CN111736868B - Automobile remote updating method based on identity identification and bidirectional verification - Google Patents
Automobile remote updating method based on identity identification and bidirectional verification Download PDFInfo
- Publication number
- CN111736868B CN111736868B CN202010555998.7A CN202010555998A CN111736868B CN 111736868 B CN111736868 B CN 111736868B CN 202010555998 A CN202010555998 A CN 202010555998A CN 111736868 B CN111736868 B CN 111736868B
- Authority
- CN
- China
- Prior art keywords
- vehicle
- update
- oem
- key
- kms
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 36
- 238000000034 method Methods 0.000 title claims abstract description 30
- 230000002457 bidirectional effect Effects 0.000 title claims abstract description 17
- 238000009434 installation Methods 0.000 claims abstract description 8
- 230000006872 improvement Effects 0.000 description 5
- 230000006855 networking Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Bioethics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an automobile remote updating method based on identity identification and bidirectional verification, which specifically comprises the following steps: step one, initializing a KMS; step two, the software supplier issues an update package; step three, the vehicle requests updating; step four, the OEM issues an update package; step five, vehicle verification and installation of an update package; and step six, resetting the key management system. According to the automobile remote updating method based on the identity identification and the bidirectional verification, the automobile remote updating can be effectively realized on the premise of the identity identification and the bidirectional verification through the arrangement of the steps from the first step to the fifth step.
Description
Technical Field
The invention belongs to the field of intelligent networking automobile information safety, relates to an automobile remote updating technology, a key management and an identity authentication technology, and particularly relates to an automobile remote updating method based on identity identification and bidirectional verification.
Background
In recent years, with the trend of automobile intellectualization, networking and electromotion, the update of automobile software becomes a key technology of the automobile industry. Connecting the car in a wired manner, software update techniques for upgrading software inside the car have been used on conventional cars before. At present, most of the manufacturers of large automobiles adopt a remote online upgrade (OTA) mode to update the system of the automobiles.
The remote updating technology can update the system function of the large-scale networked vehicle in a short time, so that a new function is added to the intelligent networked vehicle in time or software bugs are repaired, the user experience and the safety of the vehicle are improved, and the function maintenance cost can be reduced to a great extent, so that the remote updating technology is favored by automobile manufacturers (Original Equipment manufacturers, OEMs). Remote updates use public wireless networks, which will become 1 key attack plane and will also be the main target for hacking. An attacker can provide a malicious software update package for the vehicle through the attack software update warehouse, and remote arbitrary code execution is realized, so that the vehicle is further controlled 1. An attacker can also masquerade as a vehicle and obtain update packages from a software update repository, thereby stealing software content.
In order to defend against the above attack types, the authentication of the update package publisher will become the key to ensure OTA security. Most of the existing identity verification methods are based on a PKI public key system, and rely on a certificate certification authority to issue and verify a digital certificate so as to verify the identity of a message sender. In addition, because the software of the automobile is updated by a plurality of part suppliers, the updating mode is 1 many-to-many, if the traditional public key encryption mode (such as RSA encryption) is adopted, each automobile needs to verify the identity of different software suppliers 1 by 1 during updating, and therefore the problem of identity verification in remote updating in an intelligent networked automobile software supply chain needs to be solved.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide an intelligent networking automobile remote safety updating method based on identity identification and bidirectional verification, designs an identity identification and bidirectional verification method based on an existing automobile software supply chain mode, performs bidirectional verification on the identities of a publisher and a vehicle of an OTA updating package, and provides an OTA updating identity verification method suitable for the current automobile industry chain mode.
In order to achieve the purpose, the invention provides the following technical scheme: an automobile remote updating method based on identity identification and bidirectional verification specifically comprises the following steps:
step 1, initializing a KMS;
step 2, the software supplier issues an update package;
step 3, the vehicle requests updating;
step 4, the OEM issues an update package;
step 5, vehicle verification and installation of an update package;
and 6, resetting the key management system.
As a further improvement of the present invention, the specific steps of KMS initialization in step 1 are as follows:
step 11, initializing and generating common parametersThese parameters are disclosed to all users, wherein G1And G2Are groups of order a prime number q,is 1 bilinear map, where G1To add group, G2For multiplicative groups, P is G1A generator of, EkAnd DkIs a symmetric encryption and decryption algorithm with a key length of k, H0,H1H is 3 hash functions;
step 12, the KMS randomly selects a master keyCalculating PpubsP, software supplier or vehicle UiIs IDi,Qi=H0(IDi) As a public key, the corresponding private key is Si=sQi;
Step 13, UiAfter the private key is generated, the private key is written into the secure storage hardware and is pre-installed on a vehicle or distributed to a software provider.
As a further improvement of the present invention, the software vendor issuing the update package in step 2 needs to add a digital signature and signature verification, wherein the specific steps of adding the digital signature and signature verification are as follows:
in step 21, first, the hash value h ═ h (m) of the update packet and the signature value S ═ E are generatedk(SiH) in which EkSymmetric encryption method, S, published for KMSiIs a private key of a software provider, and M is an update package;
step 22, after sending the update package and the signature value to the OEM, the OEM verifies the signature value, where the verification specifically includes: firstly, calculating hash value of updating packet0Then, the signature value is decrypted by using a decryption algorithm to obtain the hash1=Dk(S,Qi) If hash0And hash1And if the two are equal, the signature verification is successful.
As a further improvement of the present invention, the specific steps of issuing the update package in step 4 are as follows:
step 41, when the OEM receives an update request of the vehicle, verifying a signature value of the update request information according to the VIN code of the vehicle;
step 42, after the verification is successful, the software supplier group corresponding to the vehicle is inquired, the update packages of all the software suppliers are repackaged into 1 update package and sent to the vehicle;
at step 43, the OEM signs the update package using the steps in step 2.
As a further improvement of the present invention, the specific steps of vehicle verification and update package installation in step 5 are as follows:
step 51, after the vehicle receives the update package sent by the OEM, the update gateway verifies the authenticity of the update package according to the verification algorithm in step 2;
step 52, if the signature is verified to be correct, the update package is sent to the ECU, and the ECU waits for receiving and installing the update;
and step 53, after all ECUs are updated and installed, sending an update success signal to the gateway, finishing the software update of the whole vehicle, and feeding back the final software version update state of the gateway to the OEM by the gateway.
As a further improvement of the invention, in the step 12, after the KMS selects the master key, 1 spare key K is pre-stored in the vehiclerootAnd judging whether the KMS is in an unsafe state or not, and if the KMS is judged to be in the unsafe state, the OEM initializes the KMS according to the step 1.
As a further development of the invention, after the OEM initializes the KMS system according to step 1, the OEM reissues the new private key to the user, the OEM using KrootThe new key is encrypted and an HMAC is generated to prove the authenticity of the message, wherein the HMAC signature value is calculated as follows:
wherein:
h is a password hash algorithm;
m is a message needing signature, namely the message content sent to the server by the vehicle;
k is an identity key;
k' is a key with the same size as the block of the hash algorithm, if the length of K is smaller than the size of the block, the length of K is equal to the length of the block by filling 0, otherwise, the K is generated by H (K);
| | denotes connecting two data;
opad is a 0x5c byte sequence of the same length as the block of the hash algorithm;
ipad is a 0x36 byte sequence of the same length as the block of the hash algorithm.
The invention has the beneficial effects that:
1) the present patent does not require the issuance of digital certificates to software vendors, taking advantage of their identity characteristics (e.g.: domain name) as a public key;
2) the invention realizes the grouping identity authentication of the software supplier through the OEM server, the software supplier provides an update package for the vehicle in an anonymous way, and the vehicle does not need to manage a large number of digital certificates;
3) in the invention, OEM can manage the authority of software supplier, and can dynamically increase or decrease the members of privilege group;
4) the VIN code of the vehicle is used as the public key, the group manager can authenticate the identity of the vehicle without issuing a large number of digital certificates to the vehicle, and the cost is reduced;
5) the invention realizes many-to-many bidirectional authentication between a software supplier and a vehicle through OEM, and can defend various common attack modes such as man-in-the-middle attack, disguised attack and the like;
6) in the invention, the OEM can add or delete the members in the vehicle group, and the software supplier can complete the change of the security policy without any change;
7) in the invention, if the KMS is attacked or the secret key is leaked, a new secret key can be safely issued to the vehicle again through the preset backup private key.
Drawings
FIG. 1 is a flow diagram of key management system initialization and key distribution;
fig. 2 is a flow chart of a method of rekeying a key management system.
Detailed Description
The invention will now be described in further detail with reference to an embodiment shown in the accompanying drawings, in which the invention is illustrated in detail.
Firstly, the security updating method in the invention mainly comprises KMS initialization, software provider issuing an update package, vehicle request updating, OEM issuing an update package, vehicle verification and installation of the update package, revoking an original key after the KMS is attacked, and issuing a new key.
An intelligent networking automobile remote security updating method based on identity identification and bidirectional verification firstly designs a key management and key distribution system KMS, as shown in figure 1. The KMS system mainly comprises: initializing a KMS before generating a key, selecting a self master key and necessary public parameters, and taking a domain name of a supplier and a vehicle VIN code as a public key; the KMS provides corresponding private keys for software suppliers and vehicles, so that encryption and signature functions are realized in the intelligent internet automobile remote upgrading process. The purpose of safe upgrading is achieved by realizing the mutual authentication based on the identity identification in the processes of issuing an update package by a software provider, requesting the update of a vehicle, issuing the update package by an OEM and installing the update package by the vehicle. The key point of the safe and stable operation of the system is the safety of the KMS, and aiming at the safety of the KMS, the invention provides a key revoking mode aiming at the situation that the KMS has risks, and as shown in figure 2, an OEM resets the KMS system and uses a spare key Kroot for encryption when the KMS is in a risk state and the KMS updates a private key of a user, so that the safety is ensured.
(1) KMS initialization
The software provider and the vehicle use the domain name and the vehicle VIN code of the provider as public keys, and in order to implement encryption and signature functions, a private key corresponding to the public key needs to be generated for each role. The generation of the private key is generated by the KMS deployed by the OEM, and before generating the key, the KMS needs to initialize, select its own master key and some necessary public parameters. The specific flow is shown in figure 1.
Initializing generating common parametersThese parameters are disclosed to all users. Wherein G is1And G2Are groups of order a prime number q,is a bilinear map, where G1To add group, G2For multiplicative groups, P is G1The generator of (1). EkAnd DkIs the key lengthAnd k degree symmetric encryption and decryption algorithm. H0,H1And h is three hash functions. KMS randomly selects master keyCalculating PpubsP, software supplier or vehicle UiIs IDi,Qi=H0(IDi) As a public key, the corresponding private key is Si=sQi。UiAfter the private key is generated, the private key is written into the secure storage hardware and is pre-installed on a vehicle or distributed to a software provider. To this end, each user has a private key corresponding to his own identity (domain name or VIN code).
(2) Software vendor publishing update packages
Only OEM-specified software vendors may provide software update packages for each vehicle model, and digital signatures may be added after the update packages in order to prove that the update packages were issued by a particular software vendor. Assuming that the update packet is M, first, the hash value h ═ h (M) and the signature value S ═ E of the update packet are generatedk(SiH) in which EkSymmetric encryption method, S, published for KMSiIs the private key of the software vendor. After the update package and the signature value are sent to the OEM, the OEM verifies the signature value, and first calculates the hash value of the update package0Then, the signature value is decrypted by using a decryption algorithm to obtain the hash1=Dk(S,Qi) If hash0And hash1And if the two are equal, the signature verification is successful.
(3) Vehicle request update
The vehicle will query for updates at a fixed frequency, request an update package from the OEM if an update is available, provide the necessary own information when requesting the update package, generate a signature with its own private key, and send the request message to the OEM along with the signature value.
(4) OEM (original Equipment manufacturer) issuing update package
When the OEM receives the updating request of the vehicle, the signature value of the updating request information is verified according to the VIN code of the vehicle, and the signature verification method is the same as that in the step 3. If the verification is successful, the software supplier group corresponding to the vehicle is inquired, the update packages of all the software suppliers are repackaged into an update package to be sent to the vehicle, and in order to prove the authenticity of the update package sent to the vehicle by the OEN, the OEN also needs to sign the update package by using the method in the step 2.
(5) Vehicle verification and installation update package
After the vehicle receives the update package sent by the OEM, the update gateway verifies the authenticity of the update package according to the verification algorithm in the step 2, if the signature is verified correctly, the update package is sent to the ECU, the ECU waits for receiving and installing the update, after all the ECUs complete the update installation, an update success signal is sent to the gateway, the software update of the whole vehicle is completed, and the gateway feeds back the final self software version update state to the OEM.
(6) Rekey management system
The key of the identity-based encryption and authentication method used in the above steps is the security of the KMS, if the master key of the KMS is once leaked, the whole system will be in an unsafe state, and in order to ensure the safe and stable operation of the whole updating system, the invention provides a key revoking method, as shown in fig. 2, the number of software providers is small, and new keys are easily issued in an off-line manner. For vehicles, it is difficult to recall vehicles, the key needs to be updated in an online manner, and a spare key K can be prestored in the vehiclesrootOnce the KMS system is in an unsafe state, the OEM may reset the KMS system and reissue the KMS public parameters according to the method in step one, but at the same time it is also necessary to update the private keys of all users. To reissue a new private key to a user, an OEM utilizes KrootThe new key is encrypted and an HMAC (hash function based message authentication code) is generated to prove the authenticity of the message. The HMAC signature value is calculated as follows:
wherein:
h is cipher hash algorithm
m is the message to be signed, i.e. the content of the message sent by the vehicle to the server
K is an identity key
K' is a key with the same size as the block of the hash algorithm, if the length of K is smaller than the size of the block, the length of K is equal to the length of the block by filling 0, otherwise, the K is generated by H (K)
I means to connect two data together
opad is a 0x5c byte sequence of the same length as the block of the hashing algorithm
ipad is a 0x36 byte sequence of the same length as the block of the hash algorithm.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (5)
1. An automobile remote updating method based on identity identification and bidirectional verification is characterized in that: the method specifically comprises the following steps:
step 1, initializing a KMS;
step 2, the software supplier issues an update package;
step 3, the vehicle requests updating;
step 4, the OEM issues an update package;
step 5, vehicle verification and installation of an update package;
step 6, resetting the key management system;
the specific steps of KMS initialization in step 1 are as follows:
step 11, initializing and generating common parametersThese parameters are disclosed to all users, wherein G1And G2Are groups of order a prime number q,is a bilinear map, where G1To add group, G2For multiplicative groups, P is G1A generator of, EkAnd DkIs a symmetric encryption and decryption algorithm with a key length of k, H0,H1H is 3 hash functions;
step 12, the KMS randomly selects a master keyCalculating PpubsP, software supplier or vehicle UiIs IDi,Qi=H0(IDi) As a public key, the corresponding private key is Si=sQi;
Step 13, UiAfter the private key is generated, the private key is written into the secure storage hardware and is pre-installed on a vehicle or distributed to a software provider; the software supplier in step 2 issues the update package, which needs to add a digital signature and verify the signature, wherein the specific steps of adding the digital signature and verifying the signature are as follows:
in step 21, first, the hash value H' of the update packet is generated as H ═ H1(M), signature value S ═ Ek(SiH) in which EkSymmetric encryption method, S, published for KMSiIs a private key of a software provider, and M is an update package;
step 22, after sending the update package and the signature value to the OEM, the OEM verifies the signature value, where the verification specifically includes: firstly, calculating hash value of updating packet0Then decrypting the signature value using a decryption algorithmObtain hash1=Dk(S,Qi) If hash0And hash1And if the two are equal, the signature verification is successful.
2. The automobile remote updating method based on the identity identification and the bidirectional authentication as claimed in claim 1, wherein: the specific steps of issuing the update package in the step 4 are as follows:
step 41, when the OEM receives an update request of the vehicle, verifying a signature value of the update request information according to the VIN code of the vehicle;
step 42, after the verification is successful, the software supplier group corresponding to the vehicle is inquired, the update packages of all the software suppliers are repackaged into 1 update package and sent to the vehicle;
at step 43, the OEM signs the update package using the steps in step 2.
3. The automobile remote updating method based on the identity identification and the bidirectional authentication as claimed in claim 2, wherein: the specific steps of vehicle verification and update package installation in step 5 are as follows:
step 51, after the vehicle receives the update package sent by the OEM, the update gateway verifies the authenticity of the update package according to the verification algorithm in step 2;
step 52, if the signature is verified to be correct, the update package is sent to the ECU, and the ECU waits for receiving and installing the update;
and step 53, after all ECUs are updated and installed, sending an update success signal to the gateway, finishing the software update of the whole vehicle, and feeding back the final software version update state of the gateway to the OEM by the gateway.
4. The automobile remote updating method based on the identity identification and the bidirectional authentication as claimed in any one of claims 1 to 3, wherein: in the step 12, after the KMS selects the master key, 1 spare key K is pre-stored in the vehiclerootAnd judging whether the KMS is in an unsafe state or not, and if the KMS is judged to be in the unsafe state, the OEM initializes the KMS according to the step 1.
5. The automobile remote updating method based on the identity identification and the bidirectional authentication as claimed in claim 4, wherein: after the OEM initializes the KMS system according to step 1, the OEM reissues the new private key to the user, and the OEM utilizes KrootEncrypting the new key and generating an HMAC to prove the authenticity of the message, wherein the HMAC signature value is calculated as follows:
wherein:
h is a password hash algorithm;
m is a message needing signature, namely the message content sent to the server by the vehicle;
k is an identity key;
k' is a key with the same size as the block of the hash algorithm, if the length of K is smaller than the size of the block, the length of K is equal to the length of the block by filling 0, otherwise, the K is generated by H (K);
| | denotes connecting two data;
opad is a 0x5c byte sequence of the same length as the block of the hash algorithm;
ipad is a 0x36 byte sequence of the same length as the block of the hash algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010555998.7A CN111736868B (en) | 2020-06-17 | 2020-06-17 | Automobile remote updating method based on identity identification and bidirectional verification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010555998.7A CN111736868B (en) | 2020-06-17 | 2020-06-17 | Automobile remote updating method based on identity identification and bidirectional verification |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111736868A CN111736868A (en) | 2020-10-02 |
CN111736868B true CN111736868B (en) | 2022-02-15 |
Family
ID=72649615
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010555998.7A Active CN111736868B (en) | 2020-06-17 | 2020-06-17 | Automobile remote updating method based on identity identification and bidirectional verification |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111736868B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112713999B (en) * | 2020-12-28 | 2021-10-19 | 北京航空航天大学 | Networked automobile safety remote updating method based on bidirectional identity authentication |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107925568A (en) * | 2015-08-05 | 2018-04-17 | Kddi株式会社 | Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program |
CN110278543A (en) * | 2019-06-27 | 2019-09-24 | 奇瑞汽车股份有限公司 | Control system update method, device and the storage medium of automobile |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106385420A (en) * | 2016-09-29 | 2017-02-08 | 中国联合网络通信集团有限公司 | ECU software download method and device |
DK201870700A1 (en) * | 2018-06-20 | 2020-01-14 | Aptiv Technologies Limited | Over-the-air (ota) mobility services platform |
-
2020
- 2020-06-17 CN CN202010555998.7A patent/CN111736868B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107925568A (en) * | 2015-08-05 | 2018-04-17 | Kddi株式会社 | Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program |
CN110278543A (en) * | 2019-06-27 | 2019-09-24 | 奇瑞汽车股份有限公司 | Control system update method, device and the storage medium of automobile |
Non-Patent Citations (1)
Title |
---|
面向车联网信息安全问题的安全机制研究;李聪聪;《中国优秀硕士学位论文全文数据库信息科技辑》;20200115;正文第43-106页 * |
Also Published As
Publication number | Publication date |
---|---|
CN111736868A (en) | 2020-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106533655B (en) | Method for safe communication of ECU (electronic control Unit) in vehicle interior network | |
CN110597538B (en) | Software upgrading method and OTA upgrading system based on OTA upgrading system | |
CN108259465B (en) | Authentication encryption method for internal network of intelligent automobile | |
CN1832397B (en) | Authorization key, consultation and update method based on common key credentials between interface of electronic equipment | |
JP2002535740A (en) | Self-generated certificate using secure microprocessor for digital information transfer device | |
CN110650478B (en) | OTA method, system, device, SE module, program server and medium | |
JP2008507203A (en) | Method for transmitting a direct proof private key in a signed group to a device using a distribution CD | |
CN114327532A (en) | Automobile OTA (over the air) upgrade information security implementation method based on digital signature and encryption | |
CN115396121B (en) | Security authentication method for security chip OTA data packet and security chip device | |
TW201735578A (en) | Controlled secure code authentication | |
CN113852632A (en) | Vehicle identity authentication method, system, device and storage medium based on SM9 algorithm | |
CN117097462B (en) | Vehicle-mounted intelligent software upgrading encryption system based on quantum key system | |
Fuchs et al. | HIP: HSM-based identities for plug-and-charge | |
US20220182248A1 (en) | Secure startup method, controller, and control system | |
CN117220895A (en) | Method and system for public key infrastructure of serviceable electronic components in a vehicle | |
CN111736868B (en) | Automobile remote updating method based on identity identification and bidirectional verification | |
CN113098681B (en) | Port order enhanced and updatable blinded key management method in cloud storage | |
CN116232766B (en) | OTA-based data encryption system and method | |
CN114531242A (en) | Certificate upgrading method, device, equipment and storage medium | |
CN116318784B (en) | Identity authentication method, identity authentication device, computer equipment and storage medium | |
CN113721965B (en) | Upgrading method of charging pile based on safety firmware | |
US11570008B2 (en) | Pseudonym credential configuration method and apparatus | |
KR101256114B1 (en) | Message authentication code test method and system of many mac testserver | |
CN111464554B (en) | Vehicle information safety control method and system | |
WO2017126322A1 (en) | In-car computer system, vehicle, key generation device, management method, key generation method, and computer program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |