 丰田自动车株式会社 | It locks and system for unlocking and key unit |
-
2018
- 2018-09-21 CN CN201811105961.3A patent/CN109067548B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105788037A (en) * | 2014-12-26 | 2016-07-20 | 比亚迪股份有限公司 | Vehicle intelligent key authorization system and method |
| CN108573550A (en) * | 2017-03-09 | 2018-09-25 | 丰田自动车株式会社 | It locks and system for unlocking and key unit |
| CN108248548A (en) * | 2018-01-08 | 2018-07-06 | 东南(福建)汽车工业有限公司 | A kind of long-range method and device for sharing automobile key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109067548A (en) | 2018-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067549B (en) | Virtual key bidirectional authentication system and method | |
| CN109067548B (en) | Virtual key sharing system and method | |
| CN110177354B (en) | Wireless control method and system for vehicle | |
| CN110290525A (en) | A kind of sharing method and system, mobile terminal of vehicle number key | |
| CN111049660B (en) | Certificate distribution method, system, device and equipment, and storage medium | |
| CN102546155B (en) | On-demand safe key generates method and system | |
| CN104618116B (en) | A kind of cooperative digital signature system and its method | |
| US9756036B2 (en) | Mechanisms for certificate revocation status verification on constrained devices | |
| EP3926500A1 (en) | Device upgrade method and related device | |
| CN109617675B (en) | Method and system for authenticating identifiers of both sides between charge and discharge facility and user terminal | |
| JP2012530311A5 (en) | ||
| CN104158819A (en) | Safety authentication method of vehicle-mounted information entertainment terminal | |
| CN103688563A (en) | Performing a group authentication and key agreement procedure | |
| CN104145465A (en) | Group based bootstrapping in machine type communication | |
| CN110545252B (en) | Authentication and information protection method, terminal, control function entity and application server | |
| CN112396735B (en) | Internet automobile digital key safety authentication method and device | |
| CN105450623B (en) | A kind of access authentication method of electric car | |
| CN113965328B (en) | Authority transfer method and system for digital key offline condition of trusted execution environment | |
| CN107612949B (en) | Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint | |
| CN101964805B (en) | Method, equipment and system for safely sending and receiving data | |
| CN111554008A (en) | Digital key binding method, digital key verification method, mobile electronic equipment and near field communication device | |
| CN111541716A (en) | Data transmission method and related device | |
| CN115396121A (en) | Security authentication method for security chip OTA data packet and security chip device | |
| CN113452517A (en) | Key updating method, device, system, storage medium and terminal | |
| WO2023279283A1 (en) | Method for establishing secure vehicle communication, and vehicle, terminal and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Luo Yanjing Inventor after: Liu Peng Inventor before: Luo Yanjing |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: A1501, 15 / F, No. 22, Zhongguancun Street, Haidian District, Beijing 100089 Patentee after: Beijing xinchangcheng Technology Development Co.,Ltd. Address before: 100080 room 1505, 15 / F, block B, 3 Haidian Street, Haidian District, Beijing Patentee before: BEIJING RENXINZHENG TECHNOLOGY CO.,LTD. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231101 Address after: A1501, 15 / F, No. 22, Zhongguancun Street, Haidian District, Beijing 100089 Patentee after: Beijing xinchangcheng Technology Development Co.,Ltd. Patentee after: Xinchangcheng (Shanghai) Technology Co.,Ltd. Address before: A1501, 15 / F, No. 22, Zhongguancun Street, Haidian District, Beijing 100089 Patentee before: Beijing xinchangcheng Technology Development Co.,Ltd. |