CN113179258A - Vehicle-mounted data encryption method based on multiple encryption algorithms - Google Patents
Vehicle-mounted data encryption method based on multiple encryption algorithms Download PDFInfo
- Publication number
- CN113179258A CN113179258A CN202110425343.2A CN202110425343A CN113179258A CN 113179258 A CN113179258 A CN 113179258A CN 202110425343 A CN202110425343 A CN 202110425343A CN 113179258 A CN113179258 A CN 113179258A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- encryption
- chip
- management chip
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a vehicle-mounted data encryption method based on multiple encryption algorithms, and belongs to the field of vehicle information security. The vehicle-mounted data encryption method based on multiple encryption algorithms firstly identifies the identity through the encryption algorithms, after the identity authentication is successful, the key interaction is carried out between the vehicle-mounted chip and the management chip, finally the vehicle-mounted chip sends the encrypted information to the management chip, and the management chip carries out decryption processing and control on the encrypted data; the method integrates various encryption algorithms, effectively improves the safety of the vehicle information, avoids the problems that the vehicle information is illegally leaked, the vehicle is illegally controlled and the like, and further improves the safety of data transmission.
Description
Technical Field
The invention relates to the technical field of vehicle information security, in particular to a vehicle-mounted data encryption method based on multiple encryption algorithms.
Background
With the wide application of information transmission technology in the automobile field, automobile intellectualization and internet networking have become a necessary development trend in the future, and the internet of vehicles is taken as an important field of deep integration of informatization and industrialization, and has important significance for promoting the integration and the upgrade of automobile, traffic and information communication industries and remodeling of related industry ecology and value chain systems. Because the automotive attribute is a safe vehicle to travel at high speeds, safety is essential rather than a rich functionality. At present, with the continuous expansion of the application range of the internet of vehicles, the security attacks are correspondingly increased, and the security accidents and the attacked problems related to the internet of vehicles are more. Only by solving the information security problem of the Internet of vehicles can the Internet of vehicles industry be guaranteed to develop steadily.
At present, vehicles are communicated in a complex environment, and vehicle information such as collected information and management information is subjected to various control and processing on a management chip in a plaintext form or a software encryption form. However, in the transmission process of the plaintext, the plaintext has natural defects, and is easy to leak, illegally tamper, counterfeit and the like, and the management chip cannot effectively identify and manage the plaintext. The software encryption method adopts a software algorithm to encrypt plaintext and decrypt the plaintext on a management chip, but in the existing environment, the encryption algorithm is not high in complexity and is easy to crack. If a higher encryption strength is to be guaranteed, a higher strength encryption algorithm is required. Such a software encryption method requires more electronic control units of the in-vehicle device and consumes excessive time to process encrypted and decrypted data, so that the requirement of the in-vehicle communication speed cannot be met. Therefore, it is necessary to provide a new vehicle-mounted data encryption method so as to meet the high-performance communication requirement.
Disclosure of Invention
The invention aims to provide a vehicle-mounted data encryption method based on a multi-encryption algorithm, so as to solve the problems of excessive consumption of the performance of an electronic control unit and information leakage in the vehicle information transmission process.
In order to solve the technical problem, the invention provides a vehicle-mounted data encryption method based on a multi-encryption algorithm, which comprises the following steps:
the encryption module of the vehicle-mounted chip encrypts the vehicle information into encrypted information;
the decryption module of the management chip decrypts the encrypted information;
the management chip verifies the authenticity of data sent by the vehicle-mounted chip; if the verification is passed, executing a corresponding instruction to complete corresponding operation; if not, it is not executed.
Optionally, the vehicle-mounted chip provides a user with a plurality of encryption algorithm choices, and the vehicle-mounted chip uses one encryption algorithm or a combination of a plurality of encryption algorithms.
Optionally, the HASH encryption algorithm used by the vehicle-mounted chip includes MD4, MD5, HASH and SM3, so as to implement encryption and decryption authentication.
Optionally, the vehicle-mounted chip performs encryption authentication by using the specified ID number, and sends the generated encryption information to the management chip; the management chip also uses the appointed ID number to carry out encryption calculation, produces a check value and compares the check value with the encryption information sent by the vehicle-mounted chip.
Optionally, the vehicle-mounted chip uses an asymmetric encryption algorithm to realize key transmission in the symmetric encryption algorithm: the vehicle-mounted chip encrypts the secret key by using an asymmetric encryption algorithm and sends a ciphertext formed after encryption to the management chip; the management chip decrypts the ciphertext to obtain a secret key; the asymmetric encryption algorithm includes RSA and SM 2.
Optionally, the vehicle-mounted chip uses a symmetric encryption algorithm including AES, 3DES, and SM4 to implement transmission data encryption: the vehicle-mounted chip encrypts data to be transmitted by using a specified symmetric encryption algorithm and sends a ciphertext formed after encryption to the management chip; the management chip uses the corresponding encryption algorithm for decryption and uses the decrypted information for processing and control.
The vehicle-mounted data encryption method based on the multi-encryption algorithm comprises the steps of transmitting identity information from a vehicle-mounted chip to a management chip, encrypting and transmitting a secret key from the vehicle-mounted chip to the management chip, and encrypting and transmitting information from the vehicle-mounted chip to the management chip. The management chip verifies the identity information of the vehicle-mounted chip, acquires the secret key, decrypts the encrypted information, acquires the vehicle information and performs corresponding processing control. According to the invention, identity recognition is carried out through an encryption algorithm, after identity authentication is successful, key interaction is carried out between a vehicle-mounted chip and a management chip, finally, the vehicle-mounted chip sends encryption information to the management chip, and the management chip carries out decryption processing and control on encrypted data; the method integrates various encryption algorithms, effectively improves the safety of the vehicle information, avoids the problems that the vehicle information is illegally leaked, the vehicle is illegally controlled and the like, and further improves the safety of data transmission.
Drawings
FIG. 1 is a schematic diagram of the identity verification of the onboard chip and the management chip of the present invention;
FIG. 2 is a diagram illustrating a vehicle chip sending a key to a management chip according to the present invention;
FIG. 3 is a schematic diagram of the vehicle-mounted information encryption of the vehicle-mounted chip to the vehicle-mounted information decryption of the management chip.
Detailed Description
The following describes a vehicular data encryption method based on multiple encryption algorithms in detail with reference to the accompanying drawings and specific embodiments. Advantages and features of the present invention will become apparent from the following description and from the claims. It is to be noted that the drawings are in a very simplified form and are not to precise scale, which is merely for the purpose of facilitating and distinctly claiming the embodiments of the present invention.
Example one
The invention provides a vehicle-mounted data encryption method based on multiple encryption algorithms. The invention transfers the existing encryption and decryption work which is responsible for software to the encryption chip to complete, and can realize the following functions:
the vehicle-mounted chip is provided with HASH encryption algorithm modules such as MD4, MD5, HASH, SM3 and the like, and can realize identity authentication between the vehicle-mounted chip and the management chip; the vehicle-mounted chip uses the appointed ID number to carry out encryption authentication and sends the produced hash value to the management chip; the management chip also uses the appointed ID number to carry out encryption calculation, produces a hash value, and carries out comparison authentication with the hash value sent by the vehicle-mounted chip. HASH algorithm, also called abstract algorithm; the algorithm can only encrypt and calculate the HASH value (digest value), is irreversible, and cannot decrypt.
As shown in fig. 1, in the vehicle information authentication process, the vehicle chip obtains a hash value (i.e., an authentication code) through calculation in encryption according to the ID number and a hash encryption algorithm, and sends the hash value to the management chip. The management chip receives a hash value (namely, an identity check code) sent by the vehicle-mounted chip, the management chip also obtains the hash value (namely, the identity check code) through calculation according to the ID number and the hash encryption algorithm, the generated hash value is compared with the received hash value, if the generated hash value is the same as the received hash value, the identity verification is considered to be passed, and other operations are supported to be executed. And if the generated hash value is different from the received hash value, the authentication is considered to be failed, and the management chip sends a warning to the user.
The initial ID number is provided when the chip is produced, is similar to the ID number and is only stored in the chip; the user can only be modified by a specific algorithm, as known by the whole car factory or the cryptographic chip supplier. The ID number is used for calculation, a digest algorithm is used, so that the vehicle-mounted chip sends encryption information, and the management chip can be obtained only by carrying out encryption calculation. This algorithm is used for cryptographic authentication. The vehicle-mounted chip uses an RSA, SM2 and other asymmetric encryption algorithms to realize the transmission of the key in the symmetric encryption algorithms; the vehicle-mounted chip encrypts the secret key by using an asymmetric encryption algorithm and sends an encrypted ciphertext to the management chip; and the management chip decrypts the ciphertext to obtain the key.
As shown in fig. 2, in the encrypted transmission process of the vehicle-mounted information, the key transmission needs to be performed first. The vehicle-mounted chip is encrypted in the encryption process according to a key to be sent and an asymmetric encryption algorithm to produce a ciphertext; the vehicle-mounted chip sends the generated ciphertext to the management chip, and the management chip decrypts the ciphertext by using an asymmetric encryption algorithm after receiving the ciphertext to obtain a plaintext, namely a secret key.
The vehicle-mounted chip uses symmetric encryption algorithms such as AES, 3DES, SM4 and the like to realize vehicle-mounted information encryption transmission; the vehicle-mounted chip encrypts vehicle-mounted information to be transmitted by using a specified algorithm and sends an encrypted ciphertext to the management chip; the management chip uses the corresponding encryption algorithm for decryption and uses the decrypted information for processing and control.
As shown in fig. 3, in the process of encrypting and transmitting the vehicle-mounted information, the vehicle-mounted chip encrypts the vehicle-mounted information according to the secret key, the data to be encrypted and the symmetric encryption algorithm during encryption to produce a ciphertext with the vehicle-mounted control information, and sends the ciphertext to the management chip. After receiving the ciphertext transmitted by the vehicle-mounted chip, the management chip decrypts the ciphertext according to the known ciphertext and the corresponding encryption algorithm to obtain the decrypted plaintext, namely the vehicle-mounted control information, and controls and processes the vehicle.
The above description is only for the purpose of describing the preferred embodiments of the present invention, and is not intended to limit the scope of the present invention, and any variations and modifications made by those skilled in the art based on the above disclosure are within the scope of the appended claims.
Claims (6)
1. A vehicle-mounted data encryption method based on multiple encryption algorithms is characterized by comprising the following steps:
the encryption module of the vehicle-mounted chip encrypts the vehicle information into encrypted information;
the decryption module of the management chip decrypts the encrypted information;
the management chip verifies the authenticity of data sent by the vehicle-mounted chip; if the verification is passed, executing a corresponding instruction to complete corresponding operation; if not, it is not executed.
2. The multi-encryption algorithm based vehicle-mounted data encryption method according to claim 1, wherein the vehicle-mounted chip provides a user with a plurality of encryption algorithm choices, and the vehicle-mounted chip uses one encryption algorithm or a combination of the encryption algorithms.
3. The vehicular data encryption method based on multiple encryption algorithms according to claim 2, wherein the HASH encryption algorithm used by the vehicular chip comprises MD4, MD5, HASH and SM3 to realize encryption and decryption authentication.
4. The multi-encryption algorithm based vehicle-mounted data encryption method according to claim 3, wherein the vehicle-mounted chip performs encryption authentication using a specified ID number and transmits generated encryption information to the management chip; the management chip also uses the appointed ID number to carry out encryption calculation, produces a check value and compares the check value with the encryption information sent by the vehicle-mounted chip.
5. The vehicle-mounted data encryption method based on multiple encryption algorithms as claimed in claim 4, characterized in that the vehicle-mounted chip uses an asymmetric encryption algorithm to realize key transmission in the symmetric encryption algorithm: the vehicle-mounted chip encrypts the secret key by using an asymmetric encryption algorithm and sends a ciphertext formed after encryption to the management chip; the management chip decrypts the ciphertext to obtain a secret key; the asymmetric encryption algorithm includes RSA and SM 2.
6. The vehicle-mounted data encryption method based on multiple encryption algorithms of claim 5, wherein the vehicle-mounted chip uses symmetric encryption algorithms including AES, 3DES and SM4 to realize transmission data encryption: the vehicle-mounted chip encrypts data to be transmitted by using a specified symmetric encryption algorithm and sends a ciphertext formed after encryption to the management chip; the management chip uses the corresponding encryption algorithm for decryption and uses the decrypted information for processing and control.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110425343.2A CN113179258B (en) | 2021-04-20 | 2021-04-20 | Vehicle-mounted data encryption method based on multi-encryption algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110425343.2A CN113179258B (en) | 2021-04-20 | 2021-04-20 | Vehicle-mounted data encryption method based on multi-encryption algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113179258A true CN113179258A (en) | 2021-07-27 |
| CN113179258B CN113179258B (en) | 2023-05-02 |
Family
ID=76924277
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110425343.2A Active CN113179258B (en) | 2021-04-20 | 2021-04-20 | Vehicle-mounted data encryption method based on multi-encryption algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113179258B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113923017A (en) * | 2021-10-08 | 2022-01-11 | 安徽江淮汽车集团股份有限公司 | Vehicle key information transmission method based on double encryption |
| CN115720179A (en) * | 2021-08-24 | 2023-02-28 | 西南大学 | Vehicle-mounted network security hybrid chip |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190116161A1 (en) * | 2016-03-31 | 2019-04-18 | Byd Company Limited | Secure communication method and apparatus for vehicle, multimedia system for vehicle, and vehicle |
| CN111294771A (en) * | 2018-12-10 | 2020-06-16 | 大陆汽车电子(连云港)有限公司 | In-vehicle device, system for implementing in-vehicle communication and related method |
| CN211606521U (en) * | 2020-03-27 | 2020-09-29 | 天津市普迅电力信息技术有限公司 | Encryption type vehicle-mounted terminal based on security chip |
| CN111787534A (en) * | 2020-07-01 | 2020-10-16 | 上海汽车集团股份有限公司 | Data encryption and decryption method and device and electronic equipment |
-
2021
- 2021-04-20 CN CN202110425343.2A patent/CN113179258B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190116161A1 (en) * | 2016-03-31 | 2019-04-18 | Byd Company Limited | Secure communication method and apparatus for vehicle, multimedia system for vehicle, and vehicle |
| CN111294771A (en) * | 2018-12-10 | 2020-06-16 | 大陆汽车电子(连云港)有限公司 | In-vehicle device, system for implementing in-vehicle communication and related method |
| CN211606521U (en) * | 2020-03-27 | 2020-09-29 | 天津市普迅电力信息技术有限公司 | Encryption type vehicle-mounted terminal based on security chip |
| CN111787534A (en) * | 2020-07-01 | 2020-10-16 | 上海汽车集团股份有限公司 | Data encryption and decryption method and device and electronic equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115720179A (en) * | 2021-08-24 | 2023-02-28 | 西南大学 | Vehicle-mounted network security hybrid chip |
| CN113923017A (en) * | 2021-10-08 | 2022-01-11 | 安徽江淮汽车集团股份有限公司 | Vehicle key information transmission method based on double encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113179258B (en) | 2023-05-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106685653B (en) | Vehicle remote firmware updating method and device based on information security technology | |
| Woo et al. | A practical wireless attack on the connected car and security protocol for in-vehicle CAN | |
| CN108698563B (en) | Secure smartphone-based access and start authorization system for vehicles | |
| US10728249B2 (en) | Approach for securing a vehicle access port | |
| EP3780481B1 (en) | Method for upgrading vehicle-mounted device, and related device | |
| US8380978B2 (en) | Electrical system of a motor vehicle with a master security module | |
| US7742603B2 (en) | Security for anonymous vehicular broadcast messages | |
| CN106357400B (en) | Establish the method and system in channel between TBOX terminal and TSP platform | |
| CN106685985B (en) | A kind of vehicle remote diagnosis system and method based on information security technology | |
| CN106572106B (en) | Method for transmitting message between TBOX terminal and TSP platform | |
| CN105635147A (en) | Vehicle-mounted-special-equipment-system-based secure data transmission method and system | |
| CN102325320A (en) | A kind of wireless security communication means and system | |
| CN112543927A (en) | Equipment upgrading method and related equipment | |
| CN105246071A (en) | Message generation and authentication methods and equipment in Internet-of-vehicles system | |
| CN113179258B (en) | Vehicle-mounted data encryption method based on multi-encryption algorithm | |
| CN112636923B (en) | Engineering machinery CAN equipment identity authentication method and system | |
| CN111917538B (en) | Key derivation method and device based on vehicle-mounted equipment and vehicle-mounted equipment | |
| CN106506149A (en) | Key generation method and system between a kind of TBOX terminals and TSP platforms | |
| CN114327532A (en) | Automobile OTA (over the air) upgrade information security implementation method based on digital signature and encryption | |
| CN113347133A (en) | Authentication method and device for vehicle-mounted equipment | |
| CN103456056B (en) | Vehicle Anti-Theft System and Vehicle Anti-Theft System method of work | |
| CN113556710A (en) | Vehicle Bluetooth key method and device and vehicle | |
| CN112350821A (en) | Method, device and system for acquiring secret key | |
| CN111294771A (en) | In-vehicle device, system for implementing in-vehicle communication and related method | |
| CN105015490A (en) | Authentication method for antitheft unit of engine |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |