CN111245613B - Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks - Google Patents

Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks Download PDF

Info

Publication number
CN111245613B
CN111245613B CN202010111994.XA CN202010111994A CN111245613B CN 111245613 B CN111245613 B CN 111245613B CN 202010111994 A CN202010111994 A CN 202010111994A CN 111245613 B CN111245613 B CN 111245613B
Authority
CN
China
Prior art keywords
key
vehicle
level
seed
edi
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010111994.XA
Other languages
Chinese (zh)
Other versions
CN111245613A (en
Inventor
韩牟
殷志昆
张星
马世典
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu University
Original Assignee
Jiangsu University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University filed Critical Jiangsu University
Priority to CN202010111994.XA priority Critical patent/CN111245613B/en
Publication of CN111245613A publication Critical patent/CN111245613A/en
Application granted granted Critical
Publication of CN111245613B publication Critical patent/CN111245613B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides an identity-based three-level key agreement method for an in-vehicle network and an in-vehicle network, which can improve the security of the in-vehicle network and improve the key agreement and replacement efficiency. According to whether the nodes in the vehicle have the external communication function or not, a safe and efficient communication scheme that three levels of keys based on identity and each level of key comprise multiple sub-keys is designed, and a data access control mechanism of the nodes in and out of the vehicle is established. The invention establishes a novel vehicle internal and external node communication key agreement protocol architecture based on the novel vehicle network communication protocol security of the cryptology principle, thereby solving the information security problem of the vehicle network, namely remote attack, replay attack, tampering attack and forgery attack resistance, other communication units in the vehicle can generate a third-level key automatically to establish communication with external equipment directly without performing additional identity authentication and key agreement on the third-level key, and ensuring that the scheme has high security and efficiency.

Description

Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks
Technical Field
The invention relates to the technical field of passwords and communication safety, in particular to an identity-based three-level key agreement method for an in-vehicle network and an out-vehicle network.
Background
At present, the development of intelligent networked automobiles is accelerated by electromotion, intellectualization and networking, and the dream that the automobiles enter families is realized. The appearance of the intelligent internet automobile revolutionized the travel mode of people. Compared with the traditional automobile, the novel traveling mode has higher safety, applicability and high efficiency. Many manufacturers have introduced vehicle sharing technology based on various approaches. But this raises various information security issues that increase the attack surface for network attackers. In reality, network attackers tend to attack remotely, and illegal data frames are injected into the in-vehicle network step by step through bugs of external networks or devices, bugs in the automobile networking system and bugs of the in-vehicle network, so that automobiles are controlled.
In order to solve the problems, the invention expounds a design method of the key agreement safety and efficiency of the internal and external networks of the vehicle from a multi-angle and all-around perspective, and needs to provide a three-level key agreement method of the internal and external networks of the vehicle based on identity.
Disclosure of Invention
The invention aims to establish a novel vehicle internal and external node communication key negotiation protocol framework based on the safety of a novel vehicle network communication protocol of a cryptology principle.
In order to achieve the above purpose, the technical solution provided by the implementation of the present invention is as follows:
and constructing an identity-based three-level key agreement method between the external device ED, the vehicle-mounted communication unit CU and the vehicle-mounted ECU by combining the characteristics of limited storage and calculation resources of the external device and the vehicle-mounted network system and the requirement on high security.
An identity-based three-level key negotiation method for an in-vehicle and external networks comprises the following steps:
the method comprises the following steps that whether an in-vehicle node has an external communication function or not is divided into two types, wherein one type is a vehicle-mounted communication unit CU with the external communication function, and the other type is an electronic control unit ECU without the external communication function;
establishing a data access control mechanism according to the security threat level of nodes inside and outside the vehicle, namely adopting three-level keys, wherein the first-level key is the highest-level key and is used for communication between Electronic Control Units (ECUs) and communication between the ECUs and gateway ECUs (electronic control units), namely GECUs, the second-level key is used for communication between vehicle-mounted Communication Units (CUs) and between the CUs and the ECUs, and the third-level key is used for communication between the CUs and external Equipment (ED);
1. further, according to the security threat of the nodes inside and outside the vehicle, the electronic control unit ECU inside the vehicle is a first protection object and is in the highest level, the vehicle-mounted communication unit CU is arranged, and finally the external device ED outside the vehicle is arranged.
2. Further, each level of the three-level key comprises 5 subkeys, wherein the first level key and the second level key are derived from a key derivation function HKDF and a key seed xi Production of the HKDF (seed) xi )=AK xi ||UK xi ||EK xi.1 ||EK xi.2 ||EK xi.3 Subscript x is f or s, f is first, s is second, subscript i is ith, the key seed of the third-level key is defined by hash function H (), ID of ED ED And current second level key seed s Producing a seed EDi =H(seed s ||ID ED ) The third level key is composed of a key derivation function HKDF and a key seed of the third level key EDi Production of HKDF (seed) EDi )=AK EDi ||UK EDi ||EK EDi.1 ||EK EDi.2 ||EK EDi.3 Are respectively an authentication key AK xi A key update Key UK xi And three encryption subkeys EK xi.j And j is the jth encryption sub-key.
3. Further, still include: when external devices ED and CU 1 When communication is established for the first time, identity authentication and key agreement are carried out, and after identity authentication, CU (central office) carries out 1 Will broadcast the identity ID of the external device ED in the in-vehicle network ED So that the external device ED communicates with other communication units CU on board the vehicle 2 Directly generating a third-level key without identity authentication and key agreement; wherein CU 1 The first CU established as ED and the vehicle-mounted end, and so on, namely CU 2 And a second CU established for the ED and the vehicle-mounted terminal.
4. Further, the method also comprises the following steps: when the external device ED and the on-board communication unit CU change keys, the following protocol is executed, including two rounds of messages:
step 1.1: if j ∈ {1,2}, CU generates
Figure GDA0003914647540000021
And the sub-key exchange message Msg of both ED and CU EDsubk (REQ EDsubk | HMAC (-) is sent to ED and CTR is updated CU And j. If j =3, CU selects to generate the sub-key seed EDi+1 =H(seed s ||ID ED ) Where seed is s For the current secondary key seed, then the CU uses the update key UK EDi Is paired and/or matched>
Figure GDA0003914647540000022
Encrypt to generate ciphertext C ED And generates a corresponding HMAC (·), and finally updates the third-level master key seed with the message Msg EDK (REQ EDK ||C ED | HMAC (·)) is sent to the ED. Wherein HMAC (-) is a hashed MAC value @>
Figure GDA0003914647540000023
For hash function values encrypted using the ED's authentication key, msg means message, sub means subkey exchange, CTR CU Message counter value, REQ, for CU EDsubk Subscription request, ID, to ED CU Is the identity ID identifier of the CU, REQ EDK Meaning a third-level rekeying request by the ED.
Step 1.2: receiving a subkey change message Msg EDsubk Then, ED verifies the message authentication code first, if pass, then EK EDi.j+1 Acting as next session key and updating CTR CU . Receiving a third-level master key seed update message Msg EDK Then, ED verifies the message authentication code first, if pass verification, uses the update secret key UK EDi To C ED Decrypting to obtain seed EDi+1 Generating a third-level key by using a key derivation function HKDF, and finally updating the CTR CU (ii) a Wherein, EK EDi.j+1 For the j +1 th encryption sub-key, UK, in the current key EDi The key is updated for the current key of the ED.
5. Further, still include: when the in-vehicle communication unit CU changes keys with the ECU, the following protocol is executed, including two rounds of messages:
step 2.1: if j ∈ {1,2}, the GECU generates
Figure GDA0003914647540000031
And broadcasts a rekeying subkey message Msg of the first secondary key Subk (REQ Subk | HMAC (·)), then let the CTR GECU And j plus 1. If j =3, the GECU selects a random primary key seed fi+1 And a random secondary key seed si+1 Using the renewed key UK fi And UK si Respectively encrypted to be->
Figure GDA0003914647540000032
And &>
Figure GDA0003914647540000033
And generates correspondencesHMAC (·), finally broadcasting an update message Msg of the first secondary key K (REQ K ||C ECU ||C CU HMAC (-) and update CTR GECU . Where K means Key Change, CTR GECU For the message counter value of the GECU, HAKsi () is the hash function value of the authentication subkey encryption using the second level key, REQ Subk Encryption subkey update request, UK, for first secondary key fi Key update Key, UK, meaning first level Key si Key update Key, C, to mean a second level Key ECU Ciphertext that the ECU needs to decrypt is meant>
Figure GDA0003914647540000034
Meaning to use UK fi Encrypted encryption function, C CU Meaning the ciphertext that the CU needs to decrypt,
Figure GDA0003914647540000035
meaning use of UK si Encrypted cryptographic function, msg K Intended for updating messages of the first secondary key, REQ K Is the first secondary key update request.
Step 2.2: receive Msg Subk Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the EK is sent to the ECU si.j+1 And EK fi.j+1 Acting as next session key and updating CTR GECU Receiving Msg K Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the ECU decrypts C ECU Obtaining seed fi+1 ||seed si+1 Generating a first-level key and a second-level key by using a key derivation function HKDF; CU decryption C ED Obtaining seed si+1 And generates a second level key using key derivation function HKDF. Finally updating CTR GECU . Wherein, EK si.j+1 And EK fi.j+1 Respectively are the current second-level key and the j +1 th encryption sub-key in the first-level key.
The invention has the following beneficial effects:
the invention establishes a novel vehicle internal and external node communication key negotiation protocol architecture based on the safety of a novel vehicle network communication protocol of a cryptology principle, thereby solving the problems of information safety and the like faced by a vehicle network, such as no vehicle internal and external node data access control mechanism, single key, key waste, extra workload generation and the like. The other communication units in the vehicle can generate the third-level key by themselves to establish communication with the external device directly without performing additional identity authentication and key agreement on the third-level key. In addition, the three encryption sub-keys are gradually replaced, and other sub-keys are negotiated and updated after all the sub-keys to be encrypted are used, so that the complexity in the key negotiation process is solved, and the key negotiation efficiency is improved. Above, guarantee that the scheme has very high security and efficiency.
Drawings
FIG. 1 is a general flow diagram of one embodiment of the present invention;
FIG. 2 is a schematic diagram of an architecture of in-vehicle and out-vehicle nodes according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating third-level key agreement according to an embodiment of the present invention;
FIG. 4 is a diagram illustrating first and second level key negotiations according to an embodiment of the present invention;
Detailed Description
The present invention will be described in detail below with reference to embodiments shown in the drawings. These embodiments are not intended to limit the present invention, and structural, methodological, or functional changes in accordance with the embodiments are within the scope of the present invention.
Referring to fig. 1, a general flow of a novel vehicle interior and exterior node communication key agreement protocol includes a first-level key agreement and a second-level key agreement of a vehicle interior node and a third-level key agreement of a vehicle exterior node.
The method specifically comprises three conditions:
the first method comprises the following steps: when the external device ED is already in the on-board communication unit CU 1 When communication is established and communication with other vehicle-mounted communication units in the vehicle is required to be established, the two parties can directly establish communication only by generating a third-level secret key based on identity.
And the second method comprises the following steps: and when the external device ED and the vehicle-mounted communication unit CU need to replace the key, the CU selects a key replacement mode according to the j value.
And the third is that: and when the ECU in the vehicle and the vehicle-mounted communication unit CU need to replace the key, the GECU selects a key replacement mode according to the j value.
Referring to fig. 2, a new vehicle interior and exterior node communication key agreement protocol architecture is shown. The division is made according to whether the in-vehicle node has an external communication function, and is divided into two types, one is an in-vehicle communication unit CU having an external communication function, and the other is an electronic control unit ECU not having an external communication function. A data access control mechanism is established according to the security threat level of nodes inside and outside a vehicle, namely three-level keys are adopted, wherein the first-level key is the highest-level key and is used for communication between ECUs and communication between the ECUs and a Gateway ECU (GECU), the second-level key is used for communication between the CUs and the ECUs, and the third-level key is used for communication between the CUs and an external device ED. According to the remote attack mechanism, the ECU in the vehicle is a first protection object and is the highest level, then the vehicle-mounted communication unit CU is arranged, and finally the external device ED outside the vehicle is arranged.
Referring to fig. 3, the identity-based third-level key agreement protocol between the external device ED and the on-board communication unit CU includes the following steps:
step 1.1: if j ∈ {1,2}, CU generates
Figure GDA0003914647540000051
And sends the subkey-change message Msg EDsubk (REQ EDsubk | HMAC (-) is sent to ED and CTR is updated CU And j. If j =3, the CU chooses to generate the sub-key seed EDi+1 =H(seed s ||ID ED ) Where seed is s Is the current secondary key seed. The CU then uses the update Key UK EDi Is paired and/or matched>
Figure GDA0003914647540000052
Encrypt to generate ciphertext C ED And generates a corresponding HMAC (-) and finally updates the third-level master key seed message Msg EDK (REQ EDK ||C ED | HMAC (·)) is sent to the ED. Wherein HMAC (·) is a hashed MAC value, H () is a hash function, msg means a message, sub means a subkey exchange, CTR CU Is the message counter value of the CU.
Step 1.2: receive Msg EDsubk Then, ED verifies the message authentication code first, if pass, then EK EDi.j+1 Acting as next session key and updating CTR CU . Receive Msg EDK Then, ED verifies the message authentication code first, if pass verification, uses the update secret key UK EDi To C ED Decrypting to obtain seed EDi+1 And generates a tertiary key using key derivation function HKDF. Finally updating CTR CU
Referring to fig. 4, the GECU performs the first and second level key agreement with the vehicle communication unit CU and the in-vehicle ECU, and the agreement process is as follows:
step 2.1: if j ∈ {1,2}, the GECU generates
Figure GDA0003914647540000053
And broadcasts a rekey subkey message Msg Subk (REQ Subk HMAC (·)), then let the CTR GECU And j plus 1. If j =3, the GECU selects a random primary key seed fi+1 And a secondary key seed si+1 Using the renewed key UK fi And UK si Respectively encrypted into>
Figure GDA0003914647540000054
And &>
Figure GDA0003914647540000055
And generates a corresponding HMAC (·), finally broadcasts an update message Msg K (REQ K ||C ECU ||C CU HMAC (-) and update CTR GECU . Wherein K means Replacing of a Key, CTR GECU Is the message counter value of the GECU.
Step 2.2: receive Msg Subk Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the EK is sent to the ECU si.j+1 And EK fi.j+1 As next session key and update CTR GECU . Receive Msg K Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the ECU decrypts C ECU Obtaining seed fi+1 ||seed si+1 And generates a primary key and a secondary key using a key derivation function HKDF. CU decryption C ED Obtaining seed si+1 And generates a second level key using key derivation function HKDF. Finally updating CTR GECU
Compared with the prior art, the identity-based three-level key agreement method for the in-vehicle network and the out-vehicle network can improve the security of the in-vehicle network and improve the key agreement and replacement efficiency. According to whether the nodes in the vehicle have the external communication function or not, a safe and efficient communication scheme that three levels of keys based on identity and each level of key comprise multiple sub-keys is designed, and a data access control mechanism of the nodes in and out of the vehicle is established. The invention establishes a novel vehicle internal and external node communication key agreement protocol architecture based on the novel vehicle network communication protocol security of the cryptology principle, thereby solving the information security problem of the vehicle network, namely remote attack, resistance to replay attack, tampering attack and forgery attack, and other communication units in the vehicle can generate a third-level key by themselves to directly establish communication with external equipment without performing additional identity authentication and key agreement on the third-level key, thereby ensuring that the scheme has high security and efficiency.
It should be understood that although the present description refers to embodiments, not every embodiment contains only a single technical solution, and such description is for clarity only, and those skilled in the art should make the description as a whole, and the technical solutions in the embodiments can also be combined appropriately to form other embodiments understood by those skilled in the art.
The above-listed detailed description is only a specific description of a possible embodiment of the present invention, and they are not intended to limit the scope of the present invention, and equivalent embodiments or modifications made without departing from the technical spirit of the present invention should be included in the scope of the present invention.

Claims (3)

1. An identity-based three-level key agreement method for an in-vehicle network and an out-vehicle network is characterized by comprising the following steps:
the method comprises the following steps that whether an in-vehicle node has an external communication function or not is divided into two types, wherein one type is a vehicle-mounted communication unit CU with the external communication function, and the other type is an electronic control unit ECU without the external communication function;
establishing a data access control mechanism according to the security threat level of nodes inside and outside a vehicle, and adopting three-level keys, wherein the first-level key is the highest-level key and is used for communication between Electronic Control Units (ECUs) and communication between the ECUs and a gateway ECU (electronic control Unit), the second-level key is used for communication between vehicle-mounted Communication Units (CUs) and between the CUs and the ECUs, and the third-level key is used for communication between the CUs and external Equipment (ED);
each level of the three-level key comprises 5 subkeys, wherein the first level key and the second level key are derived from a key derivation function HKDF and a key seed xi Production of HKDF (seed) xi )=AK xi ||UK xi ||EK xi.1 ||EK xi.2 ||EK xi.3 Subscript x is f or s, f is first, s is second, subscript i is ith, the key seed of the third-level key is defined by hash function H (), ID of ED ED And current second level key seed s Generating seed EDi =H(seed s ||ID ED ) The third level key is composed of a key derivation function HKDF and a key seed of the third level key EDi Generation of HKDF (seed) EDi )=AK EDi ||UK EDi ||EK EDi.1 ||EK EDi.2 ||EK EDi.3 Respectively an authentication key AK xi A key update Key UK xi And three encryption subkeys EK xi.j J is the jth encryption sub-key;
when the external device ED and the on-board communication unit CU change keys, the following protocol is performed, including two rounds of messages:
step 1.1: if j ∈ {1,2}, CU generates
Figure FDA0003914647530000011
And the sub-key exchange message Msg of both ED and CU EDsubk (REQ EDsubk | HMAC (·)) to the ED, and then update the CTR CU And j, if j =3, CU chooses to generate the sub-key seed EDi+1 =H(seed s ||ID ED ) Where seed is s For the current secondary key seed, then the CU uses the update key UK EDi To (X)>
Figure FDA0003914647530000012
Encrypt to generate ciphertext C ED And generates a corresponding HMAC (-) and finally updates the third-level master key seed message Msg EDK (REQ EDK ||C ED | HMAC (-), which is the hashed MAC value, is sent to the ED, where HMAC (-), is based on the hash MAC value, and is based on the result of the comparison>
Figure FDA0003914647530000013
For hash function values encrypted using the ED's authentication key, msg means message, sub means subkey exchange, CTR CU Message counter value, REQ, for CU EDsubk subKey Replacing request, ID, to ED CU Is the identity ID identifier of the CU, REQ EDK To the effect of a tertiary rekeying request by the ED,
step 1.2: receiving a subkey change message Msg EDsubk Then, ED verifies the message authentication code first, if pass, then EK EDi.j+1 As next session key and update CTR CU Receiving a third-level master key seed update message Msg EDK Then, ED verifies the message authentication code first, if pass, uses the updated secret key UK EDi To C ED Decrypting to obtain seed EDi+1 Generating a third-level key by using a key derivation function HKDF, and finally updating the CTR CU (ii) a Wherein, EK EDi.j+1 For the j +1 th encryption sub-key, UK, in the current key EDi Updating the key for the current key of the ED;
further comprising: when the in-vehicle communication unit CU and the ECU exchange keys, the following protocol is executed, including two rounds of messages:
step 2.1: if j ∈ {1,2}, the GECU generates
Figure FDA0003914647530000021
And broadcasts a rekeying subkey message Msg of the first secondary key Subk (REQ Subk HMAC (·)), then let the CTR GECU And j plus 1, if j =3, the GECU selects a random primary key seed fi+1 And a random secondary key seed si+1 Using the renewed key UK fi And UK si Respectively encrypted to be->
Figure FDA0003914647530000025
And &>
Figure FDA0003914647530000026
And generates a corresponding HMAC (·), finally broadcasts an update message Msg of the first secondary key K (REQ K ||C ECU ||C CU HMAC (-) and update CTR GECU Where K means Rekey, CTR GECU A message counter value for GECU>
Figure FDA0003914647530000022
Hash function value for authenticated sub-key encryption using a second level key, REQ Subk Encryption subkey update request, UK, for first and second-level keys fi Key update Key, UK, meaning first level Key si Key update Key, C, to mean a second level Key ECU Ciphertext that the ECU needs to decrypt is meant>
Figure FDA0003914647530000023
Meaning use of UK fi Encrypted encryption function, C CU Meaning the ciphertext that the CU needs to decrypt>
Figure FDA0003914647530000024
Meaning to use UK si Encrypted cryptographic function, msg K Intended for updating messages of the first secondary key, REQ K In order to be the first secondary key update request,
step 2.2: receive Msg Subk Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the EK is sent to the ECU si.j+1 And EK fi.j+1 Acting as next session key and updating CTR GECU Receiving Msg K Then, all CUs and ECUs verify the message authentication code first, and if the message authentication code passes the verification, the ECU decrypts C ECU Obtaining seed fi+1 ||seed si+1 Generating a first-level key and a second-level key by using a key derivation function HKDF; CU decryption C ED Obtaining seed si+1 Generating a second-level key by using a key derivation function HKDF, and finally updating the CTR GECU Wherein, EK si.j+1 And EK fi.j+1 Respectively are the current second-level key and the j +1 th encryption sub-key in the first-level key.
2. The identity-based three-level key agreement method for the in-vehicle and out-vehicle networks according to claim 1, characterized in that the security threats of the in-vehicle and out-vehicle nodes are based on a remote attack mechanism, and an in-vehicle Electronic Control Unit (ECU) is a first protection object and is the highest level, then a vehicle-mounted Communication Unit (CU) and finally is an External Device (ED) outside the vehicle.
3. The identity-based vehicle interior and exterior network three-level key agreement method according to claim 1, further comprising: when external devices ED and CU 1 When communication is established for the first time, identity authentication and key agreement are carried out, and after identity authentication, CU (central office) carries out 1 Will broadcast the identity ID of the external device ED in the in-vehicle network ED So that the external device ED communicates with other communication units CU on board the vehicle 2 Directly generating a third-level key without identity authentication and key agreement; wherein CU 1 The first CU established as ED and the vehicle-mounted end, and so on 2 And a second CU established for the ED and the vehicle-mounted end.
CN202010111994.XA 2020-02-24 2020-02-24 Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks Active CN111245613B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010111994.XA CN111245613B (en) 2020-02-24 2020-02-24 Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010111994.XA CN111245613B (en) 2020-02-24 2020-02-24 Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks

Publications (2)

Publication Number Publication Date
CN111245613A CN111245613A (en) 2020-06-05
CN111245613B true CN111245613B (en) 2023-04-18

Family

ID=70876670

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010111994.XA Active CN111245613B (en) 2020-02-24 2020-02-24 Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks

Country Status (1)

Country Link
CN (1) CN111245613B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113259933B (en) * 2021-06-15 2023-08-29 北京天融信网络安全技术有限公司 Key updating method, gateway, control device, electronic equipment and medium
CN116488813B (en) * 2023-06-26 2023-08-18 合众新能源汽车股份有限公司 Vehicle, communication security authentication method and device thereof, electronic equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790053B (en) * 2016-12-20 2019-08-27 江苏大学 A kind of method of ECU secure communication in CAN bus
CN107426187B (en) * 2017-06-27 2020-02-21 江苏大学 Vehicle interior network fine-grained authorization access method based on ECU identity attribute
CN110086622A (en) * 2018-01-25 2019-08-02 南京汽车集团有限公司 In-vehicle network security architecture designs under a kind of intelligent network connection environment
CN109033862B (en) * 2018-08-12 2019-04-30 吉林大学 A kind of distributed locomotive electronic system protecting information safety method

Also Published As

Publication number Publication date
CN111245613A (en) 2020-06-05

Similar Documents

Publication Publication Date Title
CN106790053B (en) A kind of method of ECU secure communication in CAN bus
CN106533655B (en) Method for safe communication of ECU (electronic control Unit) in vehicle interior network
CN108667616B (en) Cross-cloud security authentication system and method based on identification
CN110943957B (en) Safety communication system and method for vehicle intranet
CN105049401B (en) A kind of safety communicating method based on intelligent vehicle
CN108259465B (en) Authentication encryption method for internal network of intelligent automobile
US20120324218A1 (en) Peer-to-Peer Trusted Network Using Shared Symmetric Keys
CN109495274A (en) A kind of decentralization smart lock electron key distribution method and system
CN110995432A (en) Internet of things sensing node authentication method based on edge gateway
CN108964897B (en) Identity authentication system and method based on group communication
CN111277412B (en) Data security sharing system and method based on block chain key distribution
JP2012500543A (en) Multicast key distribution method, update method and base station based on unicast session key
Xi et al. ZAMA: A ZKP-based anonymous mutual authentication scheme for the IoV
CN111245613B (en) Identity-based three-level key negotiation method for in-vehicle and out-vehicle networks
CN114884698B (en) Kerberos and IBC security domain cross-domain authentication method based on alliance chain
CN111416706A (en) Quantum secret communication system based on secret sharing and communication method thereof
CN108880799B (en) Multi-time identity authentication system and method based on group key pool
KR101481403B1 (en) Data certification and acquisition method for vehicle
CN104219252A (en) Coding error correction based secret key forward direction consistency calibration method
CN113852632A (en) Vehicle identity authentication method, system, device and storage medium based on SM9 algorithm
CN113489591A (en) Traceable comparison attribute encryption method based on multiple authorization centers
Carvajal-Roca et al. A semi-centralized dynamic key management framework for in-vehicle networks
KR100892616B1 (en) Method For Joining New Device In Wireless Sensor Network
Cho et al. Using QKD in MACsec for secure Ethernet networks
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Han Mou

Inventor after: Yin Zhikun

Inventor after: Zhang Xing

Inventor after: Ma Shidian

Inventor before: Han Mou

Inventor before: Yin Zhikun

Inventor before: Ma Shidian

GR01 Patent grant
GR01 Patent grant