CN112839040B - Identity authentication method, device and medium - Google Patents

Identity authentication method, device and medium Download PDF

Info

Publication number
CN112839040B
CN112839040B CN202110007496.5A CN202110007496A CN112839040B CN 112839040 B CN112839040 B CN 112839040B CN 202110007496 A CN202110007496 A CN 202110007496A CN 112839040 B CN112839040 B CN 112839040B
Authority
CN
China
Prior art keywords
digital key
terminal
information
sharing
vehicle end
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110007496.5A
Other languages
Chinese (zh)
Other versions
CN112839040A (en
Inventor
李飞
仇兆峰
韩毅
单宏寅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ingeek Information Security Consulting Associates Co ltd
Original Assignee
Ingeek Information Security Consulting Associates Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ingeek Information Security Consulting Associates Co ltd filed Critical Ingeek Information Security Consulting Associates Co ltd
Priority to CN202110007496.5A priority Critical patent/CN112839040B/en
Publication of CN112839040A publication Critical patent/CN112839040A/en
Application granted granted Critical
Publication of CN112839040B publication Critical patent/CN112839040B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Lock And Its Accessories (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses an identity authentication method, a device and a medium, wherein the method is applied to a vehicle of a system consisting of a server, a terminal and the vehicle and comprises the following steps: receiving a sharing digital key sent by a sharing digital key holding terminal, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located; calculating hash values of vehicle end information and terminal identity information; if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal; before receiving the sharing digital key sent by the sharing digital key holding terminal, the method further comprises the following steps: acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. The method solves the problem that the safety of the identity authentication method in the prior art is weak.

Description

Identity authentication method, device and medium
Technical Field
The embodiment of the invention relates to the field of vehicle control, in particular to an identity authentication method, an identity authentication device and an identity authentication medium.
Background
With the high-speed development of technologies such as automobile sharing and unmanned technologies, great convenience is brought to our lives. However, technologies such as automobile sharing and unmanned operation are based on the Internet of vehicles, and intelligent and convenient system safety problems caused by intelligent automobiles are faced at the same time. The car networking takes 'cloud at two ends' as a main body, roadbed facilities are supplemented, objects such as intelligent network connected cars, mobile intelligent terminals, car networking service platforms and the like are included, five communication scenes of car-cloud communication, car-car communication, car-person communication, car-road communication and in-car communication are related, multifunctional car keys are popular, and signal relay and algorithm cracking threat is large. The Internet of vehicles service cloud platform faces the traditional cloud platform security problem, and the weak identity authentication enables the Internet of vehicles management platform to be exposed to an attacker and face network attack. The transmission and storage links have the risk of data theft, the excessive collection and the cross-border use of the data become the main problems of privacy protection, and the cross-border flow of the data become the potential hazards of the threat to the national security.
Based on this, the problem that the security of the identity authentication method in the prior art is weak needs to be solved at present, so as to effectively protect the user information.
Disclosure of Invention
The embodiment of the invention provides an identity authentication method, an identity authentication device and a medium, which solve the problem that the safety of the identity authentication method in the prior art is weak, so as to effectively protect user information.
In a first aspect, an embodiment of the present invention provides an identity authentication method applied to a vehicle of a system including a server, a terminal, and a vehicle, including:
the method comprises the steps of receiving a sharing digital key sent by a terminal held by the sharing digital key, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
calculating hash values of the vehicle-end information and the terminal identity information;
if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal;
before receiving the sharing digital key sent by the sharing digital key holding terminal, the method further comprises the following steps:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal;
and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
In a second aspect, an embodiment of the present invention further provides an identity authentication device, which is disposed in a vehicle of a system including a server, a terminal, and a vehicle, and is characterized in that the identity authentication device includes:
the vehicle end receiving module is used for receiving a sharing digital key, wherein the sharing digital key is generated by a terminal according to a main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
the vehicle end computing module is used for computing hash values of the vehicle end information and the terminal identity information;
the vehicle end output module is used for outputting permission control information to the sharing digital key holding terminal if the hash value is in the white list;
the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal before receiving the digital key sent by the terminal where the main digital key is located; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
In a third aspect, an embodiment of the present invention further provides an identity authentication method, which is applied to a terminal of a vehicle-to-vehicle system composed of a server, a terminal and a vehicle, and includes:
The method comprises the steps that a sharing digital key is sent to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
receiving permission control information returned by a vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list;
before a sharing digital key is sent to a vehicle end, a digital sharing key sent by a terminal where a main digital key is located is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds a hash value corresponding to the sharing digital key to a white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
In a fourth aspect, an embodiment of the present invention further provides an identity authentication device, provided in a terminal of a system including a server, a terminal, and a vehicle, including:
the terminal sending module is used for sending a sharing digital key to the vehicle end, wherein the sharing digital key is from a terminal where the main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
The terminal receiving module is used for receiving permission control information returned by the vehicle terminal, wherein the permission control information is generated by the vehicle terminal when hash values corresponding to the vehicle terminal information and the terminal identity information are in a white list;
before the sharing digital key is sent to the vehicle end, the terminal receiving module is further used for receiving the sharing key sent by the terminal digital key sharing module, and the terminal digital key sharing module is used for sending sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
In a fifth aspect, embodiments of the present invention also provide a storage medium containing computer-executable instructions which, when executed by a computer processor, are used to perform the identity authentication method according to the third aspect.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, and comprises the steps of receiving a digital key, wherein the digital key comprises vehicle end information and terminal identity information; calculating hash values of vehicle end information and terminal identity information; if the hash value is in the white list, the permission control information is output. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of an identity authentication method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a master digital key acquisition according to a first embodiment of the present invention;
FIG. 3 is a block diagram of an identity authentication device according to a second embodiment of the present invention;
fig. 4 is a flowchart of an identity authentication method according to a third embodiment of the present invention;
fig. 5 is a block diagram of an identity authentication device according to a fifth embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described by means of implementation examples with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Fig. 1 is a flowchart of an identity authentication method according to an embodiment of the present invention. The technical scheme of the embodiment is suitable for the condition that the vehicle end verifies the identity of the terminal. The method can be executed by the identity authentication device provided by the embodiment of the invention, and the device can be realized in a software and/or hardware mode and is configured to be applied in a processor. The method specifically comprises the following steps:
s101, receiving a sharing digital key sent by a sharing digital key holding terminal, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located.
The terminal wants to control the vehicle by means of a digital key, which is usually sent to the vehicle first in order for the vehicle to verify it. The digital key of the embodiment comprises vehicle end information and terminal identity information of a terminal held by a vehicle owner, wherein the vehicle end information comprises the vehicle end identity information and a random number generated by the vehicle end. Further, the digital key preferably also includes rights information for defining the functions of the vehicle that the user can use. Such as disabling the use of air conditioning, disabling the use of car navigation, etc.
The digital key may be a master digital key or a shared digital key. Typically, the owner of the vehicle holds a master digital key. If another person wants to use the vehicle, the owner can generate a sharing digital key based on the master digital key and then share the sharing digital key to other users so that they can use the vehicle. That is, the terminal held by the vehicle owner is the terminal where the main digital key is located, and the terminal receiving the shared digital key shared by the vehicle owner is the terminal held by the shared digital key.
It will be appreciated that if the digital key is the primary digital key, the user or owner may need to obtain the primary digital key through the terminal before using the primary digital key. As shown in fig. 2, operations performed by the vehicle end when the master digital key is acquired include: the vehicle terminal receives authentication request information sent by the terminal and sends vehicle terminal information to the terminal according to the authentication request information, wherein the authentication request information comprises terminal identity information; the method comprises the steps that a vehicle terminal receives a signature value sent by a terminal, wherein the signature value is generated by signing vehicle terminal information and terminal identity information sent by the terminal through a server; and verifying the signature value, sending a digital key to the terminal when the verification is passed, and adding the hash values of the vehicle end information and the terminal identity information to the white list, wherein the premise of the verification is that the signature value at least comprises the signature value of the server. The vehicle end preferably adopts asymmetric calculation to verify the signature value, and the premise of passing the verification is that the signature value contains the signature value of the server, the terminal identity information and the vehicle end information.
It can be understood that if the digital key is a shared digital key, the shared digital key holding terminal and the vehicle end need to acquire the information of the shared digital key first. The operation of the vehicle end when the digital key is shared comprises the following steps: the vehicle end obtains sharing information fed back when the terminal of the main digital key sends the sharing digital key to the sharing digital key holding terminal, and the sharing digital key is generated by the terminal of the main digital key according to the main digital key; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. The shared information and the shared digital key comprise terminal identity information, vehicle end information and a signature value of the server which are the same as those of the main digital key.
It can be understood that the white list in fig. 2 contains a main digital key and a shared digital key, and in general, the main digital key and the shared digital key can be distinguished by a key identifier, so that the main digital key can be managed conveniently by a vehicle owner; or each vehicle is provided with only one main digital key, and the hash value of the main digital key is arranged in the first position.
The sharing information further comprises priority and authority information, and the priority and the authority information are added into the sharing digital key when the user generates the sharing digital key according to the main digital key. And for the priority level, after generating the hash value corresponding to the sharing digital key according to the sharing information, the user adds the hash value to the position corresponding to the priority level in the white list according to the priority level in the sharing information. The user may set a priority order, such as a higher priority of the digital key corresponding to a hash value with a smaller index, and a lower priority of the digital key corresponding to a hash value with a larger index. It can be understood that the priority and the authority information in the sharing information are used for enabling the vehicle end to acquire the authority information and the priority of the corresponding digital key.
S102, calculating hash values of the vehicle-end information and the terminal identity information.
After the vehicle receives the digital key, whether the digital key is a main digital key or a shared digital key, hash value operation is firstly carried out on the vehicle end information and the terminal identity information in the received digital key to obtain hash values of the vehicle end information and the terminal identity information. Preferably, the vehicle hashes the vehicle identification information in the digital key, the random number generated by the vehicle and the terminal identification information to obtain a hash value. And the vehicle-end information and the terminal identity information are encrypted through hash operation, so that the safety of the user information is improved.
S103, if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal.
After the hash value is obtained, the hash value is compared with the hash value in the white list, and if the obtained hash value is in the white list, the permission control information is sent to the source terminal of the digital key through verification of the digital key corresponding to the hash value. It will be appreciated that if the digital key is a shared digital key that includes rights information, then the permission control information also includes rights information, and the source terminal of the digital key can only use the vehicle within the scope of the rights defined by the rights information.
Further, if the vehicle end receives a plurality of digital keys at the same time, it is necessary to determine the priority level of each digital key first, which may be embodied in the serial number of the hash value in the white list, and after the priority level of the digital key is determined, the permission control information is sent to the source terminal of the digital key with the highest priority level, and the prohibition control information is sent to the source terminals of other digital keys.
In order to improve the security of the white list, the white list data of the present embodiment is stored in a nonvolatile memory in a scattered manner.
S104, if the hash value is not in the white list, outputting forbidden control information to the sharing digital key holding terminal.
It can be understood that if the obtained hash value is not in the white list, the digital key corresponding to the hash value cannot pass the authentication, and the prohibition control information is sent to the source terminal of the digital key, that is, the digital key is not allowed to control the current vehicle. Digital keys that are not on the whitelist, typically illegal keys or unregistered keys, cannot allow them to control the vehicle. Thus, the safety of the vehicle can be ensured, and the identity authentication time can be shortened.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, and comprises the steps of receiving a sharing digital key, wherein the sharing digital key comprises vehicle end information and terminal identity information of a terminal where a main digital key is positioned; calculating hash values of vehicle end information and terminal identity information; and if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
Example two
Fig. 3 is a block diagram of an identity authentication device according to a second embodiment of the present invention. The device is used for executing the identity authentication method provided by any embodiment, and the device can be realized in software or hardware. The device comprises:
the vehicle end receiving module 11 is configured to receive a sharing digital key sent by a sharing digital key holding terminal, where the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key, and includes vehicle end information and terminal identity information of the terminal where the main digital key is located;
the vehicle end computing module 12 is used for computing hash values of the vehicle end information and the terminal identity information;
and the vehicle end output module 13 is used for outputting permission control information to the sharing digital key holding terminal if the hash value is in the white list.
The vehicle-end sharing key module 14 is configured to, before receiving the sharing digital key sent by the sharing digital key holding terminal, further include: acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
The vehicle-end information comprises vehicle-end identity information and random numbers, and the digital key is a main digital key or a shared digital key.
The vehicle end computing module is also used for: and outputting inhibition control information if the hash value is not in the white list.
The device also comprises a vehicle-end digital key generation module, a terminal identification module and a terminal identification module, wherein the vehicle-end digital key generation module is used for receiving authentication request information sent by a terminal where a main digital key is located and sending vehicle-end information to the terminal where the main digital key is located according to the authentication request information, and the authentication request information comprises terminal identification information of the terminal where the main digital key is located; the method comprises the steps of receiving a signature value sent by a terminal where a main digital key is located, wherein the signature value is generated by signing vehicle end information and terminal identity information sent by the terminal where the main digital key is located by a server; and verifying the signature value, sending the main digital key to a terminal where the main digital key is located when the verification passes, and adding the hash value of the vehicle end information and the terminal identity information to a white list, wherein the premise of the verification passing is that: the signature value comprises at least the signature value of the server.
The vehicle-end adding unit is specifically configured to generate a hash value corresponding to the sharing digital key according to the sharing information, and add the hash value of the sharing digital key to a white list position corresponding to the priority. Correspondingly, the vehicle end output module is specifically used for: if the hash value is in the white list, judging the number of the digital keys in the white list of the hash value received at the current moment; outputting permission control information if the number is 1; and if the number is at least two, outputting permission control information to the source terminal of the digital key with the highest hash value priority.
The technical scheme of the identity authentication device provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, the shared digital key sent by a shared digital key holding terminal is received through a vehicle end receiving module, and the shared digital key is generated by the terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information; calculating hash values of the vehicle end information and the terminal identity information through a vehicle end calculation module; based on the vehicle end output module, if the hash value is in the white list, outputting permission control information; the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal before receiving the digital key sent by the terminal where the main digital key is located; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
The identity authentication device provided by the embodiment of the invention can execute the identity authentication method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example III
Fig. 4 is a flowchart of an identity authentication method according to a third embodiment of the present invention. The technical scheme of the embodiment is suitable for the condition that the vehicle end verifies the identity of the terminal, and is applied to the terminal of the vehicle-to-vehicle system consisting of the server, the terminal and the vehicle. The method can be executed by the identity authentication device provided by the embodiment of the invention, and the device can be realized in a software and/or hardware mode and is configured to be applied in a processor. The method specifically comprises the following steps:
s201, sending a sharing digital key to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located.
The terminal wants to control the vehicle by means of a digital key, which is usually sent to the vehicle first in order for the vehicle to verify it. The digital key of the embodiment includes vehicle-end information and terminal identity information, wherein the vehicle-end information includes vehicle-end identity information and a random number generated by the vehicle-end. Further, the digital key preferably also includes rights information for defining the functions of the vehicle that the user can use. Such as disabling the use of air conditioning, disabling the use of car navigation, etc.
The digital key may be a master digital key or a shared digital key. Typically, the owner of the vehicle holds a master digital key. If another person wants to use the vehicle, the owner can generate a sharing digital key based on the master digital key and then share the sharing digital key to the user of the vehicle to enable the user to use the vehicle.
It will be appreciated that if the digital key is the primary digital key, the user or owner may need to acquire the primary digital key before using the primary digital key. As shown in fig. 2, the operations performed by the terminal when the master digital key is acquired include: authentication request information is sent to a vehicle end, wherein the authentication request information comprises terminal identity information; receiving vehicle end information sent by a vehicle end according to authentication request information; the terminal identity information and the vehicle end information are sent to a server, and a signature value returned by the server is received; the signature value is sent to the vehicle end, so that the vehicle end verifies the signature value, a digital key is returned when verification passes, and the hash value of the vehicle end information and the terminal identity information is added to the white list, wherein the premise of the verification passing is that the signature value at least comprises the signature value of the server, and the signature value of the server, the terminal identity information and the vehicle end information are preferably included.
It can be understood that if the digital key shares the digital key, the terminal and the vehicle end need to acquire the information of sharing the digital key first. The operations executed by the terminal when the sharing digital key is acquired include: and the terminal of the main digital key sends sharing information to the vehicle end when sending the sharing digital key to the target terminal, namely to the sharing digital key holding terminal, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal of the main digital key according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information. The shared information and the shared digital key comprise terminal identity information, vehicle end information and a signature value of the server which are the same as those of the main digital key.
The sharing information further comprises priority and authority information, and the priority and the authority information are added into the sharing digital key when the user generates the sharing digital key according to the main digital key. And for the priority level, after generating the hash value corresponding to the sharing digital key according to the sharing information, the user adds the hash value to the position corresponding to the priority level in the white list according to the priority level in the sharing information. It can be understood that the priority and the authority information in the sharing information are used for enabling the vehicle end to acquire the authority information and the priority of the corresponding digital key.
S202, receiving permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list.
After the vehicle receives the digital key, hash value operation is carried out on the vehicle-end information and the terminal identity information in the digital key to obtain hash values of the vehicle-end information and the terminal identity information. Preferably, the vehicle hashes the vehicle identification information in the digital key, the random number generated by the vehicle and the terminal identification information to obtain a hash value. Comparing the hash value with the hash value in the white list, and if the obtained hash value is in the white list, transmitting permission control information to a source terminal of the digital key through verification of the digital key corresponding to the hash value. It will be appreciated that if the digital key is a shared digital key that includes rights information, then the permission control information also includes rights information, and the source terminal of the digital key can only use the vehicle within the scope of the rights defined by the rights information.
It can be understood that the terminal may also receive the prohibition control information, which may be the case because the vehicle end does not pass the authentication of the terminal, that is, the hash value corresponding to the digital key sent by the terminal is not in the whitelist; it may also be because the vehicle end receives other digital keys and has a higher priority than the digital key of the current terminal.
Before the sharing digital key is sent to the vehicle end, the digital sharing key sent by the terminal is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a terminal of a system consisting of a server, a terminal and a vehicle, and comprises the steps of sending a sharing digital key to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information; and receiving permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list. And if the sharing digital key is in the white list, the sharing digital key holding terminal can control the vehicle according to the received permission control information after passing the identity authentication, so that the identity authentication is convenient for the user in an offline state, the safety is higher, and the user information leakage is prevented.
Example IV
The embodiment of the invention provides an identity authentication method, which optimizes the management of a white list on the basis of the embodiment.
If the user finds that the digital key is revealed or attacked, the attacked information can be sent to the server, and after the server receives the attacked information, the digital key corresponding to the terminal identity information in the attacked information is deleted, so that the lawless persons are prevented from continuously using the digital key. The server deletes the digital key and sends the cancellation information of the cancellation digital key to the terminal, and sends the cancellation information of the cancellation digital key to the vehicle end through the terminal, and the vehicle end cancels the digital key according to the cancellation information.
If the terminal sending the attack information holds a main digital key, the vehicle end deletes the hash value corresponding to the main digital key in the white list and the hash value of the shared digital key generated based on the main digital key; if the terminal sending the attack information holds the sharing digital key, the vehicle end deletes the hash value corresponding to the sharing digital key in the white list.
After deleting the digital key corresponding to the terminal, the terminal may acquire the master digital key according to the method described in the foregoing embodiment. It can be understood that the random numbers in the vehicle-end information of the newly acquired main digital key are different, and the signature values of the server on the terminal identity information and the vehicle-end information are also different.
In addition, if the vehicle owner wants to revoke a certain sharing digital key, the vehicle owner can directly send a revocation request to the vehicle end, and the vehicle end deletes the hash value corresponding to the sharing digital key in the white list based on the revocation request.
In order to improve the convenience of digital key management, when a vehicle owner shares a digital key, valid time is added in authority information, and then the digital key added with the valid time is valid only in the valid time, and automatically fails once the valid time is exceeded, that is, a vehicle end automatically deletes a hash value from a white list or moves the hash value to other positions once the valid time is exceeded.
The hash value of the digital key is stored in the white list, so that the method has higher safety, and the flow and time of user identity authentication can be reduced on the premise of ensuring the safety of user information; and the hash value in the white list is easy to add and cancel, so that the user can use the hash value conveniently.
Example five
Fig. 5 is a block diagram of an identity authentication device according to a fifth embodiment of the present invention. The device is used for executing the identity authentication method provided by any embodiment, and the device can be realized in software or hardware. The device comprises:
The terminal sending module 21 is configured to send a sharing digital key to the vehicle end, where the sharing digital key is from a terminal where the main digital key is located, and the vehicle end information and the terminal identity information of the terminal where the main digital key is located;
the terminal receiving module 22 is configured to receive permission control information returned by the vehicle end, where the permission control information is generated by the vehicle end when a hash value corresponding to the vehicle end information and the terminal identity information is in a white list;
before sending the sharing digital key to the vehicle end, the terminal receiving module 22 is further configured to receive the sharing key sent by the terminal digital key sharing module, and the terminal digital key sharing module sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, where the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
The terminal receiving module is further used for receiving forbidden control information returned by the vehicle end, wherein the forbidden control information is generated by the vehicle end when hash values of the vehicle end information and the terminal identity information are not in a white list.
The vehicle-end information comprises vehicle-end identity information and random numbers. The digital key is a master digital key or a shared digital key.
The device also comprises a terminal digital key acquisition module, a terminal digital key acquisition module and a terminal digital key acquisition module, wherein the terminal digital key acquisition module is used for transmitting authentication request information to a vehicle end, and the authentication request information comprises terminal identity information of a terminal where a main digital key is positioned; receiving vehicle end information sent by a vehicle end according to the authentication request information; the terminal identity information and the vehicle end information are sent to a server, and a signature value returned by the server is received; the signature value is sent to a vehicle end, the vehicle end verifies the signature value, a digital key is returned when verification passes, and the hash value of the vehicle end information and the terminal identity information is added to a white list, wherein the premise of the verification passing is that: the signature value comprises at least the signature value of the server.
Preferably, the terminal digital key sharing module generates a sharing digital key according to the main digital key and the priority level input or selected by the user; and sending the sharing digital key to the target terminal, namely the sharing digital key holding terminal, and simultaneously sending sharing information to the vehicle end.
The device also comprises a reporting module which is used for sending the attacked information to the server so that the server deletes the main digital key corresponding to the terminal identity information in the attacked information.
The technical scheme of the identity authentication device provided by the embodiment of the invention is applied to a terminal of a system consisting of a server, a terminal and a vehicle, and a digital key is sent to a vehicle end through a terminal sending module and comprises vehicle end information and terminal identity information; and receiving permission control information returned by the vehicle end through the terminal receiving module, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list. And if the sharing digital key is in the white list, the sharing digital key holding terminal can control the vehicle according to the received permission control information after passing the identity authentication, so that the identity authentication is convenient for the user in an offline state, the safety is higher, and the user information leakage is prevented.
The identity authentication device provided by the embodiment of the invention can execute the identity authentication method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example six
A sixth embodiment of the present invention also provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are for performing a method of identity authentication, the method comprising:
the method comprises the steps that a sharing digital key is sent to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located, and vehicle end information and terminal identity information of the terminal where the main digital key is located;
receiving permission control information returned by a vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list;
before a sharing digital key is sent to a vehicle end, a digital sharing key sent by a terminal where a main digital key is located is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds a hash value corresponding to the sharing digital key to a white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform the related operations in the identity authentication method provided in any embodiment of the present invention. The computer storage medium may be any tangible medium, such as floppy diskettes, CD-ROMs, DVDs, hard drives, even network media, etc.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program to instruct related hardware, the program may be stored in a computer readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, etc.
It should be understood that while one form of implementation of the embodiments of the present invention has been described above as a computer program product, the method or apparatus of embodiments of the present invention may be implemented in software, hardware, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or special purpose design hardware. Those of ordinary skill in the art will appreciate that the methods and apparatus described above may be implemented using computer executable instructions and/or embodied in processor control code, such as provided on a carrier medium such as a magnetic disk, CD or DVD-ROM, a programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The methods and apparatus of the present invention may be implemented by hardware circuitry, such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., as software executed by various types of processors, or by a combination of the above hardware circuitry and software, such as firmware.
It should be understood that while several modules or units of apparatus are mentioned in the detailed description above, such partitioning is merely exemplary and not mandatory. Indeed, according to exemplary embodiments of the invention, the features and functions of two or more modules/units described above may be implemented in one module/unit, whereas the features and functions of one module/unit described above may be further divided into a plurality of modules/units. Furthermore, certain modules/units described above may be omitted in certain application scenarios.
It should be understood that the description is only intended to describe some key, not necessarily essential, techniques and features in order not to obscure the embodiments of the invention, and may not be illustrative of some features that may be implemented by those skilled in the art.
The foregoing is only illustrative of the present invention and is not to be construed as limiting thereof, but rather as presently claimed, and is intended to cover all modifications, alternatives, and equivalents falling within the spirit and scope of the invention.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be made by one skilled in the art without departing from the spirit and scope of the invention, and the scope of the invention should be assessed accordingly to that of the appended claims.

Claims (9)

1. An identity authentication method applied to a vehicle of a system consisting of a server, a terminal and a vehicle, comprising:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
Outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
wherein, main digital key acquires, includes:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server; and verifying the signature value, sending the main digital key to the terminal where the main digital key is located when the verification is passed, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list.
2. The method according to claim 1, wherein after calculating the hash values of the vehicle-side information and the terminal identity information, further comprising:
And if the hash value is not in the white list, outputting forbidden control information to the sharing digital key holding terminal.
3. The method of claim 1, wherein the vehicle-side information includes vehicle-side identity information and a random number.
4. An authentication apparatus provided in a vehicle of a system constituted by a server, a terminal, and a vehicle, comprising:
the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal; the sharing information comprises priority and authority information; generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
the vehicle end receiving module is used for receiving the sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
The vehicle end computing module is used for computing hash values of the vehicle end information and the terminal identity information;
the vehicle end output module is used for judging the number of the digital keys of the hash value received at the current moment in the white list if the hash value is in the white list; outputting permission control information if the number is 1; if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
wherein, main digital key acquires, includes:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server; and verifying the signature value, sending the main digital key to the terminal where the main digital key is located when the verification is passed, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list.
5. An identity authentication method, comprising:
the terminal where the main digital key is located generates a sharing digital key according to the main digital key and the priority level input or selected by the user;
the terminal where the main digital key is located sends the sharing digital key to a sharing digital key holding terminal;
the sharing digital key holding terminal sends the sharing digital key to a vehicle end;
the vehicle end performs the following steps:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
Calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
when the master digital key is acquired, the vehicle end executing operation comprises:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server;
the server verifies the signature value, sends the main digital key to the terminal where the main digital key is located when verification passes, and adds the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list;
And the sharing digital key holding terminal receives the permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when the hash value corresponding to the vehicle end information and the terminal identity information of the terminal where the digital key is positioned is in a white list.
6. The method of claim 5, wherein after the sharing digital key holder terminal transmits the sharing digital key to the vehicle end, further comprising:
and the sharing digital key holding terminal receives the forbidden control information returned by the vehicle end, wherein the forbidden control information is generated by the vehicle end when the hash value corresponding to the vehicle end information and the terminal identity information of the terminal where the digital key is positioned is not in a white list.
7. The method of claim 5, wherein the vehicle-side information includes vehicle-side identity information and a random number.
8. An identity authentication system, comprising:
the terminal where the main digital key is located is used for generating a sharing digital key according to the main digital key and the priority level input or selected by the user;
the terminal where the main digital key is located is also used for sending the sharing digital key to a sharing digital key holding terminal;
The sharing digital key holding terminal is used for sending the sharing digital key to a vehicle end;
the vehicle end is used for:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
Outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
when the master digital key is acquired, the vehicle end executing operation comprises:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server;
the server is used for verifying the signature value, sending the main digital key to the terminal where the main digital key is located when verification passes, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list;
the sharing digital key holding terminal is further configured to receive permission control information returned by the vehicle end, where the permission control information is generated by the vehicle end when a hash value corresponding to the vehicle end information and terminal identity information of a terminal where the digital key is located is in a white list.
9. A storage medium containing computer executable instructions which, when executed by a computer processor, are for performing the identity authentication method of any one of claims 1-3 or 5-7.
CN202110007496.5A 2018-12-26 2018-12-26 Identity authentication method, device and medium Active CN112839040B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110007496.5A CN112839040B (en) 2018-12-26 2018-12-26 Identity authentication method, device and medium

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110007496.5A CN112839040B (en) 2018-12-26 2018-12-26 Identity authentication method, device and medium
CN201811601776.3A CN109361718B (en) 2018-12-26 2018-12-26 Identity authentication method, apparatus and medium

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201811601776.3A Division CN109361718B (en) 2018-12-26 2018-12-26 Identity authentication method, apparatus and medium

Publications (2)

Publication Number Publication Date
CN112839040A CN112839040A (en) 2021-05-25
CN112839040B true CN112839040B (en) 2023-08-04

Family

ID=65330126

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201811601776.3A Active CN109361718B (en) 2018-12-26 2018-12-26 Identity authentication method, apparatus and medium
CN202110007496.5A Active CN112839040B (en) 2018-12-26 2018-12-26 Identity authentication method, device and medium

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201811601776.3A Active CN109361718B (en) 2018-12-26 2018-12-26 Identity authentication method, apparatus and medium

Country Status (1)

Country Link
CN (2) CN109361718B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109859362B (en) * 2019-03-13 2021-04-27 江苏金致新能源车业有限公司 Intelligent key control method for electric vehicle
CN111047740A (en) * 2019-11-22 2020-04-21 上海银基信息安全技术股份有限公司 Digital key sharing method
CN111328051B (en) * 2020-02-25 2023-08-29 上海银基信息安全技术股份有限公司 Digital key sharing method and device, electronic equipment and storage medium
CN111314897A (en) * 2020-02-27 2020-06-19 科世达(上海)机电有限公司 Method for recording white list of vehicle Bluetooth keys
CN113920616B (en) * 2020-06-24 2023-08-08 广州汽车集团股份有限公司 Method for safely connecting vehicle with Bluetooth key, bluetooth module and Bluetooth key
CN118230451A (en) * 2021-03-19 2024-06-21 上海博泰悦臻网络技术服务有限公司 Digital key deleting method, device, equipment, system and storage medium
CN113066209A (en) * 2021-03-23 2021-07-02 上海银基信息安全技术股份有限公司 Method and device for safe off-line use of digital key and storage medium
CN118369945A (en) * 2022-11-18 2024-07-19 北京小米移动软件有限公司 Method and device for sharing digital car key and storage medium
CN117914942B (en) * 2024-03-20 2024-06-21 广东银基信息安全技术有限公司 Data request caching method and device, intelligent terminal and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043750A (en) * 2006-03-23 2007-09-26 欧姆龙株式会社 Radio communication system and method therefor and portable radio communication unit and method therefor
JP2013159980A (en) * 2012-02-06 2013-08-19 Denso Corp Electronic key system for vehicle
JP2014169059A (en) * 2013-03-05 2014-09-18 Denso Corp Vehicle function permission system
WO2015033527A1 (en) * 2013-09-06 2015-03-12 株式会社デンソー Control device and electronic key system
CN105015489A (en) * 2015-07-14 2015-11-04 杭州万好万家新能源科技有限公司 Intelligent vehicle control system based on digital key
CN106301781A (en) * 2016-07-27 2017-01-04 山东尼格电子技术有限公司 A kind of Digital Automobile cloud key share system
CN106394486A (en) * 2016-08-31 2017-02-15 长城汽车股份有限公司 Authorization method and system of virtual key and server
CN107564145A (en) * 2017-08-22 2018-01-09 济宁中科先进技术研究院有限公司 The automobile double mode automatic switch door device and its method of built-in security chip

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9740917B2 (en) * 2012-09-07 2017-08-22 Stone Lock Global, Inc. Biometric identification systems and methods
CN105976466B (en) * 2016-05-03 2020-01-10 科世达(上海)管理有限公司 Automobile entrance guard door opening method
CN106534071A (en) * 2016-10-09 2017-03-22 清华大学 Internet-of-vehicles link security authentication method and system based on device whitelist management
US20180285567A1 (en) * 2017-03-31 2018-10-04 Qualcomm Incorporated Methods and Systems for Malware Analysis and Gating Logic
CN108665337A (en) * 2017-04-01 2018-10-16 重庆无线绿洲通信技术有限公司 A kind of Vehicular system and its virtual key authentication method
CN107650863B (en) * 2017-09-19 2022-05-03 大陆投资(中国)有限公司 Vehicle sharing method and system
CN107919960A (en) * 2017-12-04 2018-04-17 北京深思数盾科技股份有限公司 The authentication method and system of a kind of application program
CN107818622A (en) * 2017-12-13 2018-03-20 美的集团股份有限公司 Offline verification method and system
CN108777691B (en) * 2018-06-12 2022-04-15 山东智慧云链网络科技有限公司 Network security protection method and device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043750A (en) * 2006-03-23 2007-09-26 欧姆龙株式会社 Radio communication system and method therefor and portable radio communication unit and method therefor
JP2013159980A (en) * 2012-02-06 2013-08-19 Denso Corp Electronic key system for vehicle
JP2014169059A (en) * 2013-03-05 2014-09-18 Denso Corp Vehicle function permission system
WO2015033527A1 (en) * 2013-09-06 2015-03-12 株式会社デンソー Control device and electronic key system
CN105015489A (en) * 2015-07-14 2015-11-04 杭州万好万家新能源科技有限公司 Intelligent vehicle control system based on digital key
CN106301781A (en) * 2016-07-27 2017-01-04 山东尼格电子技术有限公司 A kind of Digital Automobile cloud key share system
CN106394486A (en) * 2016-08-31 2017-02-15 长城汽车股份有限公司 Authorization method and system of virtual key and server
CN107564145A (en) * 2017-08-22 2018-01-09 济宁中科先进技术研究院有限公司 The automobile double mode automatic switch door device and its method of built-in security chip

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
车联网中基于群签名的身份认证协议研究;郑明辉;段洋洋;吕含笑;;工程科学与技术(04);全文 *

Also Published As

Publication number Publication date
CN112839040A (en) 2021-05-25
CN109361718A (en) 2019-02-19
CN109361718B (en) 2021-04-27

Similar Documents

Publication Publication Date Title
CN112839040B (en) Identity authentication method, device and medium
US10991175B2 (en) Repair management system for autonomous vehicle in a trusted platform
US11290437B2 (en) Trusted platform protection in an autonomous vehicle
Othmane et al. A survey of security and privacy in connected vehicles
EP3403246B1 (en) A device and method for collecting user-based insurance data in vehicles
US10602360B2 (en) Secure mobile device integration with vehicles
KR101861455B1 (en) Secure vehicular data management with enhanced privacy
EP3726865A1 (en) Method for generating and using virtual key of vehicle, system for same, and user terminal
US10515550B1 (en) Transferring control of vehicles
US10917395B2 (en) Vehicle wireless internet security
US20200235946A1 (en) Security management system for vehicle communication, operating method thereof, and message-processing method of vehicle communication service provision system having the same
CN110365486B (en) Certificate application method, device and equipment
CN109379403B (en) Control method and device of Internet of things equipment, server and terminal equipment
CN105323753A (en) In-vehicle safety module, vehicular system and method for information interaction between vehicles
Ray et al. Extensibility in automotive security: Current practice and challenges
CN112950201B (en) Node management method and related device applied to block chain system
CN108632356B (en) Vehicle control method and system based on Internet of vehicles, vehicle-mounted terminal and server
Škorput et al. Cyber security in cooperative intelligent transportation systems
Zidi et al. Review and Perspectives on the Audit of Vehicle-to-everything Communications
TW201638818A (en) Digital identity and authorization for machines with replaceable parts
Choi et al. Security threats in connected car environment and proposal of in-vehicle infotainment-based access control mechanism
US20240073037A1 (en) Internal certificate authority for electronic control unit
CN116094722A (en) Zero trust-based vehicle identity authentication method and related equipment
US20230276409A1 (en) Resource selection for 5g nr v2x pc5 mode 2
Rosenstatter Towards a Standardised Framework for Securing Connected Vehicles

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant