CN111314275A - Method for encrypting CAN (controller area network) of drive-by-wire chassis - Google Patents

Method for encrypting CAN (controller area network) of drive-by-wire chassis Download PDF

Info

Publication number
CN111314275A
CN111314275A CN201911091214.3A CN201911091214A CN111314275A CN 111314275 A CN111314275 A CN 111314275A CN 201911091214 A CN201911091214 A CN 201911091214A CN 111314275 A CN111314275 A CN 111314275A
Authority
CN
China
Prior art keywords
plaintext
controller
drive
encrypting
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911091214.3A
Other languages
Chinese (zh)
Inventor
毛平生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Golden Dragon Bus Co Ltd
Original Assignee
Nanjing Golden Dragon Bus Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Golden Dragon Bus Co Ltd filed Critical Nanjing Golden Dragon Bus Co Ltd
Priority to CN201911091214.3A priority Critical patent/CN111314275A/en
Publication of CN111314275A publication Critical patent/CN111314275A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40169Flexible bus arrangements
    • H04L12/40176Flexible bus arrangements involving redundancy
    • H04L12/40182Flexible bus arrangements involving redundancy by using a plurality of communication lines
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)

Abstract

The invention discloses a method for encrypting a CAN network of a drive-by-wire chassis, which comprises the following steps: the sending controller encrypts a CAN message plaintext by using a DES encryption algorithm to form a CAN encrypted message; the sending controller splits the encrypted message according to a specified rule; the signals are simultaneously sent to a receiving controller through two paths of CAN; the receiving controller combines the messages according to the specified rule, and the CAN plaintext is obtained through the DES decryption algorithm, so that bus control and information interaction are realized.

Description

Method for encrypting CAN (controller area network) of drive-by-wire chassis
The technical field is as follows:
the invention relates to a method for encrypting a CAN (controller area network) of a drive-by-wire chassis, belonging to the technical field of telecommunication.
Background art:
with the technical advance of intelligent networking, automatic driving and unmanned platforms, the CAN network security requirement of the wire control chassis system is more and more urgent, and the CAN network security plays a very important role in the development of the automobile industry towards the direction of intellectualization and automation. The native automobile drive-by-wire chassis system adopts a plaintext type bus for communication without any safety processing. Therefore, hackers CAN acquire the authority of controlling the functions of automobile steering, braking and the like through the CAN bus, and the system has great risk. At present, the adopted encryption method is based on message authentication codes of encryption and complex key management to protect CAN communication, but the CAN bus load, message delay and calculation energy consumption are increased.
The invention content is as follows:
the invention provides a CAN network encryption method for a wire-controlled chassis, which aims to solve the problems in the prior art, and adopts a double-CAN network to realize bus encryption, encrypted messages are dispersed on two CAN networks, and the encrypted messages CAN be analyzed into plaintext after being synchronously received and combined.
The technical scheme adopted by the invention is as follows: a method for encrypting a CAN network of a drive-by-wire chassis is characterized by comprising the following steps: the method comprises the following steps:
(1) the sending controller encrypts the CAN plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
Further, the specified rule is specifically as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, the encrypted information is divided into two messages according to a dislocation principle, and the two messages are sent on two CAN buses
The invention has the following beneficial effects:
1. the CAN encryption function CAN be quickly realized, the message encryption is realized by utilizing the current mature and quick encryption algorithm, and the computational power requirement of the controller is reduced;
2. performance indexes such as CAN bus load rate, message delay, calculation energy consumption and the like of the system are not influenced;
3. the double CAN network enhances the network robustness, increases the network cracking difficulty, improves the encryption characteristic of the CAN bus and achieves the aim of safety protection;
4. the double CAN messages are synchronous, and the signal integrity and consistency check CAN be completed.
Description of the drawings:
FIG. 1 is a schematic diagram of a chassis-by-wire CAN network encryption method of the present invention.
The specific implementation mode is as follows:
the invention will be further described with reference to the accompanying drawings.
The invention relates to a method for encrypting a Controller Area Network (CAN) of a drive-by-wire chassis, which comprises the following steps of:
(1) the sending controller encrypts the CAN message plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
The specific rule is as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, and the encrypted information is divided into two messages according to a dislocation principle and is sent on two CAN buses.
The encryption method of the CAN network of the drive-by-wire chassis CAN realize message encryption, improve the system cracking complexity, effectively improve the safety of the CAN network and realize the aim of CAN network encryption.
The foregoing is only a preferred embodiment of this invention and it should be noted that modifications can be made by those skilled in the art without departing from the principle of the invention and these modifications should also be considered as the protection scope of the invention.

Claims (2)

1. A method for encrypting a CAN network of a drive-by-wire chassis is characterized by comprising the following steps: the method comprises the following steps:
(1) the sending controller encrypts the CAN plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
2. The chassis-by-wire CAN network encryption method of claim 1, wherein: the specified rule is specifically as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, and the encrypted information is divided into two messages according to a dislocation principle and is sent on two CAN buses.
CN201911091214.3A 2019-11-09 2019-11-09 Method for encrypting CAN (controller area network) of drive-by-wire chassis Pending CN111314275A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911091214.3A CN111314275A (en) 2019-11-09 2019-11-09 Method for encrypting CAN (controller area network) of drive-by-wire chassis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911091214.3A CN111314275A (en) 2019-11-09 2019-11-09 Method for encrypting CAN (controller area network) of drive-by-wire chassis

Publications (1)

Publication Number Publication Date
CN111314275A true CN111314275A (en) 2020-06-19

Family

ID=71161330

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911091214.3A Pending CN111314275A (en) 2019-11-09 2019-11-09 Method for encrypting CAN (controller area network) of drive-by-wire chassis

Country Status (1)

Country Link
CN (1) CN111314275A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115296861A (en) * 2022-07-15 2022-11-04 智己汽车科技有限公司 Network security communication method and control device of vehicle-mounted CAN bus

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5784547A (en) * 1995-03-16 1998-07-21 Abb Patent Gmbh Method for fault-tolerant communication under strictly real-time conditions
CN101286940A (en) * 2008-05-12 2008-10-15 北京邮电大学 Dual-redundant CAN bus communication system and communicating method thereof
CN102238046A (en) * 2010-05-06 2011-11-09 上海固泰科技有限公司 CAN (Controller Area Network) bus physical layer testing method
CN103051507A (en) * 2013-01-21 2013-04-17 普华基础软件股份有限公司 Method for data transmission based on multichannel CAN (Controller Area Network) bus bundling
CN106143364A (en) * 2016-07-22 2016-11-23 北京航空航天大学 A kind of electric automobile distributed director information security method and system
CN106789509A (en) * 2016-12-21 2017-05-31 中国船舶重工集团公司第七研究所 A kind of data communications method of redundant CAN bus communication system
CN106945632A (en) * 2016-01-06 2017-07-14 陕西重型汽车有限公司 A kind of method and system of the remote control vehicle based on AES

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5784547A (en) * 1995-03-16 1998-07-21 Abb Patent Gmbh Method for fault-tolerant communication under strictly real-time conditions
CN101286940A (en) * 2008-05-12 2008-10-15 北京邮电大学 Dual-redundant CAN bus communication system and communicating method thereof
CN102238046A (en) * 2010-05-06 2011-11-09 上海固泰科技有限公司 CAN (Controller Area Network) bus physical layer testing method
CN103051507A (en) * 2013-01-21 2013-04-17 普华基础软件股份有限公司 Method for data transmission based on multichannel CAN (Controller Area Network) bus bundling
CN106945632A (en) * 2016-01-06 2017-07-14 陕西重型汽车有限公司 A kind of method and system of the remote control vehicle based on AES
CN106143364A (en) * 2016-07-22 2016-11-23 北京航空航天大学 A kind of electric automobile distributed director information security method and system
CN106789509A (en) * 2016-12-21 2017-05-31 中国船舶重工集团公司第七研究所 A kind of data communications method of redundant CAN bus communication system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
黄宏伟等: "《枫林学院 21》", 30 April 2018, 上海:同济大学出版社 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115296861A (en) * 2022-07-15 2022-11-04 智己汽车科技有限公司 Network security communication method and control device of vehicle-mounted CAN bus
CN115296861B (en) * 2022-07-15 2023-06-06 智己汽车科技有限公司 Network safety communication method and control device of vehicle-mounted CAN bus

Similar Documents

Publication Publication Date Title
WO2017080182A1 (en) Data transmission and receiving method, transmitter, receiver, and can bus network
CN111186414A (en) Automobile Bluetooth key safety management system and method
CN106878130B (en) CAN network anomaly detection method and device for electric vehicle
EP2560319B1 (en) Method, apparatus and system for data encryption transmission in m2m
KR101519777B1 (en) Data trasmission method between controllers in a vehicle Network and data reception method between Controllers in the vehicle network
CN113542428B (en) Vehicle data uploading method and device, vehicle, system and storage medium
CN102377571A (en) Method and system for implementing IEC104 message transmission
CN112688945A (en) Transmission method and transmission system for terminal data of Internet of things
CA3171853A1 (en) Method and system for addition of assurance information to v2x messaging
Wu et al. Security protocol for controller area network using ECANDC compression algorithm
CN111314275A (en) Method for encrypting CAN (controller area network) of drive-by-wire chassis
CN113472520B (en) ModbusTCP (Transmission control protocol) security enhancement method and system
CN114499990A (en) Vehicle control method, device, equipment and storage medium
CN104734846A (en) Quantum cryptographic key distribution control device and method
CN114386049A (en) Encryption method, decryption method, device and equipment
CN108879963B (en) Power load management device and method
US20190305939A1 (en) Vehicle communication system and vehicle communication method
GB2590282A (en) Cryptographic key management for end-to-end communication security
CN113434181B (en) Software upgrading method and device, electronic equipment and storage medium
CN1192649C (en) Method for sending cipher information to mobile terminal in mobile communication system
CN111935112B (en) Cross-network data security ferrying device and method based on serial
CN110035080B (en) Encryption and decryption system and method for vehicle-mounted terminal
CN115065474A (en) Identity certificateless intelligent vehicle networking heterogeneous signcryption system under block chain-cloud edge fusion
CN114499958A (en) Control method and device, vehicle and storage medium
CN113542254A (en) System and method for fusing terminal security access

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200619

RJ01 Rejection of invention patent application after publication