CN110356359A - Vehicle communication terminal and safety enter the encryption method of starting authorization module - Google Patents

Vehicle communication terminal and safety enter the encryption method of starting authorization module Download PDF

Info

Publication number
CN110356359A
CN110356359A CN201910607400.1A CN201910607400A CN110356359A CN 110356359 A CN110356359 A CN 110356359A CN 201910607400 A CN201910607400 A CN 201910607400A CN 110356359 A CN110356359 A CN 110356359A
Authority
CN
China
Prior art keywords
box
variable
vehicle
sesam
bus
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910607400.1A
Other languages
Chinese (zh)
Inventor
郝铁亮
赵德华
叶平
武翔宇
许茜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Brilliance Auto Group Holding Co Ltd
Original Assignee
Brilliance Auto Group Holding Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Brilliance Auto Group Holding Co Ltd filed Critical Brilliance Auto Group Holding Co Ltd
Priority to CN201910607400.1A priority Critical patent/CN110356359A/en
Publication of CN110356359A publication Critical patent/CN110356359A/en
Pending legal-status Critical Current

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/01Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/01Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
    • B60R25/04Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens operating on the propulsion system, e.g. engine or drive motor
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R2325/00Indexing scheme relating to vehicle anti-theft devices
    • B60R2325/10Communication protocols, communication systems of vehicle anti-theft devices
    • B60R2325/108Encryption
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R2325/00Indexing scheme relating to vehicle anti-theft devices
    • B60R2325/20Communication devices for vehicle anti-theft devices
    • B60R2325/205Mobile phones

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Mechanical Engineering (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Selective Calling Equipment (AREA)

Abstract

A kind of vehicle communication terminal and safety enter the encryption method of starting authorization module, and technology wants the main points to be, comprising the following steps: step 1, remotely starts original message;Step 2, NAND Logic operation;Step 3, AES128 Encryption Algorithm operation;Step 4, verification result.Data transmission between T-Box and SESAM is increased to the process of special encryption certification and verification, the safety remotely started in order to ensure car networking, complete the normal starting that car networking remotely starts the function of engine, it needs to verify long-range enabled instruction, substantially reduces a possibility that vehicle is by hacker attack.

Description

Vehicle communication terminal and safety enter the encryption method of starting authorization module
Technical field
With the fast development of car networking technology, all vehicles with car networking function nearly all have long-range control to start The function of machine, long-range control air-conditioning, no matter distance how far, car owner can adjust before travel environment inside car, provide multi gear temperature The selection such as degree, air supply pattern, immediately enters comfortable driving environment when car owner gets on the bus.It is whole that the present invention devises a kind of vehicle-carrying communication (hereinafter referred to as T-Box) and safety is held to enter the encryption method of & starting authorization module (hereinafter referred to as SESAM).According to T-Box with The safe encryption method of SESAM can complete the specific movement of remote engine starting of vehicle.Encryption Algorithm designed by the invention, It can be improved the safety remotely started.The invasion for preventing hacker avoids bringing the person and property loss to car owner.
Background technique
1. users by App send remote opening to the process of long-range starting engine and long-range starting air-conditioning as shown in Figure 1: The instruction of engine/air-conditioning;2. director data is sent to TSP platform by internet, by platform judgement, this time whether instruction has Whether effect, vehicle meet the condition remotely started, and instruction is issued to vehicle communication terminal T-Box if meeting;3.T-Box connects After receiving long-range starting engine/air-conditioning instruction, if meeting entry condition, this instruction is sent to execution unit by T-Box SESAM;After 4.SESAM receives long-range starting engine/air-conditioning instruction, if meeting entry condition, long-range starting is executed Instruction;5. engine/starting of air conditioner success.
Wherein, 1 ~ 2 is vehicle extra-net part, and 3 ~ 5 be interior mesh portions.Long-range starting engine/air-conditioning is one very multiple Miscellaneous process is needed repeatedly to verify and check operation, is not described in detail herein.Traditional vehicle network remote starts engine/sky It between T-Box and SESAM without Encryption Algorithm or Encryption Algorithm is common crypto algorithm during tune, many hackers are using related Technology cracks in-vehicle network network protocol, and forges transmission pseudo-command and give vehicle communication terminal T-Box, if vehicle communication terminal T- Special Encryption Algorithm is not carried out between Box and SESAM, then the vehicle that network hacker can intrude into car owner completely carries out The operations such as long-range starting engine/air-conditioning, consequence will be hardly imaginable.
Summary of the invention
Enter the encryption method for starting authorization module the purpose of the present invention is to provide a kind of vehicle communication terminal and safety, Data transmission between T-Box and SESAM is increased to the process of special encryption certification and verification, in order to ensure car networking remotely opens Dynamic safety completes the normal starting that car networking remotely starts the function of engine, needs to carry out school to long-range enabled instruction It tests, substantially reduces a possibility that vehicle is by hacker attack.
To achieve the above object, the present invention provides the following technical scheme that the vehicle communication terminal and safety enter starting The encryption method of authorization module, is characterized in that, comprising the following steps:
Step 1, car owner carries out long-range starting engine/air conditioner operation, and TSP platform, which receives to issue after instruction, checks that vehicle-state refers to It enables and (remotely starts original message):
Step 1.1, T-Box and vehicle CAN bus are waken up if T-Box is dormant state, T-Box will remotely start engine/ Air-conditioning instruction is sent to CAN bus;According to CAN bus agreement, vehicle data are sent to CAN bus by other CAN nodes;
Step 1.2, if T-Box is wake-up states, implementation procedure is exited;
Step 2, NAND Logic operation:
Step 2.1, T-Box will remotely start original message and timestamp carries out NAND Logic operation, obtain variable a;
Step 2.2, SESAM will remotely start original message and timestamp carries out NAND Logic operation, obtain variable b;
Step 3, AES128 Encryption Algorithm operation:
Step 3.1, variable a is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variables A;
Step 3.2, variable b is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variable B;
Step 4, verification result:
Step 4.1, if A=B, success is verified, SESAM executes long-range starting engine/air-conditioning and executes;
Step 4.2, if A ≠ B, failure is verified, SESAM replys negative and answers, and exits implementation procedure.
Beneficial effects of the present invention: the present invention solves the safety leakage in traditional vehicle network remote starting engine/air-conditioning Hole can complete the algorithm for remotely starting encryption, guarantee the safety of remote engine starting of vehicle.The customized key that generates at random and Even if special Encryption Algorithm makes hacker know interior bus protocol, it also can not carry out in a short time algorithm and crack, vehicle Valid instruction and illegal instruction can be automatically identified, the safety of in-vehicle network has been significantly greatly increased, bringing to car owner more safely can The driving experience leaned on.In particular to the fusion of the standard encryption algorithms of AES128, to improve the complexity of algorithm And safe coefficient, solve long-range starting safety problem.
Detailed description of the invention
Fig. 1 is the flow diagram that prior art medium-long range starts engine.
Fig. 2 is T-Box and SESAM encryption method schematic diagram.
Specific embodiment
Below in conjunction with Fig. 1 ~ 2, pass through the specific embodiment particular content that the present invention will be described in detail.The vehicle communication terminal with Safety enter starting authorization module encryption method the following steps are included:
Step 1, car owner carries out long-range starting engine/air conditioner operation, and TSP platform, which receives to issue after instruction, checks that vehicle-state refers to It enables and (remotely starts original message):
Step 1.1, T-Box and vehicle CAN bus are waken up if T-Box is dormant state, T-Box will remotely start engine/ Air-conditioning instruction is sent to CAN bus;According to CAN bus agreement, vehicle data are sent to CAN bus by other CAN nodes, such as when Between stab, the format of timestamp be the moon, day, when, minute, second;
Step 1.2, if T-Box is wake-up states, implementation procedure is exited.
Step 2, NAND Logic operation:
Step 2.1, T-Box will remotely start original message and timestamp carries out NAND Logic operation, obtain variable a;
Step 2.2, SESAM will remotely start original message and timestamp carries out NAND Logic operation, obtain variable b.
Step 3, AES128 Encryption Algorithm operation:
Step 3.1, variable a is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variables A;
Step 3.2, variable b is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variable B.
Step 4, verification result:
Step 4.1, if A=B, success is verified, SESAM executes long-range starting engine/air-conditioning and executes;
Step 4.2, if A ≠ B, failure is verified, SESAM replys negative and answers, and exits implementation procedure.
When T-Box receives long-range starting engine instruction, long-range starting engine can be sent in CAN bus Message, this message be original message, since message is presented in CAN bus, so controller SESAM can also be received far The request message of Cheng Qidong, since vehicle bus is waken up, vehicle sections controller also can toward bus send message, wherein certain A little controllers can in bus sending time message (timestamp), message format include the moon, day, when, the contents such as minute, second clock, And it is indicated with four bytes of a message.T-Box and SESAM simultaneously by four bytes in original message and time message into The logical operation of row nand.It waits after the completion of calculating, then is carried out by customized key and the above-mentioned result calculated AES128 algorithm carries out operation (since AES128 algorithm is the prior art, particular content is omited).For the numerical value of customized key, Actual setting can be carried out in production line by diagnostic equipment according to demand.After T-Box and SESAM is respectively calculated, SESAM carries out the verification and comparison of clearing structure, if two calculated results can fit like a glove, SESAM can issue control Instruction is completed remotely to start engine instruction and feed back to T-Box after start completion remotely to start engine success, otherwise SESAM will feed back engine start failure, and proof of identity mistake can not normally start engine.
English abbreviation involved in text is explained: AES (Advanced Encryption Standard), superencipherment mark Standard is also known as Rijndael enciphered method in cryptography, is a kind of block encryption standard that U.S. Federal Government uses, and is a kind of right The Encryption Algorithm of title property.This standard is used to substitute original DES, and widely the whole world is used.And AES128, that is, it is based on The aes algorithm of 128bit length keys.

Claims (1)

1. the encryption method that a kind of vehicle communication terminal and safety enter starting authorization module, which is characterized in that including following step It is rapid:
Step 1, car owner carries out long-range starting engine/air conditioner operation, and TSP platform, which receives to issue after instruction, checks that vehicle-state refers to It enables and (remotely starts original message):
Step 1.1, T-Box and vehicle CAN bus are waken up if T-Box is dormant state, T-Box will remotely start engine/ Air-conditioning instruction is sent to CAN bus;According to CAN bus agreement, vehicle data are sent to CAN bus by other CAN nodes;
Step 1.2, if T-Box is wake-up states, implementation procedure is exited;
Step 2, NAND Logic operation:
Step 2.1, T-Box will remotely start original message and timestamp carries out NAND Logic operation, obtain variable a;
Step 2.2, SESAM will remotely start original message and timestamp carries out NAND Logic operation, obtain variable b;
Step 3, AES128 Encryption Algorithm operation:
Step 3.1, variable a is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variables A;
Step 3.2, variable b is subjected to the operation of AES128 Encryption Algorithm with the customized key variable c generated at random, is encrypted Variable B;
Step 4, verification result:
Step 4.1, if A=B, success is verified, SESAM executes long-range starting engine/air-conditioning and executes;
Step 4.2, if A ≠ B, failure is verified, SESAM replys negative and answers, and exits implementation procedure.
CN201910607400.1A 2019-07-08 2019-07-08 Vehicle communication terminal and safety enter the encryption method of starting authorization module Pending CN110356359A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910607400.1A CN110356359A (en) 2019-07-08 2019-07-08 Vehicle communication terminal and safety enter the encryption method of starting authorization module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910607400.1A CN110356359A (en) 2019-07-08 2019-07-08 Vehicle communication terminal and safety enter the encryption method of starting authorization module

Publications (1)

Publication Number Publication Date
CN110356359A true CN110356359A (en) 2019-10-22

Family

ID=68218503

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910607400.1A Pending CN110356359A (en) 2019-07-08 2019-07-08 Vehicle communication terminal and safety enter the encryption method of starting authorization module

Country Status (1)

Country Link
CN (1) CN110356359A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115242530A (en) * 2022-07-27 2022-10-25 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115242530A (en) * 2022-07-27 2022-10-25 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile
CN115242530B (en) * 2022-07-27 2023-10-13 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on national cryptographic algorithm and automobile

Similar Documents

Publication Publication Date Title
US10104094B2 (en) On-vehicle communication system
CN107968781B (en) Safety processing method for vehicle sharing service
KR102243114B1 (en) Real-time frame authentication using id anonymization in automotive networks
CN106685653B (en) Vehicle remote firmware updating method and device based on information security technology
CN111028397B (en) Authentication method and device, and vehicle control method and device
CN107682334B (en) OBD interface data safety protection system and data safety protection method
CN106972926B (en) encryption and decryption method, device and system for wireless automobile key
CN108263303A (en) Control method for vehicle, apparatus and system
CN106506149B (en) Key generation method and system between a kind of TBOX terminal and TSP platform
CN110239484B (en) Vehicle lock remote security control system and method
CN109688146A (en) A kind of data access method, gateway controller and automobile
CN109728899B (en) Pure electric vehicle authentication key safety management method and system
CN109495449A (en) A kind of vehicle CAN bus encryption method
CN111845624B (en) Method for starting vehicle without key
CN112087419B (en) Vehicle-mounted terminal data transmission safety protection method and device
CN111083696A (en) Communication verification method and system, mobile terminal and vehicle terminal
CN110356359A (en) Vehicle communication terminal and safety enter the encryption method of starting authorization module
CN107640124B (en) Onboard safety systems
CN108881494A (en) Secure messaging methods based on In-vehicle networking and block chain
CN113572720A (en) Data encryption method, data decryption method, data encryption device, data decryption device and electric vehicle
CN113448299A (en) Vehicle gateway controller, information processing method and vehicle
CN116456336A (en) External equipment access security authentication method, system, automobile, equipment and storage medium
CN111917618A (en) Vehicle-mounted CAN bus communication method, device and system and vehicle
CN107046529B (en) Vehicle-road cooperative secure communication method based on hash encryption
CN115865460A (en) Data transmission method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20191022

WD01 Invention patent application deemed withdrawn after publication