CN109150840B - Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles - Google Patents

Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles Download PDF

Info

Publication number
CN109150840B
CN109150840B CN201810823929.2A CN201810823929A CN109150840B CN 109150840 B CN109150840 B CN 109150840B CN 201810823929 A CN201810823929 A CN 201810823929A CN 109150840 B CN109150840 B CN 109150840B
Authority
CN
China
Prior art keywords
tag
update package
information
vehicle
integrity measurement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810823929.2A
Other languages
Chinese (zh)
Other versions
CN109150840A (en
Inventor
常光辉
罗杰
刘宴兵
徐光侠
朱俊烨
邓泽宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201810823929.2A priority Critical patent/CN109150840B/en
Publication of CN109150840A publication Critical patent/CN109150840A/en
Application granted granted Critical
Publication of CN109150840B publication Critical patent/CN109150840B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Power Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明提出一种车联网中更新包自适应防篡改的数据结构及方法,属于车联网安全领域。包括如下步骤:S1、服务器端选择需要传输的更新包,给ID赋值,并获取当前的时间给Ts赋值;S2、获取当前更新包属性,根据标记位的要求,服务器端分别给标记位TAG2,...,TAGn赋值;S3、获取当前更新包信息,生成信息摘要给MD赋值;S4、车载终端获取更新包,判断车辆当前行驶速度状态,给TAG1字段赋值;S5、根据n个标记位的组合值所反应情形赋予安全等级,并根据安全等级选择合适的完整性度量方案。本发明提出了一种更新包的数据结构,这种新的结构形式新增了ID字段、Ts字段、TAG1,...,TAGn标记位字段和MD字段,其中标记位字段使得在车联网系统中可以更加灵活的选择与当前环境最适合的完整性度量方案。

Figure 201810823929

The invention provides an adaptive and tamper-proof data structure and method for an update package in the Internet of Vehicles, and belongs to the security field of the Internet of Vehicles. It includes the following steps: S1, the server selects the update package to be transmitted, assigns a value to the ID, and obtains the current time to assign a value to Ts; S2, obtains the current update package attribute, and according to the requirements of the tag bit, the server side assigns the tag bit TAG 2 ,..., TAG n assignment; S3, obtain the current update package information, generate an information summary to assign value to the MD; S4, the vehicle terminal obtains the update package, judges the current speed state of the vehicle, and assigns a value to the TAG 1 field; S5, according to n The situation reflected by the combined value of the flag bits is assigned a security level, and an appropriate integrity measurement scheme is selected according to the security level. The present invention proposes a data structure of an update package. This new structure adds an ID field, a Ts field, a TAG 1 , . . . , TAG n tag bit field and an MD field, wherein the tag bit field makes In the networked system, the most suitable integrity measurement scheme for the current environment can be selected more flexibly.

Figure 201810823929

Description

Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles
Technical Field
The invention belongs to the field of Internet of vehicles safety, and particularly relates to a self-adaptive tamper-proof data structure and a self-adaptive tamper-proof data method for an update packet in an Internet of vehicles.
Background
Since the birth of the concept of internet of vehicles, the endless imagination generated by the scientific and technological world and the internet world has been brought forward, and the eyes of people are continuously bombed in the years. With the further maturity of related technologies such as sensors, wireless communication, intelligent chips, various car networking application products in the market emerge endlessly, and the car networking industry is at the forefront of rapid development. However, attack events aiming at the internet of vehicles frequently occurring in recent years show that the current vehicle-mounted system is not safe, the information security guarantee system is fragile, and the protection capability is deficient. Many automobile companies such as bmw, galloping and the like have been subjected to APP security threats, and hackers CAN tamper application data in the vehicle-mounted system through the CAN bus, so that the vehicle terminal is easily controlled illegally after being installed.
The current vehicle-mounted system service provider does not make a more perfect anti-tampering scheme aiming at the update package, although the vehicle company makes efforts, the problem is not effectively solved, and the data transmitted in the vehicle-mounted system still cannot be subjected to anti-tampering detection with a high safety index. In the current vehicle-mounted system, only one scheme is used for the tamper-proof detection of the upgrade package, but in the actual situation, the requirement for the security system is inconsistent, and the defect can occur by using only one solution: when the scheme is simple, the method is obviously not sufficient under the condition of higher requirement on the safety system; on the other hand, when the scheme is complex, the scheme is too redundant under the condition of low requirement on safety factor. Therefore, the existing tamper-resistant system cannot meet the security requirements under multiple scenes, and the existing scheme is too monotonous when the actual situation with more scenes is met.
Disclosure of Invention
In view of the above, aiming at the defects of the existing tamper-resistant technology, the invention mainly solves the problem that different tamper-resistant methods can be intelligently selected according to different scenes in the uploading or downloading process of an update package in a vehicle-mounted system, and provides a self-adaptive tamper-resistant data structure and a self-adaptive tamper-resistant method for the update package in an internet of vehicles.
The technical scheme of the invention is as follows:
the invention provides an adaptive tamper-proof DATA structure of an update packet in a vehicle networking system, which comprises an ID field, a Ts field, a TAG field, an MD field and the content DATA of the update packet to be transmitted,
wherein the ID field occupies midA byte for storing a data ID value; ts field mTSA byte indicating an update packet upload timestamp; TAG field in mTAGA byte containing n TAG bits TAG1,TAG2,...,TAGnWherein TAG1Storing a current vehicle speed status, TAG2,...,TAGnRepresenting scenes related to an update package in the intelligent networked automobile; MD field mmdBytes storing an update package information digest for verifying the integrity cryptographic value.
Further, when n is 3, TAG2Type, TAG, for storing current update package3For storing update package subdivision categories.
Further, ID takes 4 bytes, Ts takes 4 bytes, TAG takes 1 byte, where: TAG1Occupies 2 bits; TAG2: occupying 2 bits and storing the type of the current update package; TAG3Occupying 4 bits and storing the subdivision types of the update packets; MD takes 36 bytes, the first 16 bytes are MD5 algorithm values, and the last 20 bytes are SHA _1 algorithm values.
Further, 01 denotes medium speed; 10 represents a low speed; and 11 denotes stationary.
Further, for TAG200 denotes an in-vehicle system update package; and 01, an in-vehicle system application update package.
Further, for TAG20000 represents a traffic safety type vehicle application; 0001 denotes traffic information consultation classVehicle-mounted applications; 0010 shows commercial vehicle applications such as information services.
A method of adaptive tamper-proofing of update packages in a car networking, using a data structure according to claims 1-6, and performing the steps of:
s1, the server selects the update package to be transmitted, assigns an ID, acquires the current time and assigns a value to Ts;
s2, obtaining the attribute of the current update package, according to the requirement of the TAG bit, the server end respectively gives TAG bits TAG2,...,TAGnAssigning;
s3, acquiring the current update package information, and generating an information abstract to assign a value to the MD;
s4, the vehicle-mounted terminal acquires the update package, judges the current running speed state of the vehicle and gives a TAG1Field assignment;
s5, giving a security level according to the reaction condition of the combined value of the n marking bits, selecting a proper integrity measurement scheme according to the security level, and if the update package passes the integrity measurement, updating the system; otherwise, refusing updating or directly deleting the updating package.
Further, the integrity measurement scheme includes three types: firstly, preferably based on an integrity measurement scheme of an MD5 algorithm, information summary is generated on information through the MD5 algorithm, and the method is suitable for the condition that the requirement on safety level is general;
secondly, preferably, based on a mixed integrity measurement scheme of an MD5 algorithm and an SHA _1 algorithm, an information digest is generated on information through an MD5, and a 160-bit information digest is generated on information through an SHA _1 algorithm, and the scheme is used for the situation that the requirement on the security level is high;
and thirdly, preferably, based on an integrity measurement scheme of MD5 and a third-party certification authority, after information is extracted through an MD5 algorithm, the information is certified by the third-party certification authority, and the method is suitable for the condition with very high requirement on the security level.
Further, the method for the server to select the update package to be transmitted includes:
uploading the update package to the Internet of vehicles application market, and waiting for a user to download and install the update; or the server is directly sent to the vehicle user end and is directly installed in a patch mode.
The invention has the beneficial effects that:
1. the invention can improve the safety index of the vehicle-mounted system, and once the tamper-proof system and the tamper-proof method are realized, the vehicle terminal can be effectively prevented from installing the maliciously-tampered installation package/upgrading package; 2. the invention provides a self-adaptive tamper-proof data structure of an update package in an internet of vehicles, which adds an ID field, a Ts field, a marking bit field and an MD field in the novel structural form, wherein the marking bit field can more flexibly select an integrity measurement scheme most suitable for the current environment in an internet of vehicles system; 3. according to the invention, by adopting the mode of intelligently selecting the tamper-proof method, the most appropriate solution can be selected in the current scene, the measurement redundancy can be effectively avoided, and the fineness of the integrity measurement is insufficient, so that the tamper is effectively prevented; 4. the invention initiates a multi-scene tamper-proof mechanism under the vehicle-mounted system, so that the system is more diversified, and the self-adaptive capacity of the whole vehicle-mounted system is improved.
Drawings
In order to make the object, technical scheme and beneficial effect of the invention more clear, the invention provides the following drawings for explanation:
FIG. 1 is a flow chart of update package transmission in a vehicle networking system;
FIG. 2 is a diagram of a data structure according to an embodiment;
FIG. 3 is a flow chart of the method of the present invention.
FIG. 4 is a timing diagram of a server installation update package.
Detailed Description
The following describes a data structure and a method for updating packet adaptive tamper-proofing in the car networking in a manner of combining with the drawings of the specification.
As shown in the update packet transmission flowchart in the car networking system of fig. 1, the car is continuously communicating with the external device during the driving process. The vehicle's system application update package and system update package will be sent from the vehicle application marketplace and vehicle server to the vehicle's on-board system during the communication process. If a hacker makes actions of autonomy exchange of the update package or injection of viruses and the like to endanger the safety of the vehicle by attacking the communication line, the update package received by the vehicle is unreliable. Therefore, a tamper-proof method needs to be selected in different scenarios to ensure that the update package received by the vehicle-mounted terminal of the vehicle is reliable.
The vehicle has different security levels when receiving the system update package and the system application update package in different states. If the current automobile has a lower safety level, but a high-strength anti-tampering method is selected at the moment, measurement redundancy is caused, and the work of integrity measurement becomes more complicated. When the automobile safety level is high, but a tamper-proof method with low strength is selected, the update package is in danger of being tampered.
The invention provides a self-adaptive tamper-proof data structure of an update package in an internet of vehicles, which is used for marking the safety level of an automobile receiving different update packages in different states so that a vehicle application market and a vehicle server can adopt a corresponding tamper-proof method according to the safety level when sending the system update package and the system application update package to a vehicle-mounted terminal, and the structure is shown in figure 2.
The flow chart of the method of the invention is shown in fig. 3, and the following steps are carried out on the basis of the data structure:
s1, the server selects the update package to be transmitted, assigns an ID, acquires the current time and assigns a value to Ts;
s2, obtaining the attributes of the current update package, and according to the requirement of the marker bit, respectively giving TAG2,...,TAGnAssigning;
s3, acquiring the content of the current update package, and generating an information abstract to assign a value to the MD field;
s4, the vehicle-mounted terminal acquires the update package, judges the current state of the vehicle and sends the TAG according to the state of the vehicle1Assigning;
s5, establishing a mapping table of the security level and the integrity measurement scheme according to the security level represented by the combined value of the n marker bits, selecting a proper integrity measurement scheme, and performing system updating if the update package passes the integrity measurement; otherwise, refusing updating or directly deleting the updating package.
When n is 3, as an implementable manner, the data structure includes:
ID: 4 bytes are occupied for storing the ID value of the data;
ts: the time stamp of the message, namely the uploading time of the current update package, is represented by 4 bytes;
TAG: occupying 1 byte and representing scenes related to an update package in the intelligent networked automobile; wherein:
TAG1: and occupying 2 bits and storing the current state of the vehicle. The preferred driving states are divided into the following 4 states: 00 denotes high speed; 01 represents medium speed; 10 represents a low speed; 11 denotes stationary;
TAG2: and occupying 2 bits and storing the type of the current update package. The types of application software in the preferred internet of vehicles are roughly divided into: 00 denotes an in-vehicle system update package; 01 represents an in-vehicle system application update package;
TAG3: and 4 bits, and storing the subdivision type of the update package. Preferably, for application software, the method is subdivided into the following steps: 0000 represents a traffic safety class vehicle application; 0001 denotes a traffic information consultation type vehicle-mounted application; 0010 represents commercial vehicle applications such as information services;
MD: the byte takes 36, the first 16 bytes are MD5 value, the last 20 bytes are SHA _1 value;
DATA: indicating the contents of the update package that needs to be transmitted.
If the data structure is utilized, the TAG can be identified1,TAG2,...,TAGnThe assignment of (c) is summarized in table 1 (preferably using binary stream representation):
TABLE 1
Figure BDA0001742013050000061
In the above table, it can be seen that, in the scenario related to the update package in the car networking system, the three flag bits are all assigned with the values of the security level according to different situations. The highest grade is 1, and the grades are sequentially decreased according to the safety requirement (such as 2, 3.). Higher security levels indicate that the choice of tamper-proof verification scheme for the update package is more stringent in the current scenario. The essence of tamper resistance is an integrity measure.
Thus, in a tamper resistant system, three schemes are provided: firstly, an integrity measurement scheme based on the MD5 algorithm is preferred, specifically, a 16-byte information digest is generated on information through the MD5 to prevent the information from being tampered, so that the method is suitable for a situation with low requirements on security level; secondly, it is preferable to use a mixed integrity measurement scheme based on MD5 and SHA _1, specifically, a 16-byte information digest is generated for information by MD5 and a 20-byte information digest is generated for information by SHA _1 at the same time, but it is almost impossible to find the hash value of MD5 and SHA _1 collision at the same time if necessary, so this scheme is used in the case of high security level requirement; and thirdly, preferably, based on an integrity measurement scheme of the MD5 and a third-party certification authority, specifically, after the MD5 generates the message digest for tamper resistance, the message digest is certified by the third-party certification authority as the "repudiation-resistant" behavior certification, and the method is suitable for the condition with a very high requirement on the safety level of the automobile.
At the same time, some specifications are made, such as when TAG is detected2Field bits all 00 or TAG detected3When the field bits are 0000, namely the highest security level is reflected, the integrity measurement scheme based on the MD5 and a third-party certification authority is directly selected. The following specific proposals for the selection of tamper-proof verification schemes at different security levels are summarized in table 2 (preferably using binary stream representation):
TABLE 2
TAG1-TAG2-TAG3 Tamper-proof verification scheme
00-01-0000 Selecting authentication mechanism based on MD5 and third partyIs used for measuring the integrity of the network
00-01-0001 Selecting a mixed integrity measurement scheme based on MD5 and SHA _1
00-01-0010 Selecting an integrity measurement scheme based on MD5
01-01-0000 Integrity measurement scheme based on MD5 and third-party certification authority
01-01-0001 Selecting a mixed integrity measurement scheme based on MD5 and SHA _1
01-01-0010 Selecting an integrity measurement scheme based on MD5
10-01-0000 Integrity measurement scheme based on MD5 and third-party certification authority
10-01-0001 Selecting a mixed integrity measurement scheme based on MD5 and SHA _1
10-01-0010 Selecting an integrity measurement scheme based on MD5
11-01-0000 Integrity measurement scheme based on MD5 and third-party certification authority
11-01-0001 Mixed integrity measurement scheme based on MD5 and SHA _1 is selected
11-01-0010 Selecting an integrity measurement scheme based on MD5
00-00-null Integrity measurement scheme based on MD5 and third-party certification authority
01-00-null Integrity measurement scheme based on MD5 and third-party certification authority
10-00-null Integrity measurement scheme based on MD5 and third-party certification authority
11-00-null Integrity measurement scheme based on MD5 and third-party certification authority
By adding three marking bits in front of the update package, the tamper-resistant system of the client can select a corresponding measurement scheme according to the table by only acquiring the values of the three marking bits, so that the system can conveniently select the integrity measurement scheme most suitable for the current scene. Wherein the MD5 algorithm represents the fifth version of the message digest algorithm; SHA _1 denotes a secure hash algorithm.
The method for selecting the update package needing to be transmitted by the server side comprises the following steps: uploading the update package to the Internet of vehicles application market, and waiting for a user to download and install the update; or the server is directly sent to the vehicle user end and is directly installed in a patch mode.
If the update package is downloaded in the application store, the update package is uploaded on the Internet of vehicles server sideThe server Side comprises Road-Side Units (RSU), Base Station (BS), and vehicle factory, and gives ID, Ts, and TAG of update package2,TAG3,...,TAGnAnd assigning values to fields such as MD (machine direction) and the like, and uploading the assigned update package to an application market to wait for downloading by a vehicle-mounted terminal. Obtaining the current vehicle state after downloading, and then giving TAG1And assigning, namely after all the tag bits are assigned, analyzing the value of each tag bit by the vehicle-mounted terminal, and judging the integrity measurement scheme most suitable for the current scene according to the priority of the value. If the current scene has general safety requirements, an MD5 scheme is selected for encryption, if the current scene has high safety requirements, the vehicle-mounted terminal correspondingly selects an MD5 and SHA _1 mixed integrity measurement scheme, if the current scene has high safety requirements, the MD5 integrity measurement needs to be selected, meanwhile, a Trusted Center (TC) is added for a third party authentication scheme, the vehicle-mounted terminal waits for calling a corresponding algorithm for integrity measurement, an application update package can be installed after the integrity measurement is passed, otherwise, the update package is rejected or the update package is directly deleted after the update package is tampered.
If the server is directly sent to the vehicle user side, the ID, Ts and TAG of the system update package are carried out at the vehicle networking server side2,TAG3,...,TAGnAnd after the fields such as MD and the like are assigned, the fields can be directly sent to the vehicle terminal, and the current vehicle state also needs to be acquired at the vehicle terminal to give the TAG1And (4) assigning values, selecting the most appropriate integrity measurement scheme by combining with the marker bits, and after the update package passes the integrity measurement, waiting for the vehicle to stop driving, and then updating the system. And if the system update package fails to pass the integrity measurement, rejecting the update or directly deleting the system update package. Fig. 4 is a timing chart illustrating a system upgrade performed by the server side directly sending the system update package to the vehicle-mounted terminal.
The above-mentioned embodiments, which further illustrate the objects, technical solutions and advantages of the present invention, should be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and should not be construed as limiting the present invention, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (2)

1. A self-adaptive tamper-proof method for an update package in a vehicle networking system is characterized by comprising the following steps: the following steps are carried out:
s1, the server selects the update package to be transmitted, assigns an ID, acquires the current time and assigns a value to Ts;
s2, obtaining the attribute of the current update package, according to the requirement of the TAG bit, the server end respectively gives TAG bits TAG2,...,TAGnAssigning;
s3, acquiring the current update package information, and generating an information abstract to assign a value to the MD;
s4, the vehicle-mounted terminal acquires the update package, judges the current running speed state of the vehicle and gives a TAG1Field assignment;
s5, giving a security level according to the reaction condition of the combined value of the n marking bits, selecting a proper integrity measurement scheme according to the security level, and if the update package passes the integrity measurement, updating the system; otherwise refusing updating or directly deleting the updating package;
the selecting an integrity measurement scheme according to the security level includes:
upon detection of TAG2The field positions are all 00 or TAG3When the field bits are 0000, selecting an integrity measurement scheme based on MD5 and a third-party certification authority, extracting information through an MD5 algorithm, and then performing certification on the information by the third-party certification authority;
upon detection of TAG2All field positions are 01 and TAG3When the field bits are 0001, based on a mixed integrity measurement scheme of MD5 algorithm and SHA _1 algorithm, generating an information abstract for information by MD5 and a 160bit information abstract for information by SHA _ 1;
in other cases, an integrity measurement scheme based on the MD5 algorithm is selected, and information summary is generated on the information through the MD5 algorithm.
2. The method for adaptively preventing the update package from being tampered in the internet of vehicles according to claim 1, wherein the method for the server side to select the update package to be transmitted comprises the following steps:
uploading the update package to the Internet of vehicles application market, and waiting for a user to download and install the update; or the server is directly sent to the vehicle user end and is directly installed in a patch mode.
CN201810823929.2A 2018-07-25 2018-07-25 Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles Active CN109150840B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810823929.2A CN109150840B (en) 2018-07-25 2018-07-25 Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810823929.2A CN109150840B (en) 2018-07-25 2018-07-25 Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles

Publications (2)

Publication Number Publication Date
CN109150840A CN109150840A (en) 2019-01-04
CN109150840B true CN109150840B (en) 2021-04-20

Family

ID=64797711

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810823929.2A Active CN109150840B (en) 2018-07-25 2018-07-25 Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles

Country Status (1)

Country Link
CN (1) CN109150840B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110011962B (en) * 2019-02-21 2021-10-01 国家计算机网络与信息安全管理中心 Method for identifying service data of Internet of vehicles
CN114039621B (en) * 2021-11-23 2023-08-22 安徽交欣科技股份有限公司 Vehicle-mounted intelligent terminal based on loose coupling

Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101369896A (en) * 2007-08-13 2009-02-18 通用汽车公司 Method for authenticating Short Message Service (SMS) messages
CN101699859A (en) * 2009-11-04 2010-04-28 四川虹微技术有限公司 Method for updating deciphering chip of conditional access system of digital TV
CN101783801A (en) * 2010-01-29 2010-07-21 福建星网锐捷网络有限公司 Software protection method based on network, client side and server
CN102223229A (en) * 2011-06-21 2011-10-19 航天科工深圳(集团)有限公司 Method for safe transmission of data in public network
CN104243137A (en) * 2013-06-24 2014-12-24 恩智浦有限公司 Data processing system and method of initializing a data processing system
CN104951332A (en) * 2014-03-31 2015-09-30 福特全球技术公司 Targeted vehicle remote feature updates
CN105187376A (en) * 2015-06-16 2015-12-23 西安电子科技大学 Safe communication method of internal automobile network in Telematics
CN106685653A (en) * 2016-12-29 2017-05-17 同济大学 A vehicle remote firmware update method and device based on information security technology
CN107040524A (en) * 2017-03-21 2017-08-11 北京信安世纪科技有限公司 A kind of program file verification method and program file verify device
CN107070652A (en) * 2017-04-24 2017-08-18 湖南科技学院 A kind of anti-tamper car networking method for secret protection of ciphertext based on CP ABE and system
CN107086996A (en) * 2017-04-14 2017-08-22 重庆邮电大学 Device and method for security authentication of Internet of Vehicles
CN107566125A (en) * 2017-09-01 2018-01-09 捷德(中国)信息科技有限公司 The safety certifying method that a kind of more algorithms combine
CN107947932A (en) * 2018-01-09 2018-04-20 重庆邮电大学 The vehicular ad hoc network authentication method without certificate signature based on non-bilinear map
CN107968774A (en) * 2016-10-20 2018-04-27 深圳联友科技有限公司 A kind of protecting information safety method of car networking terminal device
CN107979840A (en) * 2018-01-23 2018-05-01 重庆邮电大学 A kind of the car networking V2I Verification Systems and method of Key-insulated safety
WO2018098000A1 (en) * 2016-11-22 2018-05-31 Daniel Chien Network security based on device identifiers and network addresses
CN108137056A (en) * 2015-08-18 2018-06-08 卡菲特公司 Automotive deck monitor
EP3337120A1 (en) * 2016-12-14 2018-06-20 Nxp B.V. Network message authentication and verification

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8769275B2 (en) * 2006-10-17 2014-07-01 Verifone, Inc. Batch settlement transactions system and method
US20160291940A1 (en) * 2014-07-07 2016-10-06 Symphony Teleca Corporation Remote Embedded Device Update Platform Apparatuses, Methods and Systems
US10630481B2 (en) * 2016-11-07 2020-04-21 Ford Global Technologies, Llc Controller area network message authentication

Patent Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101369896A (en) * 2007-08-13 2009-02-18 通用汽车公司 Method for authenticating Short Message Service (SMS) messages
CN101699859A (en) * 2009-11-04 2010-04-28 四川虹微技术有限公司 Method for updating deciphering chip of conditional access system of digital TV
CN101783801A (en) * 2010-01-29 2010-07-21 福建星网锐捷网络有限公司 Software protection method based on network, client side and server
CN102223229A (en) * 2011-06-21 2011-10-19 航天科工深圳(集团)有限公司 Method for safe transmission of data in public network
CN104243137A (en) * 2013-06-24 2014-12-24 恩智浦有限公司 Data processing system and method of initializing a data processing system
CN104951332A (en) * 2014-03-31 2015-09-30 福特全球技术公司 Targeted vehicle remote feature updates
CN105187376A (en) * 2015-06-16 2015-12-23 西安电子科技大学 Safe communication method of internal automobile network in Telematics
CN108137056A (en) * 2015-08-18 2018-06-08 卡菲特公司 Automotive deck monitor
CN107968774A (en) * 2016-10-20 2018-04-27 深圳联友科技有限公司 A kind of protecting information safety method of car networking terminal device
WO2018098000A1 (en) * 2016-11-22 2018-05-31 Daniel Chien Network security based on device identifiers and network addresses
EP3337120A1 (en) * 2016-12-14 2018-06-20 Nxp B.V. Network message authentication and verification
CN106685653A (en) * 2016-12-29 2017-05-17 同济大学 A vehicle remote firmware update method and device based on information security technology
CN107040524A (en) * 2017-03-21 2017-08-11 北京信安世纪科技有限公司 A kind of program file verification method and program file verify device
CN107086996A (en) * 2017-04-14 2017-08-22 重庆邮电大学 Device and method for security authentication of Internet of Vehicles
CN107070652A (en) * 2017-04-24 2017-08-18 湖南科技学院 A kind of anti-tamper car networking method for secret protection of ciphertext based on CP ABE and system
CN107566125A (en) * 2017-09-01 2018-01-09 捷德(中国)信息科技有限公司 The safety certifying method that a kind of more algorithms combine
CN107947932A (en) * 2018-01-09 2018-04-20 重庆邮电大学 The vehicular ad hoc network authentication method without certificate signature based on non-bilinear map
CN107979840A (en) * 2018-01-23 2018-05-01 重庆邮电大学 A kind of the car networking V2I Verification Systems and method of Key-insulated safety

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Efficient Privacy-Preserving Dual Authentication;yanbing liu;《IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS》;20171015;全文 *
一种基于信任的动态访问控制策略;林庆国;《重庆邮电大学学报》;20101217;全文 *
车联网安全模型及关键技术;刘宴兵;《西华师范大学学报》;20160520;全文 *
车联网认证机制和信任模型;刘宴兵;《北京邮电大学学报》;20170606;全文 *

Also Published As

Publication number Publication date
CN109150840A (en) 2019-01-04

Similar Documents

Publication Publication Date Title
CN110225063B (en) Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
CN106230851B (en) Data security method and system based on block chain
CN106503995A (en) A kind of data sharing method, source node, destination node and system
CN112487011B (en) Block chain-based Internet of things terminal data uplink method and system
CN108197891A (en) A kind of electronic signature device and method based on block chain
CN104904156B (en) Authentication apparatus, authentication processing system and authentication method
CN104702418B (en) A kind of vehicle identity authentication method for dividing equally RSU calculation amounts
CN107800678A (en) The method and device that detection terminal is registered extremely
CN109981682A (en) Data verification method, the apparatus and system of internet of things equipment
CN101547184A (en) Method and device for authenticating data block transmitted in network
CN112311779B (en) Data access control method and device applied to block chain system
EP2913973A1 (en) Trusted NFC smart poster tag
CN109150840B (en) Self-adaptive tamper-proof data structure and method for update package in Internet of vehicles
CN112134893A (en) Internet of things safety protection method and device, electronic equipment and storage medium
CN109286500A (en) Vehicle Electronic Control Unit ECU authentication method, device and equipment
CN112214464A (en) Evidence preservation method and system based on block chain
US20040111618A1 (en) Software integrity test
WO2020259519A1 (en) Certificate update method and related device
CN118433171A (en) File transmission method, system, storage medium and electronic equipment
WO2019207764A1 (en) Extraction device, extraction method, recording medium, and detection device
CN114265815A (en) Traffic media data storage method, server, storage medium and system
WO2022142632A1 (en) Method and system for message communication between vehicles
CN113177790A (en) Block chain-based car booking method, device, equipment and medium for Internet of vehicles
CN108462672A (en) A kind of authentication protection method and system of reply network attack
KR20180072340A (en) Methods of secure transmitting control message at in-vehicle network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant