CN111865901A - Information encryption transmission method based on CAN bus - Google Patents
Information encryption transmission method based on CAN bus Download PDFInfo
- Publication number
- CN111865901A CN111865901A CN202010494110.3A CN202010494110A CN111865901A CN 111865901 A CN111865901 A CN 111865901A CN 202010494110 A CN202010494110 A CN 202010494110A CN 111865901 A CN111865901 A CN 111865901A
- Authority
- CN
- China
- Prior art keywords
- module
- communication module
- encryption
- tbox
- byte3
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000005540 biological transmission Effects 0.000 title claims abstract description 36
- 230000006854 communication Effects 0.000 claims abstract description 120
- 238000004891 communication Methods 0.000 claims abstract description 117
- 208000035139 partial with pericentral spikes epilepsy Diseases 0.000 claims description 33
- 238000006243 chemical reaction Methods 0.000 claims description 28
- 238000005516 engineering process Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 241001391944 Commicarpus scandens Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to an information encryption transmission method based on a CAN bus, which is applied to encryption processing of automobile CAN bus information transmission to ensure the safety of CAN bus data information; the information encryption of the CAN bus consists of two communication ECUs, the ECU1 sends encrypted information, and the ECU2 receives the encrypted information; the method is characterized in that: the ECU1 comprises a communication module a and an encryption module; the ECU2 includes a communication module b and a decryption module; the communication module a of the ECU1 sends the communication message to the internal encryption module, the encryption module generates an encrypted message after processing, the generated encrypted message is sent to the communication module b of the ECU2 through the communication module a of the ECU1, the communication module b of the ECU2 transmits the received encrypted message to the decryption module of the ECU2 for decryption, and the result information of the decryption success or failure is fed back to the communication module a of the ECU1 through the communication module b of the ECU 2. The invention CAN realize information encryption based on the original CAN hardware and has lower cost.
Description
Technical Field
The invention relates to an information encryption transmission method based on a CAN bus, which is applied to encryption processing of automobile CAN bus information transmission and ensures the safety of CAN bus data information.
Background
CAN bus information communication is a main mode of information interaction in an automobile, the CAN bus communication basically adopts a unified international standard, and CAN data information is easily intercepted or decoded by external equipment, so that the information safety in the automobile is seriously threatened. At present, a bus encryption technology applied to the field of automobiles basically adopts an HSM hardware encryption method based on a CAN FD bus, an encryption method based on an original CAN bus technology does not exist, if the hardware encryption technology is used, hardware of an original controller needs to be changed, the change amount is large, and the cost is high.
Disclosure of Invention
The invention aims to provide an information encryption transmission method of a CAN bus, which improves the safety of CAN bus data in information interaction in an automobile by adopting a software encryption mode.
The technical scheme of the invention is realized as follows:
the information encryption transmission method based on the CAN bus comprises two communication ECUs (electronic control units), wherein the ECU1 sends encrypted information, and the ECU2 receives the encrypted information; the method is characterized in that: the ECU1 comprises a communication module a and an encryption module; the ECU2 comprises a communication module b and a decryption module; the communication module a of the ECU1 sends the communication message to the internal encryption module, the encryption module generates an encrypted message after processing, the generated encrypted message is sent to the communication module b of the ECU2 through the communication module a of the ECU1, the communication module b of the ECU2 transmits the received encrypted message to the decryption module of the ECU2 for decryption, and the result information of the decryption success or failure is fed back to the communication module a of the ECU1 through the communication module b of the ECU 2.
In the technical scheme, the encrypted message adopts an 8-byte data field.
Further, the Byte0 is defined as operation instruction information, and the Byte1-Byte3 are defined as time stamp information of the encrypted message.
In the technical scheme, the encrypted message is sequentially encoded by 0-16777215.
Further, the bytes 4-7 are high 4 bytes of encrypted data intercepted after AES algorithm conversion is carried out on the data of the previous bytes 0-3 and the key.
A information encryption transmission method based on a CAN bus comprises the following steps:
1) the communication module a of the ECU1 passes all encrypted information to the encryption module of the ECU 1;
2) the encryption module of the ECU1 places the operation instruction of the contained information in the Byte0 bytes in the encrypted message, adds 1 to the initial timestamp before sending, and places the initial timestamp in the Byte1-Byte3 bytes in the encrypted message;
3) the data of the Byte0-Byte3 of the ECU1 is subjected to AES algorithm conversion with a key, and the intercepted high-4-Byte encrypted data is placed in the Byte4-Byte7 bytes;
4) the encryption module of the ECU1 transmits the processed encrypted message to the communication module a of the ECU 1;
5) the communication module a of the ECU1 sends the encrypted message to the communication module b of the ECU2 through the CAN bus;
6) the communication module b of the ECU2 transmits the received encrypted message to a decryption module of the ECU2 for data decryption;
7) The decryption module of the ECU2 carries out AES algorithm conversion on the Byte0-Byte3 and the key of the received encrypted message, intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the ECU1, if the high 4-Byte encrypted data are the same, the step 8) is executed, if the high 4-Byte encrypted data are different, the step is terminated, and the failure result is fed back to the ECU 1;
8) the decryption module of the ECU2 judges the difference between the time stamps of the Byte1-Byte3 and the time stamp of the ECU1, if the difference between the time stamp of the Byte1-Byte3 from the ECU1 and the time stamp value in the ECU2 is more than or equal to 1 and less than or equal to 10, the operation instruction of the Byte0 is executed, the time stamp stored in the ECU is replaced by the time stamp data of the Byte1-Byte3 in the ECU1, and if the difference is not more than 1 and less than or equal to 10, the operation is terminated, and the failure result is fed back to the ECU 1.
A CAN bus-based information encryption transmission method is used for realizing remote engine starting message sending, an ECU1 is TBOX, an ECU2 is PEPS, the TBOX and the PEPS write the same key value in advance, the initial value of a timestamp is set to be 0, and the method is implemented according to the following steps:
1) the communication module a of the TBOX transmits a signal for starting the engine to the encryption module of the TBOX;
2) the encryption module of TBOX puts the operation command of starting the engine in Byte0 bytes in the encrypted message, adds 1 to the initial time stamp before sending, and puts Byte1-Byte3 bytes in the encrypted message;
3) The TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
4) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
5) the communication module a of the TBOX sends the encrypted message to the communication module b of the PEPS through the CAN bus;
6) the communication module b of the PEPS transmits the received encrypted message to a decryption module of the PEPS for data decryption;
7) the decryption module of the PEPS performs AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, and after comparison, the comparison results are the same;
8) the decryption module of the PEPS judges the difference value of the Byte1-Byte3 and the timestamp of the PEPS, the difference value of the timestamp of the Byte1-Byte3 from the TBOX and the timestamp value inside the PEPS is equal to 1, the PEPS executes an instruction for starting the engine, replaces the stored timestamp of the PEPS with the timestamp data 1 of the Byte1-Byte3 in the TBOX, and the whole encryption communication process is finished.
The information encryption transmission method based on the CAN bus realizes the remote unlocking of the car door message transmission by the CAN bus information encryption transmission method, the ECU1 is TBOX, the ECU2 is BCM, different key values are written in advance into the TBOX and the BCM, the initial value of the timestamp is set to be 0, and the method is implemented according to the following steps:
1) The communication module a of the TBOX transmits a signal for unlocking the vehicle door to the encryption module of the TBOX;
2) the TBOX encryption module places an operation instruction for unlocking the vehicle door in Byte0 bytes in an encryption message, adds 1 to an initial timestamp before sending, and places the initial timestamp in Byte1-Byte3 bytes in the encryption message;
3) the TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
4) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
5) the communication module a of the TBOX sends the encrypted message to a communication module b of the BCM through a CAN bus; 6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
7) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key thereof, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, the comparison results are different because the key values of the TBOX and the BCM are different, the BCM feeds the failure result back to the TBOX, the communication is finished, and the BCM cannot carry out remote vehicle door unlocking operation.
The utility model provides a transmission method is encrypted to information based on CAN bus, realizes remote control unblock suitcase message transmission through CAN bus information encryption, and ECU1 is BLE, and ECU2 is BCM, and the same key value is write into in advance to both sides, and the timestamp of BLE sets up to 10, and BCM's timestamp sets up to 0, carries out according to following step:
1) The communication module a of the BLE transmits a signal for remotely unlocking the luggage case to the encryption module of the BCM;
2) the encryption module of BLE places the operation instruction of the remote control unlocking luggage case in Byte0 bytes in the encryption message, adds 1 to the initial timestamp before sending, and places the operation instruction in Byte1-Byte3 bytes in the encryption message;
3) the method comprises the steps that data of Byte0-Byte3 of BLE and a key are subjected to AES algorithm conversion, and intercepted high-4-Byte encrypted data are placed in bytes of Byte4-Byte 7;
4) the encryption module of BLE transmits the processed encrypted message to a communication module a of BLE;
5) the communication module a of the BLE sends the encrypted message to a communication module b of the BCM through a CAN bus; 6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
6) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the BLE, and after comparison, the comparison results are the same;
8) the decryption module of BCM judges the difference value between the Byte1-Byte3 and the timestamp of the BCM, the difference value between the timestamp of the Byte1-Byte3 from BLE and the timestamp value in the BCM is equal to 11, the timestamp difference value exceeds the set range, the communication is terminated, the BCM feeds back the failure result to BLE, and the BCM fails to execute the operation of remotely unlocking the luggage case.
Compared with the prior art, the invention has the beneficial technical effects that:
the invention CAN realize information encryption on the basis of the original CAN hardware, does not need to change the hardware circuit of the original CAN controller and has lower cost. The encryption transmission method has simple logic, CAN be realized on different CAN chips, and has less software code development amount. The encryption logic performs segmentation operation on the CAN message, so that the message is higher in safety and is not easy to break.
Drawings
FIG. 1 is a system structure diagram of a CAN bus-based information encryption transmission method according to the present invention;
fig. 2 is a schematic diagram of an information processing and transmitting process of the information encryption transmitting method based on the CAN bus according to the present invention.
Detailed Description
The CAN bus information encryption comprises two communication ECUs, the ECU1 sends encrypted information, and the ECU2 receives the encrypted information. The method is characterized in that: the ECU1 comprises a communication module a and an encryption module; the ECU2 includes a communication module b and a decryption module; the communication module a of the ECU1 sends the communication message to the internal encryption module, the encryption module generates an encrypted message after processing, the generated encrypted message is sent to the communication module b of the ECU2 through the communication module a of the ECU1, the communication module b of the ECU2 transmits the received encrypted message to the decryption module of the ECU2 for decryption, and the result information of the decryption success or failure is fed back to the communication module a of the ECU1 through the communication module b of the ECU 2.
The encrypted message is characterized in that: the CAN bus message adopts an 8-Byte data field, the Byte0 is defined as operation instruction information, the Byte1-Byte3 is defined as time stamp information of the message, the message is sequentially encoded by 0-16777215, and the Byte4-Byte7 is high-4-Byte encrypted data intercepted after AES algorithm conversion is carried out on data of the previous Byte0-Byte3 and a key.
As shown in fig. 1, the system is composed of an ECU1, an ECU2 and a CAN bus assembly, wherein a1 st node and a 2 nd node are connected through a CAN bus 3, the node 1 transmits encrypted information, and the node 2 receives encrypted information. The node 1 comprises a communication module a1-1 and an encryption module 1-2; the node 2 comprises a communication module b2-1 and a decryption module 2-2; the communication module a1-1 of the node 1 sends the communication message to the internal encryption module 1-2, the encryption module 1-2 generates the encryption message after processing, the generated encryption message is sent to the communication module b2-1 of the node 2 through the communication module a1-1 of the node 1, the communication module b2-1 of the node 2 transmits the received encryption message to the decryption module 2-2 of the node 2 for decryption, and the result information of the decryption success or failure is fed back to the communication module a1-1 of the node 1 by the communication module b2-1 of the node 2.
Table 1 shows the format of the encrypted message;
TABLE 1
The pre-encrypted CAN bus message consists of an 8-Byte data field, the Byte0 is defined as operation instruction information, the Byte1-Byte3 is defined as time stamp information of the message, the message is sequentially encoded by adopting 0-16777215, the data and the key of the Byte0-Byte3 are converted by using an AES algorithm, the high 4 bytes are intercepted after the conversion and serve as encrypted data which are stored in the Byte4-Byte7, and the encrypted message CAN be transmitted on a bus.
A specific information encryption transmission method is shown in fig. 2:
1) the communication module of ECU1 passes all encrypted information to the encryption module of ECU 1;
2) the encryption module of the ECU1 places the operation instruction of the contained information in the Byte0 bytes in the encrypted message, adds 1 to the initial timestamp before sending, and places the initial timestamp in the Byte1-Byte3 bytes in the encrypted message;
3) the data of the Byte0-Byte3 of the ECU1 is subjected to AES algorithm conversion with a key, and the intercepted high-4-Byte encrypted data is placed in the Byte4-Byte7 bytes;
4) the encryption module of the ECU1 transmits the processed encrypted message to the communication module of the ECU 1;
5) the communication module of the ECU1 sends the encrypted message to the communication module of the ECU2 through the CAN bus;
6) the communication module of the ECU2 transmits the received encrypted message to the decryption module of the ECU2 for data decryption;
7) The decryption module of the ECU2 carries out AES algorithm conversion on the Byte0-Byte3 and the key of the received encrypted message, intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the ECU1, executes the step 8 if the high 4-Byte encrypted data are the same, terminates if the high 4-Byte encrypted data are different, and feeds back the failure result to the ECU 1;
8) the decryption module of the ECU2 judges the difference between the time stamps of the Byte1-Byte3 and the time stamp of the ECU 3578, if the difference between the time stamp of the Byte1-Byte3 from the ECU1 and the time stamp value in the ECU2 is more than or equal to 1 and less than or equal to 10, the operation instruction of the Byte0 is executed, the time stamp stored in the ECU is replaced by the time stamp data of the Byte1-Byte3 in the ECU1, and if the difference is not more than 1 and less than or equal to 10, the operation is terminated, and the failure result is fed back to the ECU 1;
example 1
As shown in fig. 2, a vehicle type realizes remote engine message transmission through a CAN bus information encryption transmission method, the ECU1 is TBOX, the ECU2 is PEPS, the same key value is written in advance by TBOX and PEPS, the initial value of the timestamp is set to 0, and the method is executed according to the following steps:
6) the communication module a of the TBOX transmits a signal for starting the engine to the encryption module of the TBOX;
7) the encryption module of TBOX puts the operation command of starting the engine in Byte0 bytes in the encrypted message, adds 1 to the initial time stamp before sending, and puts Byte1-Byte3 bytes in the encrypted message;
8) The TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
9) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
10) the communication module a of the TBOX sends the encrypted message to the communication module b of the PEPS through the CAN bus;
6) the communication module b of the PEPS transmits the received encrypted message to a decryption module of the PEPS for data decryption;
7) the decryption module of the PEPS performs AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, and after comparison, the comparison results are the same;
8) the decryption module of the PEPS judges the difference value of the Byte1-Byte3 and the timestamp of the PEPS, the difference value of the timestamp of the Byte1-Byte3 from the TBOX and the timestamp value inside the PEPS is equal to 1, the PEPS executes an instruction for starting the engine, replaces the stored timestamp of the PEPS with the timestamp data 1 of the Byte1-Byte3 in the TBOX, and the whole encryption communication process is finished.
Example 2
As shown in fig. 2, a certain vehicle type realizes remote unlocking vehicle door message transmission by a CAN bus information encryption transmission method, the ECU1 is TBOX, the ECU2 is BCM, different key values are written in advance in TBOX and BCM, the initial value of the timestamp is set to 0, and the method is executed according to the following steps:
6) The communication module a of the TBOX transmits a signal for unlocking the vehicle door to the encryption module of the TBOX;
7) the TBOX encryption module places an operation instruction for unlocking the vehicle door in Byte0 bytes in an encryption message, adds 1 to an initial timestamp before sending, and places the initial timestamp in Byte1-Byte3 bytes in the encryption message;
8) the TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
9) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
10) the communication module a of the TBOX sends the encrypted message to a communication module b of the BCM through a CAN bus; 6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
7) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key thereof, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, the comparison results are different because the key values of the TBOX and the BCM are different, the BCM feeds the failure result back to the TBOX, the communication is finished, and the BCM cannot carry out remote vehicle door unlocking operation.
Example 3
As shown in fig. 2, a certain vehicle type realizes remote control unlocking of the message transmission of the trunk through the encryption of the CAN bus information, the ECU1 is BLE (bluetooth key), the ECU2 is BCM, both parties write the same key value in advance, the time stamp of BLE is set to 10, the time stamp of BCM is set to 0, and the method is executed according to the following steps:
7) The communication module a of the BLE transmits a signal for remotely unlocking the luggage case to the encryption module of the BCM;
8) the encryption module of BLE places the operation instruction of the remote control unlocking luggage case in Byte0 bytes in the encryption message, adds 1 to the initial timestamp before sending, and places the operation instruction in Byte1-Byte3 bytes in the encryption message;
9) the method comprises the steps that data of Byte0-Byte3 of BLE and a key are subjected to AES algorithm conversion, and intercepted high-4-Byte encrypted data are placed in bytes of Byte4-Byte 7;
10) the encryption module of BLE transmits the processed encrypted message to a communication module a of BLE;
11) the communication module a of the BLE sends the encrypted message to a communication module b of the BCM through a CAN bus;
6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
7) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the BLE, and after comparison, the comparison results are the same;
8) the decryption module of BCM judges the difference value between the Byte1-Byte3 and the timestamp of the BCM, the difference value between the timestamp of the Byte1-Byte3 from BLE and the timestamp value in the BCM is equal to 11, the timestamp difference value exceeds the set range, the communication is terminated, the BCM feeds back the failure result to BLE, and the BCM fails to execute the operation of remotely unlocking the luggage case.
Claims (9)
1. The information encryption transmission method based on the CAN bus comprises two communication ECUs (electronic control units), wherein the ECU1 sends encrypted information, and the ECU2 receives the encrypted information; the method is characterized in that: the ECU1 comprises a communication module a and an encryption module; the ECU2 comprises a communication module b and a decryption module; the communication module a of the ECU1 sends the communication message to the internal encryption module, the encryption module generates an encrypted message after processing, the generated encrypted message is sent to the communication module b of the ECU2 through the communication module a of the ECU1, the communication module b of the ECU2 transmits the received encrypted message to the decryption module of the ECU2 for decryption, and the result information of the decryption success or failure is fed back to the communication module a of the ECU1 through the communication module b of the ECU 2.
2. The information encryption transmission method based on the CAN bus according to claim 1, characterized in that:
the encrypted message uses an 8 byte data field.
3. The information encryption transmission method based on the CAN bus according to claim 2, characterized in that:
defining the Byte0 as operation instruction information, and defining the Byte1-Byte3 as time stamp information of the encrypted message.
4. The information encryption transmission method based on the CAN bus according to claim 3, characterized in that:
The encrypted messages are encoded sequentially using 0-16777215.
5. The information encryption transmission method based on the CAN bus according to claim 4, characterized in that:
the bytes 4-7 are high 4 bytes of encrypted data intercepted after AES algorithm conversion is carried out on the data of the previous bytes 0-3 and the key.
6. The information encryption transmission method based on the CAN bus according to claim 5, wherein the transmission method of the encrypted information comprises the following steps:
1) the communication module a of the ECU1 passes all encrypted information to the encryption module of the ECU 1;
2) the encryption module of the ECU1 places the operation instruction of the contained information in the Byte0 bytes in the encrypted message, adds 1 to the initial timestamp before sending, and places the initial timestamp in the Byte1-Byte3 bytes in the encrypted message;
3) the data of the Byte0-Byte3 of the ECU1 is subjected to AES algorithm conversion with a key, and the intercepted high-4-Byte encrypted data is placed in the Byte4-Byte7 bytes;
4) the encryption module of the ECU1 transmits the processed encrypted message to the communication module a of the ECU 1;
5) the communication module a of the ECU1 sends the encrypted message to the communication module b of the ECU2 through the CAN bus;
6) the communication module b of the ECU2 transmits the received encrypted message to a decryption module of the ECU2 for data decryption;
7) The decryption module of the ECU2 carries out AES algorithm conversion on the Byte0-Byte3 and the key of the received encrypted message, intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the ECU1, if the high 4-Byte encrypted data are the same, the step 8) is executed, if the high 4-Byte encrypted data are different, the step is terminated, and the failure result is fed back to the ECU 1;
8) the decryption module of the ECU2 judges the difference between the time stamps of the Byte1-Byte3 and the time stamp of the ECU1, if the difference between the time stamp of the Byte1-Byte3 from the ECU1 and the time stamp value in the ECU2 is more than or equal to 1 and less than or equal to 10, the operation instruction of the Byte0 is executed, the time stamp stored in the ECU is replaced by the time stamp data of the Byte1-Byte3 in the ECU1, and if the difference is not more than 1 and less than or equal to 10, the operation is terminated, and the failure result is fed back to the ECU 1.
7. The information encryption transmission method based on the CAN bus according to claim 6, characterized in that:
the method is implemented by a CAN bus information encryption transmission method, the ECU1 is TBOX, the ECU2 is PEPS, the TBOX and the PEPS write the same key value in advance, the initial value of the time stamp is set to be 0, and the method is implemented according to the following steps:
1) the communication module a of the TBOX transmits a signal for starting the engine to the encryption module of the TBOX;
2) the encryption module of TBOX puts the operation command of starting the engine in Byte0 bytes in the encrypted message, adds 1 to the initial time stamp before sending, and puts Byte1-Byte3 bytes in the encrypted message;
3) The TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
4) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
5) the communication module a of the TBOX sends the encrypted message to the communication module b of the PEPS through the CAN bus;
6) the communication module b of the PEPS transmits the received encrypted message to a decryption module of the PEPS for data decryption;
7) the decryption module of the PEPS performs AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, and after comparison, the comparison results are the same;
8) the decryption module of the PEPS judges the difference value of the Byte1-Byte3 and the timestamp of the PEPS, the difference value of the timestamp of the Byte1-Byte3 from the TBOX and the timestamp value inside the PEPS is equal to 1, the PEPS executes an instruction for starting the engine, replaces the stored timestamp of the PEPS with the timestamp data 1 of the Byte1-Byte3 in the TBOX, and the whole encryption communication process is finished.
8. The information encryption transmission method based on the CAN bus according to claim 6, characterized in that:
the method realizes remote unlocking vehicle door message sending through a CAN bus information encryption transmission method, wherein an ECU1 is TBOX, an ECU2 is BCM, different key values are written into the TBOX and the BCM in advance, the initial value of a timestamp is set to be 0, and the method is implemented according to the following steps:
1) The communication module a of the TBOX transmits a signal for unlocking the vehicle door to the encryption module of the TBOX;
2) the TBOX encryption module places an operation instruction for unlocking the vehicle door in Byte0 bytes in an encryption message, adds 1 to an initial timestamp before sending, and places the initial timestamp in Byte1-Byte3 bytes in the encryption message;
3) the TBOX Byte0-Byte3 data and the key are subjected to AES algorithm conversion, and then intercepted high-4-Byte encrypted data are placed in Byte4-Byte7 bytes;
4) the encryption module of the TBOX transmits the processed encrypted message to a communication module a of the TBOX;
5) the communication module a of the TBOX sends the encrypted message to a communication module b of the BCM through a CAN bus;
6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
7) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key thereof, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the TBOX, the comparison results are different because the key values of the TBOX and the BCM are different, the BCM feeds the failure result back to the TBOX, the communication is finished, and the BCM cannot carry out remote vehicle door unlocking operation.
9. The information encryption transmission method based on the CAN bus according to claim 6, characterized in that:
Realize remote control unblock suitcase message transmission through CAN bus information encryption, ECU1 is BLE, and ECU2 is BCM, and the same key value is write into in advance to both sides, and the timestamp of BLE sets up to 10, and BCM's timestamp sets up to 0, carries out according to following step:
1) the communication module a of the BLE transmits a signal for remotely unlocking the luggage case to the encryption module of the BCM;
2) the encryption module of BLE places the operation instruction of the remote control unlocking luggage case in Byte0 bytes in the encryption message, adds 1 to the initial timestamp before sending, and places the operation instruction in Byte1-Byte3 bytes in the encryption message;
3) the method comprises the steps that data of Byte0-Byte3 of BLE and a key are subjected to AES algorithm conversion, and intercepted high-4-Byte encrypted data are placed in bytes of Byte4-Byte 7;
4) the encryption module of BLE transmits the processed encrypted message to a communication module a of BLE;
5) the communication module a of the BLE sends the encrypted message to a communication module b of the BCM through a CAN bus;
6) the communication module b of the BCM transmits the received encrypted message to a decryption module of the BCM for data decryption;
6) the decryption module of the BCM carries out AES algorithm conversion on the Byte0-Byte3 of the received encrypted message and the key, then intercepts the high 4-Byte encrypted data and compares the high 4-Byte encrypted data with the Byte4-Byte7 of the BLE, and after comparison, the comparison results are the same;
8) The decryption module of BCM judges the difference value between the Byte1-Byte3 and the timestamp of the BCM, the difference value between the timestamp of the Byte1-Byte3 from BLE and the timestamp value in the BCM is equal to 11, the timestamp difference value exceeds the set range, the communication is terminated, the BCM feeds back the failure result to BLE, and the BCM fails to execute the operation of remotely unlocking the luggage case.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010494110.3A CN111865901A (en) | 2020-06-03 | 2020-06-03 | Information encryption transmission method based on CAN bus |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010494110.3A CN111865901A (en) | 2020-06-03 | 2020-06-03 | Information encryption transmission method based on CAN bus |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111865901A true CN111865901A (en) | 2020-10-30 |
Family
ID=72985839
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010494110.3A Pending CN111865901A (en) | 2020-06-03 | 2020-06-03 | Information encryption transmission method based on CAN bus |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111865901A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113347303A (en) * | 2021-05-20 | 2021-09-03 | 一汽奔腾轿车有限公司 | Information safety design method and system based on remote control parking |
CN114268449A (en) * | 2021-11-02 | 2022-04-01 | 浙江零跑科技股份有限公司 | Important CAN encryption method |
CN115150144A (en) * | 2022-06-20 | 2022-10-04 | 安徽江淮汽车集团股份有限公司 | Vehicle start control method and system for remote control parking system, electronic device and storage medium |
CN115296861A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Network security communication method and control device of vehicle-mounted CAN bus |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108207039A (en) * | 2016-12-19 | 2018-06-26 | 比亚迪股份有限公司 | Safe transmission method, external device and the car borne gateway of vehicle-mounted data |
CN109033862A (en) * | 2018-08-12 | 2018-12-18 | 吉林大学 | A kind of distributed locomotive electronic system protecting information safety method |
CN109905488A (en) * | 2019-03-20 | 2019-06-18 | 南京汽车集团有限公司 | Commercial vehicle electronic apparatus framework and its safe communication method |
CN110213018A (en) * | 2019-05-09 | 2019-09-06 | 北京汽车股份有限公司 | Data communications method, device and the vehicle of vehicle bus |
US20190362107A1 (en) * | 2017-12-19 | 2019-11-28 | C-SKY Microsystems Co. Ltd. | Advanced peripheral bus based inter-integrated circuit communication device |
-
2020
- 2020-06-03 CN CN202010494110.3A patent/CN111865901A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108207039A (en) * | 2016-12-19 | 2018-06-26 | 比亚迪股份有限公司 | Safe transmission method, external device and the car borne gateway of vehicle-mounted data |
US20190362107A1 (en) * | 2017-12-19 | 2019-11-28 | C-SKY Microsystems Co. Ltd. | Advanced peripheral bus based inter-integrated circuit communication device |
CN109033862A (en) * | 2018-08-12 | 2018-12-18 | 吉林大学 | A kind of distributed locomotive electronic system protecting information safety method |
CN109905488A (en) * | 2019-03-20 | 2019-06-18 | 南京汽车集团有限公司 | Commercial vehicle electronic apparatus framework and its safe communication method |
CN110213018A (en) * | 2019-05-09 | 2019-09-06 | 北京汽车股份有限公司 | Data communications method, device and the vehicle of vehicle bus |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113347303A (en) * | 2021-05-20 | 2021-09-03 | 一汽奔腾轿车有限公司 | Information safety design method and system based on remote control parking |
CN114268449A (en) * | 2021-11-02 | 2022-04-01 | 浙江零跑科技股份有限公司 | Important CAN encryption method |
CN114268449B (en) * | 2021-11-02 | 2023-08-29 | 浙江零跑科技股份有限公司 | Important CAN encryption method |
CN115150144A (en) * | 2022-06-20 | 2022-10-04 | 安徽江淮汽车集团股份有限公司 | Vehicle start control method and system for remote control parking system, electronic device and storage medium |
CN115296861A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Network security communication method and control device of vehicle-mounted CAN bus |
CN115296861B (en) * | 2022-07-15 | 2023-06-06 | 智己汽车科技有限公司 | Network safety communication method and control device of vehicle-mounted CAN bus |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111865901A (en) | Information encryption transmission method based on CAN bus | |
Groza et al. | Security solutions for the controller area network: Bringing authentication to in-vehicle networks | |
KR102243114B1 (en) | Real-time frame authentication using id anonymization in automotive networks | |
CN106899404B (en) | Vehicle-mounted CAN FD bus communication system and method based on pre-shared key | |
CN106184122B (en) | The personal identification method of multiple validation-cross | |
US6360145B1 (en) | Vehicle platform-portable controller | |
CN203142571U (en) | Automotive body control and interaction system | |
CN104029654B (en) | Automobile anti-theft method and burglary-resisting system based on fingerprint key encryption technology | |
CN113613214B (en) | In-vehicle message authentication key management method and readable storage medium | |
CN103929428A (en) | Method for achieving communication safety of vehicle-mounted electronic information system | |
CN110380842B (en) | CAN bus message signature method, device and system suitable for intelligent network-connected automobile | |
CN104811434A (en) | Data transmission method and data reception method between controllers in vehicle network | |
Hartzell et al. | Security analysis of an automobile controller area network bus | |
CN202141943U (en) | Vehicle-mounted diagnosis safety verification system | |
CN110138823B (en) | Remote vehicle body control method and system | |
CN112559080A (en) | TBOX equipment adaptation method based on CAN bus | |
CN114928656A (en) | Communication method of automobile remote control key | |
CN111865602A (en) | Multi-party authentication method and system for heterogeneous terminal of intelligent energy service system | |
Wu et al. | Dynamic rearrangement compression algorithm for intelligent connected vehicles | |
CN116155579A (en) | Secure communication method, system, storage medium and vehicle | |
CN111212072B (en) | Vehicle safety control method and system based on superlattice encryption and decryption chip | |
CN110035080B (en) | Encryption and decryption system and method for vehicle-mounted terminal | |
CN106911807A (en) | A kind of vehicle-mounted CAN FD network design space search methods that safety is perceived | |
Liu et al. | Source identification from in-vehicle can-fd signaling: what can we expect? | |
CN114157489A (en) | Communication domain controller safety communication method based on periodic authentication handshake mechanism |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |