CN113613197B - Pairing method and device for vehicle and digital key - Google Patents

Pairing method and device for vehicle and digital key Download PDF

Info

Publication number
CN113613197B
CN113613197B CN202110770831.7A CN202110770831A CN113613197B CN 113613197 B CN113613197 B CN 113613197B CN 202110770831 A CN202110770831 A CN 202110770831A CN 113613197 B CN113613197 B CN 113613197B
Authority
CN
China
Prior art keywords
vehicle
mobile terminal
key
parameter
pairing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110770831.7A
Other languages
Chinese (zh)
Other versions
CN113613197A (en
Inventor
阳志强
梁凌波
刘洪泳
伍月红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Automotive Innovation Co Ltd
Original Assignee
China Automotive Innovation Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Automotive Innovation Co Ltd filed Critical China Automotive Innovation Co Ltd
Priority to CN202110770831.7A priority Critical patent/CN113613197B/en
Publication of CN113613197A publication Critical patent/CN113613197A/en
Application granted granted Critical
Publication of CN113613197B publication Critical patent/CN113613197B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Abstract

The application discloses a pairing method and a pairing device for a vehicle and a digital key, and the method comprises the following steps of: responding to a pairing request sent by a mobile terminal, and determining a second characteristic parameter of the vehicle based on a physical unclonable component of the vehicle; determining a first key parameter and a calculation factor according to a pairing request sent by the mobile terminal; generating a vehicle session key according to the first key parameter, the second characteristic parameter and the calculation factor; and authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key. According to the scheme provided by the application, the shared secret key can be generated based on the physical unclonable components of the vehicle and the mobile terminal and the secret key exchange algorithm under the condition that intervention of a cloud server is not needed, so that authentication of the vehicle and the mobile terminal is realized, the safety of pairing of the shared secret key is ensured, and the process of pairing the digital key and the vehicle is simplified.

Description

Pairing method and device for vehicle and digital key
Technical Field
The application relates to the technical field of vehicle communication, in particular to a pairing method and device of a vehicle and a digital key.
Background
The keyless entry and keyless starting system is the latest application and standard configuration of the intelligent network-connected automobile, adopts an advanced wireless radio frequency technology and a vehicle identity code recognition system, changes the development prospect of the automobile safety anti-theft application field, and brings convenience and comfort brand-new driving experience to users. The key-free access and starting are realized, the digital key is an innovative automobile key, an automobile owner can unlock the automobile through a smart phone or wearable equipment and the like, and related operations are implemented on the automobile, so that the convenience of using the automobile is greatly improved.
Pairing of digital keys is the process of enabling digital keys on the owner's mobile end device to access the vehicle. In the existing pairing process of the digital key, remote access of a cloud server is needed or unsafe shared ciphertext is implanted in a vehicle end in advance, so that the pairing process is complicated, and the safety is low.
Disclosure of Invention
In order to enable pairing of the digital key and the vehicle to be simpler and faster, a cloud server is not needed to be remotely accessed, and the application provides a pairing method and device of the vehicle and the digital key. The technical scheme is as follows:
In a first aspect, the present application provides a method for pairing a vehicle with a digital key, applied to a mobile terminal, the method comprising:
responding to pairing operation of a user, determining a first characteristic parameter of the mobile terminal based on a physical unclonable component of the mobile terminal, and sending a pairing request to the vehicle;
receiving a second key parameter sent by the vehicle in response to the pairing request;
generating a mobile terminal session key of the ultra-wideband communication between the mobile terminal and the vehicle according to the second key parameter, the first characteristic parameter and the calculation factor;
and authenticating the vehicle based on the mobile terminal session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
Optionally, the determining, based on the physical unclonable component of the mobile terminal, a first feature parameter of the mobile terminal includes:
determining channel parameters of an ultra-wideband channel between the mobile terminal and the vehicle;
and transmitting the channel parameters into the physical unclonable function part of the mobile terminal to obtain first characteristic parameters of the mobile terminal.
Optionally, the sending a pairing request to the vehicle includes:
obtaining a first key parameter according to the calculation factor and the first characteristic parameter;
and sending a pairing request to the vehicle based on a Bluetooth connection or NFC connection of a physical layer, wherein the pairing request comprises the first key parameter and the calculation factor.
Optionally, the authenticating the vehicle based on the mobile terminal session key to obtain an authentication result includes:
receiving an authentication ciphertext sent by the vehicle, wherein the authentication ciphertext is obtained by encrypting the received first key parameter by the vehicle according to a vehicle session key;
and decrypting the authentication ciphertext according to the mobile terminal session key, and if the first key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
In a second aspect, the present application provides a pairing method of a vehicle and a digital key, applied to the vehicle, the method comprising:
responding to a pairing request sent by a mobile terminal, and determining a second characteristic parameter of the vehicle based on a physical unclonable component of the vehicle;
Determining a first key parameter and a calculation factor according to a pairing request sent by the mobile terminal;
generating a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second characteristic parameter and the calculation factor;
and authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
Optionally, the method further comprises:
obtaining a second key parameter according to the calculation factor and the second characteristic parameter;
and sending the second key parameter to the mobile terminal based on the Bluetooth connection or NFC connection of the physical layer.
Optionally, the determining, based on the physical unclonable component of the vehicle, the second characteristic parameter of the vehicle includes:
determining channel parameters of an ultra-wideband channel between the vehicle and the mobile terminal;
and transmitting the channel parameters into a physical unclonable function of the vehicle to obtain second characteristic parameters of the vehicle.
Optionally, the authenticating the mobile terminal based on the vehicle session key includes:
Receiving an authentication ciphertext sent by the mobile terminal, wherein the authentication ciphertext is obtained by encrypting the received second key parameter by the mobile terminal according to a session key of the mobile terminal;
and decrypting the authentication ciphertext according to the vehicle session key, and if the second key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
In a third aspect, the present application provides a pairing device for a vehicle and a digital key, applied to a mobile terminal, where the device includes:
the first characteristic parameter determining module is used for responding to the pairing operation of a user, determining the first characteristic parameter of the mobile terminal based on the physical unclonable component of the mobile terminal, and sending a pairing request to the vehicle;
the first receiving determining module is used for receiving a second key parameter sent by the vehicle in response to the pairing request;
the first key generation module is used for generating a mobile terminal session key of the ultra-wideband communication between the mobile terminal and the vehicle according to the second key parameter, the first characteristic parameter and the calculation factor;
the first authentication module is used for authenticating the vehicle based on the mobile terminal session key to obtain an authentication result, and the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
In a fourth aspect, the present application provides a pairing device for a vehicle and a digital key, applied to the vehicle, the device comprising:
the second characteristic parameter determining module is used for responding to the pairing request sent by the mobile terminal and determining the second characteristic parameter of the vehicle based on the physical unclonable component of the vehicle;
the second receiving and determining module is used for determining a first key parameter and a calculation factor according to the pairing request sent by the mobile terminal;
the second key generation module is used for generating a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second characteristic parameter and the calculation factor;
and the second authentication module is used for authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, and the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
In a fifth aspect, the present application provides a computer readable storage medium having stored therein at least one instruction or at least one program loaded and executed by a processor to implement a vehicle and digital key method according to the first or second aspects.
In a sixth aspect, the present application provides a computer device comprising a processor and a memory having stored therein at least one instruction or at least one program loaded and executed by the processor to implement a vehicle and digital key method according to the first or second aspects.
The pairing method and device for the vehicle and the digital key provided by the application have the following technical effects:
in the scheme provided by the application, the vehicle and the mobile terminal are both provided with the physical unclonable component, and the first characteristic parameter of the mobile terminal and the second characteristic parameter of the vehicle are obtained based on the respective physical unclonable components, and are used for generating the key parameter, namely the cloud server is not required to be involved in the key generation pretreatment, the key parameter is not required to be implanted in the vehicle in advance, the generation process of the shared key is simplified, and the transmission safety and privacy protection of the key data are ensured; in addition, the characteristic parameters generated based on the physical unclonable components have uniqueness and randomness, so that not only can the leakage of the secret key be prevented, but also the operand can be reduced, and the safety and the convenience of the pairing process are further improved;
The scheme provided by the application can also generate the shared key in the pairing process based on near field communication such as Bluetooth, NFC and the like and a key exchange algorithm under the condition of no mobile network, so that the bidirectional authentication of the vehicle and the mobile terminal, namely the pairing of the vehicle and the digital key, is realized.
Additional aspects and advantages of the application will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the application, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic view of an environment for implementing a pairing method for a vehicle and a digital key according to an embodiment of the present application;
fig. 2 is a flow chart of a pairing method of a vehicle and a digital key applied to a mobile terminal according to an embodiment of the present application;
Fig. 3 is a flowchart illustrating a process of determining a first characteristic parameter of a mobile terminal according to an embodiment of the present application;
fig. 4 is a schematic flow chart of a mobile terminal sending a pairing request to a vehicle according to an embodiment of the present application;
fig. 5 is a schematic flow chart of a mobile terminal authenticating a vehicle based on a mobile terminal session key according to an embodiment of the present application;
FIG. 6 is a flow chart of a pairing method of a vehicle and a digital key applied to the vehicle according to an embodiment of the present application;
FIG. 7 is a flowchart illustrating a process for determining a second characteristic parameter of a vehicle according to an embodiment of the present application;
fig. 8 is a schematic flow chart of a vehicle sending pairing response to a mobile terminal according to an embodiment of the present application;
fig. 9 is a schematic flow chart of a vehicle authentication method for a mobile terminal based on a vehicle session key according to an embodiment of the present application;
FIG. 10 is a schematic flow chart of key exchange in a pairing process according to an embodiment of the present application;
FIG. 11 is a schematic diagram of a pairing device for a vehicle and a digital key applied to a mobile terminal according to an embodiment of the present application;
FIG. 12 is a schematic view of a pairing device for a vehicle and a digital key, which is applied to the vehicle according to an embodiment of the present application;
FIG. 13 is a schematic diagram of a pairing system for a vehicle and a digital key according to an embodiment of the present application;
fig. 14 is a schematic diagram of a hardware structure of a vehicle according to an embodiment of the present application;
fig. 15 is a schematic hardware structure of a mobile terminal according to an embodiment of the present application.
Detailed Description
In order to enable pairing of a digital key and a vehicle to be simpler and faster, a cloud server is not needed to access remotely, and the embodiment of the application provides a pairing method and device of the vehicle and the digital key. The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application. Examples of the embodiments are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements throughout or elements having like or similar functionality.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or server that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In order to facilitate understanding of the technical solution and the technical effects thereof described in the embodiments of the present application, the embodiments of the present application explain related terms:
PEPS: passive Entry and Passive Start, keyless entry and keyless start system; the intelligent network-connected automobile is the latest application and standard configuration of the intelligent network-connected automobile, adopts a wireless radio frequency technology and an automobile identity code recognition system, changes the development prospect of the automobile safety anti-theft application field, and brings convenience and comfort brand-new driving experience to users.
PUF: physical Unclonable Function, a physically unclonable function or physical unclonable function; as a new hardware safety primitive, the physical unclonable function is a hardware function realizing circuit which depends on chip characteristics, has uniqueness and randomness, and realizes the function of uniquely corresponding to an excitation signal and a response signal by extracting the technological parameter deviation which is necessarily introduced in the chip manufacturing process. That is, the physical unclonable function uses an inherent physical construct to uniquely identify it, and inputting any stimulus will output a unique and unpredictable response.
UWB: ultra Wide Band, ultra wideband; the wireless carrier communication technology is characterized in that a sinusoidal carrier is not adopted, and data is transmitted by utilizing non-sinusoidal narrow pulses of nanosecond level, so that the occupied frequency spectrum is wide. The UWB technology has the advantages of low system complexity, low power spectrum density of the transmitted signal, insensitivity to channel fading, low interception capability, high positioning accuracy and the like, and is particularly suitable for high-speed wireless access in indoor and other dense multipath places.
Key: a key is a parameter that is input in an algorithm that converts plaintext into ciphertext or converts ciphertext into plaintext. The keys are classified into symmetric keys and asymmetric keys.
Digital key: the novel automobile key can enable an automobile owner to unlock the automobile through a smart phone or wearable equipment and the like, and can be used for implementing related operations on the automobile, so that the convenience of using the automobile is greatly improved. The digital car key can be used by changing devices which can be worn such as a smart phone, a smart card, a smart watch and a bracelet into car keys through different near field communication technologies such as accurate UWB positioning, bluetooth and NFC (Near Field Communication, a short-distance high-frequency wireless communication technology) and safer key management, keyless entry and starting are realized in a real sense, and remote key authorization and personalized car setting can be provided for other people.
Fig. 1 is a schematic diagram of an implementation environment of a pairing method for a vehicle and a digital key according to an embodiment of the application, where, as shown in fig. 1, the implementation environment may at least include a mobile terminal 01 and a vehicle 02.
Specifically, the mobile terminal 01 may include smart phones, tablet computers, notebook computers, digital assistants, smart wearable devices, monitoring devices, voice interaction devices, and other types of devices, or may include software running in the devices, for example, web pages provided by some service providers to users, or may also provide applications provided by the service providers to users. Specifically, the mobile terminal 01 may be configured to interact with a user, identify a pairing operation performed by the user (for example, after the mobile terminal scans a bluetooth signal of a vehicle, the user selects to connect with bluetooth of the vehicle), determine, in response to the pairing operation, a first characteristic parameter of the mobile terminal based on a physical unclonable component in the mobile terminal device, calculate, according to the first characteristic parameter, a first key parameter, send the first key parameter to the vehicle through a physical layer connection of bluetooth communication, and receive a second key parameter sent by the vehicle, thereby generating, according to the second key parameter and the first characteristic parameter, a session key of the mobile terminal.
Specifically, the vehicle 02 may be a vehicle configured with a keyless entry and keyless start system, and the vehicle 02 and the mobile terminal 01 may be directly or indirectly connected through a wired or wireless communication manner, which is not limited herein. Specifically, the vehicle 02 receives, through connection with the bluetooth physical layer of the mobile terminal 01, a pairing request sent by the mobile terminal, where the pairing request may be transmitted in the form of message data for establishing a channel. The vehicle 02 responds to the pairing request and determines a second characteristic parameter of the vehicle according to the physical unclonable component of the vehicle UWB equipment; meanwhile, a first key parameter and a calculation factor of the mobile terminal are analyzed according to the pairing request, and then a vehicle session key is generated according to the first key parameter, the second characteristic parameter and the calculation factor. If the mobile terminal session key is consistent with the vehicle session key, the two-way authentication between the vehicle 02 and the mobile terminal 01 can be considered successful, that is, the mobile terminal 01 can be used as a digital key of the vehicle 02, and the control of the vehicle 02, such as opening and closing of a vehicle door, starting of the vehicle and the like, can be realized based on the mobile terminal 01.
The following describes a pairing method of a vehicle and a digital key. Fig. 2 is a flowchart of a method for pairing a vehicle with a digital key applied to a mobile terminal according to an embodiment of the present application, where the method includes the steps of operation as described in the examples or flowcharts, but may include more or fewer steps based on conventional or non-inventive labor. The order of steps recited in the embodiments is merely one way of performing the order of steps and does not represent a unique order of execution. When implemented in a real system or server product, the methods illustrated in the embodiments or figures may be performed sequentially or in parallel (e.g., in a parallel processor or multithreaded environment). Referring to fig. 2, when applied to a mobile terminal, a pairing method of a vehicle and a digital key provided in an embodiment of the present application may include the following steps:
S210: and responding to pairing operation of a user, determining a first characteristic parameter of the mobile terminal based on the physical unclonable component of the mobile terminal, and sending a pairing request to the vehicle.
It will be appreciated that pairing of the digital key with the vehicle is a process that enables the digital key to access the vehicle on the owner's mobile end device, i.e., a two-way authentication process. At present, a SPACE2+ algorithm (a key exchange mode of an ECC (Elliptica Curves Cryptography elliptic curve encryption) variation algorithm) under NFC is mainly adopted in the pairing process of the digital key to generate a shared digital key, and a secure channel is established, but in the generation pretreatment or the generation process of the digital key, a cloud server is required to be remotely accessed or unsafe shared ciphertext is implanted in advance at a vehicle end, so that the pairing process is complicated and the safety is low. The method provided by the application can generate the shared secret key by the vehicle and the mobile terminal under the condition of no cloud server or network, and complete bidirectional identity authentication and pairing.
In the embodiment of the application, before the digital key is started, the carrier (namely the mobile terminal) of the digital key and the vehicle are matched to finish bidirectional authentication. First, the pairing process may be triggered by the owner of the mobile terminal (hereinafter referred to as the user), and before the pairing process is triggered, it needs to be ensured that all pre-activation conditions are satisfied, for example, a physical remote control key has been inserted into the vehicle or the mobile terminal device without the vehicle owner is paired with the vehicle. For example, the mobile terminal is used as a master device (master) for actively initiating connection, pages the slave devices (salve) outwards, acquires bluetooth signals of surrounding slave devices, and if bluetooth signals of vehicles are scanned (scan), namely bluetooth physical layer connection (Link Layer connection, LLC) is established at the moment; and triggering a pairing process according to the operation of the mobile terminal on the connection with the Bluetooth signal of the vehicle.
In an embodiment of the application, the matched characteristic parameters in the digital key are designed based on a Physical Unclonable Function (PUF) for identity authentication. The PUF is able to generate a hardware-specific 32-byte string tag depending on the uniqueness of the physical hardware on which it is executing. PUFs are the derivation of secret information from complex physical characteristics of an entity. The PUF is used for bearing authentication information, so that the robustness and practicality of hardware equipment can be ensured; the PUF is bound with the equipment, is determined by the random difference of physical manufacturing on a chip, cannot be reproduced on other equipment, and has uniqueness; any attempt to tamper with the device will have an impact on the PUF, destroying the original PUF, and having the property of being non-tamperable.
In one embodiment of the application, the mobile terminal supports ultra wideband communication and is configured with an ultra wideband controller and physically unclonable components (or chips, circuits) that can communicate with the vehicle based on ultra wideband technology when the mobile terminal is a digital key. As shown in fig. 3, the determining, based on the physical unclonable component of the mobile terminal, the first characteristic parameter of the mobile terminal may include the following steps:
s211: and determining channel parameters of an ultra-wideband channel between the mobile terminal and the vehicle.
Preferably, the channels can be divided into constant-parameter channels in which the transmission characteristics of the signal change very slowly over time, or over a sufficiently long period of time, with the parameters being substantially unchanged, and time-varying channels.
S213: and transmitting the channel parameters into the physical unclonable function part of the mobile terminal to obtain first characteristic parameters of the mobile terminal.
The physical unclonable component has a physical unclonable function/function that uses an inherent physical construct to uniquely identify the device, and inputting any stimulus outputs a unique and unpredictable response. Alternatively, the non-electronic PUF, the analog circuit PUF, and the digital circuit PUF may be classified according to the implementation method.
In the above embodiment, based on the PUF as the key generator factor in the pairing authentication process, not only can the key leakage be prevented, but also the operation amount can be reduced, and the pairing method is applicable to the pairing process of the resource-limited low-energy-consumption UWB digital key device and the vehicle-end controller.
In one embodiment of the present application, as shown in fig. 4, the sending the pairing request to the vehicle may include the following steps:
s215: and obtaining a first key parameter according to the calculation factor and the first characteristic parameter.
In one possible implementation, the calculation factor is used as an algorithm parameter, and illustratively, the calculation factor in modulo operation may include a modulus and a prime number. And performing modular operation according to the first characteristic arithmetic and the calculation factor to obtain a first key parameter.
In the embodiment of the present application, the first key parameter is used to calculate a key, and the key is also a parameter that is input in an algorithm for converting plaintext into ciphertext or analyzing ciphertext into plaintext.
S217: and sending a pairing request to the vehicle based on a Bluetooth connection or NFC connection of a physical layer, wherein the pairing request comprises the first key parameter and the calculation factor.
In one possible implementation, after the bluetooth LLC channel is established, the message data to establish the UWB channel is sent to the vehicle as a pairing request. And adding the first key parameter and the calculation factor into the message data.
In another possible embodiment, bluetooth communication is used as an important communication carrier in UWB positioning, and the data can be exchanged/transmitted through a configuration file of a bluetooth communication connection as an input for a key exchange in the next step. For example, the computing factors are exchanged using a generic access profile (Generic Access Profile, GAP), which is the basis for all other profiles, which defines a generic method of establishing a baseband link between bluetooth devices; or, the data is transmitted using specific attributes of files in a service discovery application profile (Service Discovery Application Profile, SDAP) of bluetooth.
In the above embodiment, based on bluetooth transmission data, data exchange can be completed without access of a cloud server or without a mobile network, and meanwhile, the key data preprocessing and generating process is simplified.
S230: and receiving a second key parameter sent by the vehicle in response to the pairing request.
In the embodiment of the present application, the second key parameter is used for the mobile terminal to construct the mobile terminal session key, and specifically, the second key parameter can be referred to in an embodiment of a method for pairing a vehicle with a digital key, which is applied to the vehicle, and will not be described herein.
S250: and generating a mobile terminal session key of the ultra-wideband communication between the mobile terminal and the vehicle according to the second key parameter, the first characteristic parameter and the calculation factor.
In one embodiment of the application, the second key parameter, the first characteristic parameter and the calculation factor are subjected to modular operation to obtain a mobile terminal session key which is used as a digital key of ultra-wideband communication.
S270: and authenticating the vehicle based on the mobile terminal session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
It can be understood that the authentication process is to verify whether the session keys at both sides of the vehicle and the mobile terminal are consistent, if so, the session keys can be used as symmetric digital keys in communication, and if not, the identity authentication is unsuccessful, and the mobile terminal and the vehicle cannot be paired.
In one embodiment of the present application, specifically, as shown in fig. 5, the authentication of the vehicle based on the mobile terminal session key, to obtain an authentication result, may include the following steps:
s271: and receiving an authentication ciphertext sent by the vehicle, wherein the authentication ciphertext is obtained by encrypting the received first key parameter by the vehicle according to a vehicle session key.
Specifically, the plaintext corresponding to the authentication ciphertext sent by the vehicle is a first key parameter of the mobile terminal, and in the embodiment shown in step S215-S217, the mobile terminal sends the first key parameter determined by itself to the vehicle, and the vehicle encrypts the first key parameter, so that the mobile terminal can also conveniently calibrate the decryption result of the ciphertext.
S273: and decrypting the authentication ciphertext according to the mobile terminal session key, and if the first key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
In addition, the mobile terminal encrypts a second key parameter sent by the vehicle according to the mobile terminal session key, so that the vehicle can authenticate the mobile terminal according to the vehicle session key. It can be understood that under the condition that the plaintext is the same and the ciphertext is the same, the keys can be considered to be identical or symmetrical, and at the moment, the two-end mutual authentication is successful, and the vehicle session key and the mobile-end session key can be used as shared digital keys.
In the above embodiment, after the mobile terminal session key is generated, the subsequent processing further includes a bidirectional verification process, and by adopting the verification manner of the above embodiment, verification can be effectively and simply completed, so as to ensure the feasibility of pairing.
Fig. 6 is a flow chart of a method of pairing a vehicle with a digital key for application to a vehicle according to an embodiment of the present application, which provides the method steps of operation as described in the examples or flow charts, but may include more or fewer steps of operation based on conventional or non-inventive labor. The order of steps recited in the embodiments is merely one way of performing the order of steps and does not represent a unique order of execution. When implemented in a real system or server product, the methods illustrated in the embodiments or figures may be performed sequentially or in parallel (e.g., in a parallel processor or multithreaded environment). Referring to fig. 6, when applied to a vehicle, a pairing method of a vehicle and a digital key provided in an embodiment of the application may include the following steps:
S610: and responding to a pairing request sent by the mobile terminal, and determining a second characteristic parameter of the vehicle based on the physical unclonable component of the vehicle.
It can be understood that, in the embodiment of the vehicle end, the part related to the mobile end can refer to the foregoing embodiment, and the description will be omitted.
In the embodiment of the application, when the mobile terminal is used as the main equipment to initiate a pairing request for the vehicle, the vehicle responds to the pairing request to determine a unique identifier as a second characteristic parameter of the vehicle.
In one embodiment of the application, the vehicle supports ultra-wideband communication and is configured with an ultra-wideband controller and a physically unclonable component that can communicate with a wirelessly connected external device based on ultra-wideband technology.
As shown in fig. 7, the determining the second characteristic parameter of the vehicle may include the following steps:
s611: and determining channel parameters of an ultra-wideband channel between the vehicle and the mobile terminal.
Preferably, the channels can be divided into constant parameter channels and time-varying channels, in which the transmission characteristics of the signals change very slowly with time, or in a long enough time, the parameters are basically unchanged, and constant parameters in the time-varying channels can be selected.
S613: and transmitting the channel parameters into a physical unclonable function of the vehicle to obtain second characteristic parameters of the vehicle.
It will be appreciated that although the mobile terminal and the vehicle both transmit the ultra-wideband channel parameters into their respective physically unclonable components, the first and second generated characteristic parameters are different because the respective physically unclonable components are bound to the device itself, determined by the random differences in physical fabrication on the chip, cannot be reproduced on other devices, and are unique.
In the above embodiment, based on the PUF as the key generator factor in the pairing authentication process, not only can the key leakage be prevented, but also the operation amount can be reduced, and the pairing method is applicable to the pairing process of the resource-limited low-energy-consumption UWB digital key device and the vehicle-end controller.
S630: and determining a first key parameter and a calculation factor according to the pairing request sent by the mobile terminal.
In the embodiment shown in step S210 and the substeps, the pairing request includes the first key parameter and the calculation factor. That is, during the pairing process, the respective key parameters are exchanged first, so in the embodiment of the present application, as shown in fig. 8, the method further includes:
S641: and obtaining a second key parameter according to the calculation factor and the second characteristic parameter.
Illustratively, the calculation factor in the modulo operation may include a modulus and a prime number, and the modulo operation is performed according to the second feature operand and the calculation factor to obtain the second key parameter.
It can be understood that the algorithm of calculating the first key parameter by the mobile terminal is consistent with the algorithm of calculating the second key parameter by the vehicle, and the parameters of the incoming algorithm are different.
S643: and sending the second key parameter to the mobile terminal based on the Bluetooth connection or NFC connection of the physical layer.
In a possible implementation, after the bluetooth LLC channel is established, the message data of the response channel establishment is sent to the vehicle as a pairing response, and the message data includes the second key parameter. The manner of NFC connection is similar and will not be described in detail here.
In the above embodiment, based on bluetooth transmission data, data exchange can be completed without access of a cloud server or without a mobile network, and meanwhile, the key data preprocessing and generating process is simplified.
S650: and generating a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second characteristic parameter and the calculation factor.
In one embodiment of the application, a vehicle session key is obtained as a digital key for ultra wideband communication by performing a modulo operation based on the first key parameter, the second characteristic parameter and the calculation factor.
S670: and authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
It can be understood that the authentication process is to verify whether the session keys at both sides of the vehicle and the mobile terminal are consistent, if so, the session keys can be used as symmetric digital keys in communication, and if not, the identity authentication is unsuccessful, and the mobile terminal and the vehicle cannot be paired.
In one embodiment of the present application, specifically, as shown in fig. 9, the authenticating the mobile terminal based on the vehicle session key to obtain an authentication result may include the following steps:
s671: and receiving an authentication ciphertext sent by the mobile terminal, wherein the authentication ciphertext is obtained by encrypting the received second key parameter by the mobile terminal according to a session key of the mobile terminal.
Specifically, the plaintext corresponding to the authentication ciphertext sent by the mobile terminal is the second key parameter of the vehicle terminal, and in the embodiment shown in step S641-S643, the vehicle sends the second key parameter determined by the vehicle to the mobile terminal, and the mobile terminal encrypts the second key parameter, so that the vehicle can conveniently calibrate the decryption result of the ciphertext.
S673: and decrypting the authentication ciphertext according to the vehicle session key, and if the second key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
In addition, the vehicle encrypts the first key parameter sent by the mobile terminal according to the vehicle session key, so that the mobile terminal can authenticate the vehicle according to the mobile terminal session key. It can be understood that under the condition that the plaintext is the same and the ciphertext is the same, the keys can be considered to be identical or symmetrical, and at the moment, the two-end mutual authentication is successful, and the vehicle session key and the mobile-end session key can be used as shared digital keys.
In the above embodiment, after the vehicle session key is generated, the subsequent process further includes a bidirectional verification process, and by adopting the verification manner of the above embodiment, verification can be effectively and simply completed, so as to ensure the feasibility of pairing.
In one embodiment of the present application, the calculation and exchange process of key parameters can be simplified into the flow shown in fig. 10:
1. the calculation factors are g and p, which are derived from Bluetooth configuration files;
2. the mobile terminal generates a first characteristic parameter a by using a PUF, and obtains a first key parameter A through modular operation;
3. The mobile terminal sends the A to the vehicle terminal;
4. the vehicle end generates a second characteristic parameter B by using the PUF, and obtains a second key parameter B through modular operation;
5. the vehicle end sends the B to the mobile end;
6. computing mobile terminal key K 1 The following are provided: k (K) 1 =B a mod p
7. Calculating key K of vehicle end 2 The following are provided: k (K) 2 =A b mod p
Crptaedld equals K 1 Or K 2
Deriving a key therefrom, if K 1 And K is equal to 2 And if the key is the same, the key generation under the environment without cloud and mobile network is completed.
The embodiment of the application also provides a pairing device 1100 of a vehicle and a digital key, which is applied to a mobile terminal, as shown in fig. 11, the device 1100 may include:
a first feature parameter determining module 1110, configured to determine, in response to a pairing operation by a user, a first feature parameter of the mobile terminal based on a physical unclonable component of the mobile terminal, and send a pairing request to the vehicle;
a first receiving determining module 1120, configured to receive a second key parameter sent by the vehicle in response to the pairing request;
a first key generating module 1130, configured to generate a mobile end session key for ultra-wideband communication between the mobile end and the vehicle according to the second key parameter, the first feature parameter and the calculation factor;
A first authentication module 1140, configured to authenticate the vehicle based on the mobile terminal session key, to obtain an authentication result, where the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
In one embodiment of the present application, the first characteristic parameter determining module 1110 may include:
a first determining unit of channel parameters, which is used for determining the channel parameters of the ultra-wideband channel between the mobile terminal and the vehicle;
and the first characteristic parameter determining unit is used for transmitting the channel parameters into the physical unclonable function part of the mobile terminal to obtain the first characteristic parameters of the mobile terminal.
In one embodiment of the present application, the first characteristic parameter determining module 1110 may further include:
the first key parameter determining unit is used for obtaining a first key parameter according to the calculation factor and the first characteristic parameter;
and the pairing request sending unit is used for sending a pairing request to the vehicle based on the Bluetooth connection or the NFC connection of the physical layer, wherein the pairing request comprises the first key parameter and the calculation factor.
In one embodiment of the present application, the first authentication module 1140 may comprise:
The first authentication ciphertext receiving unit is used for receiving an authentication ciphertext sent by the vehicle, wherein the authentication ciphertext is obtained by encrypting the received first key parameter by the vehicle according to a vehicle session key;
the first ciphertext decryption verification unit is used for decrypting the authentication ciphertext according to the mobile terminal session key, and if the first key parameter is obtained, an authentication result is determined, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
The embodiment of the application also provides a pairing device 1200 of a vehicle and a digital key, which is applied to the vehicle, as shown in fig. 12, the device 1200 may include:
a second feature parameter determining module 1210, configured to determine, in response to a pairing request sent by the mobile terminal, a second feature parameter of the vehicle based on a physical unclonable component of the vehicle;
a second receiving determining module 1220, configured to determine a first key parameter and a calculation factor according to the pairing request sent by the mobile terminal;
a second key generating module 1230, configured to generate a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second feature parameter and the calculation factor;
A second authentication module 1240, configured to authenticate the mobile terminal based on the vehicle session key, and obtain an authentication result, where the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
In one embodiment of the present application, the apparatus 1200 further comprises:
the second key parameter determining unit is used for obtaining a second key parameter according to the calculation factor and the second characteristic parameter;
and the second key parameter sending unit is used for sending the second key parameter to the mobile terminal based on Bluetooth connection or NFC connection of a physical layer.
In one embodiment of the present application, the second characteristic parameter determining module 1210 may include:
a second determining unit of channel parameters, configured to determine channel parameters of an ultra wideband channel between the vehicle and the mobile terminal;
and the second characteristic parameter determining unit is used for transmitting the channel parameters into the physical unclonable function of the vehicle to obtain the second characteristic parameters of the vehicle.
In one embodiment of the present application, the second authentication module 1240 may include:
the second authentication ciphertext receiving unit is used for receiving an authentication ciphertext sent by the mobile terminal, wherein the authentication ciphertext is obtained by encrypting the received second key parameter by the mobile terminal according to a session key of the mobile terminal;
And the second ciphertext decryption verification unit is used for decrypting the authentication ciphertext according to the vehicle session key, and if the second key parameter is obtained, an authentication result is determined, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
The embodiment of the application also provides a pairing system of the vehicle and the digital key, the architecture schematic diagram of which can be shown in fig. 13, and the system can be also suitable for a scene of positioning by utilizing ultra wideband. The vehicle and the mobile terminal are both provided with UWB modules, wherein the MCU (Microcontroller Unit, micro control unit or singlechip) is used for executing related calculation tasks in the pairing process, the PUF is used for generating respective characteristic parameters, and the UWB (Ranger 4) is used for performing related management on ultra-wideband communication.
It should be noted that, in implementing the functions of the apparatus or system provided in the foregoing embodiments, only the division of the foregoing functional modules is used as an example, where in practical application, the foregoing functional allocation may be implemented by different functional modules, that is, the internal structure of the device is divided into different functional modules, so as to implement all or part of the functions described above. In addition, the apparatus and the method embodiments provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the apparatus and the method embodiments are detailed in the method embodiments and are not repeated herein.
The embodiment of the application provides a computer device, which comprises a processor and a memory, wherein at least one instruction or at least one section of program is stored in the memory, and the at least one instruction or the at least one section of program is loaded and executed by the processor to realize a pairing method of a vehicle and a digital key, which is provided by the embodiment of the method.
Fig. 14 is a block diagram showing a hardware structure of a vehicle end according to an embodiment of the application. As shown in fig. 14, the vehicle end 1400 may have a relatively large difference due to different configurations or performances, and may include one or more central processing units (Central Processing Units, CPU) 1410 (the processor 1410 may include, but is not limited to, a microprocessor MCU or a processing device such as a programmable logic device FPGA), a memory 1430 for storing data, one or more storage media 1420 (e.g., one or more mass storage devices) storing application programs 1423 or data 1422. Wherein the memory 1430 and the storage medium 1420 may be transitory or persistent storage. The program stored on the storage medium 1420 may include one or more modules, each of which may include a series of instruction operations on a server. Still further, the central processor 1410 may be configured to communicate with the storage medium 1420, and execute a series of instruction operations in the storage medium 1420 on the vehicle side 1400. The vehicle end 1400 may also include one or more power supplies 1460, one or more wired or wireless network interfaces 1450, one or more input/output interfaces 1440, and/or one or more operating systems 1421, such as Windows Server, mac OS XTM, unixTM, linuxTM, freeBSDTM, and the like.
Input-output interface 1440 may be used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider at the vehicle end 1400. In one example, input/output interface 1440 includes a network adapter (Network Interface Controller, NIC) that may connect to other network devices through a base station to communicate with the internet. In one example, the input-output interface 1440 may be a Radio Frequency (RF) module for communicating with the internet wirelessly.
It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 14 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the vehicle end 1400 may also include more or fewer components than shown in fig. 14, or have a different configuration than shown in fig. 14.
Fig. 15 is a schematic hardware structure diagram of a mobile terminal according to an embodiment of the present application, where the mobile terminal is used to implement a pairing method of a vehicle and a digital key provided in the above embodiment.
The mobile terminal 1500 may include RF (Radio Frequency) circuitry 1510, memory 1520 including one or more computer-readable storage media, an input unit 1530, a display unit 1540, a video sensor 1550, audio circuitry 1560, a WiFi (wireless fidelity ) module 1570, a processor 1580 including one or more processing cores, and a power supply 150. It will be appreciated by those skilled in the art that the mobile end structure shown in fig. 15 is not limiting of the mobile end and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
The RF circuit 1510 may be used for receiving and transmitting signals during a message or a call, and in particular, after receiving downlink information of a base station, the downlink information is processed by one or more processors 1580; in addition, data relating to uplink is transmitted to the base station. Typically, RF circuitry 1510 includes, but is not limited to, an antenna, at least one amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, an LNA (Low Noise Amplifier ), a duplexer, and the like. In addition, the RF circuitry 1510 may also communicate with networks and other devices through wireless communication. The wireless communication may use any communication standard or protocol including, but not limited to, GSM (Global System of Mobile communication, global system for mobile communications), GPRS (General Packet Radio Service ), CDMA (Code Division Multiple Access, code division multiple access), WCDMA (Wideband Code Division Multiple Access ), LTE (Long Term Evolution, long term evolution), email, SMS (Short Messaging Service, short message service), and the like.
The memory 1520 may be used to store software programs and modules, and the processor 1580 performs various functional applications and data processing by executing the software programs and modules stored in the memory 1520. The memory 1520 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data created according to the use of the mobile terminal 1500 (such as video data, phonebooks, etc.), and the like. In addition, memory 1520 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 1520 may also include a memory controller to provide access to the memory 1520 by the processor 1580 and the input unit 1530.
The input unit 1530 may be used to receive input numerical or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control. In particular, the input unit 1530 may include an image input device 1531 and other input devices 1532. The image input device 1531 may be a camera or a photoelectric scanning device. In addition to the image input device 1531, the input unit 1530 may also include other input devices 1532. In particular, other input devices 1532 may include, but are not limited to, one or more of a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, mouse, joystick, etc.
The display unit 1540 may be used to display information entered by a user or provided to a user as well as various graphical user interfaces of the mobile terminal 1500, which may be composed of graphics, text, icons, video, and any combination thereof. The display unit 1540 may include a display panel 1541, and alternatively, the display panel 1541 may be configured in the form of an LCD (Liquid Crystal Display ), an OLED (Organic Light-Emitting Diode), or the like.
The mobile terminal 1500 may include at least one video sensor 1550 for acquiring video information of a user. The mobile end 1500 may also include other sensors (not shown), such as light sensors, motion sensors, and other sensors. Specifically, the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 1541 according to the brightness of ambient light, and the proximity sensor may turn off the display panel 1541 and/or the backlight when the mobile terminal 1500 moves to the ear. As one type of motion sensor, the gravity acceleration sensor can detect the acceleration in all directions (typically three axes), and can detect the gravity and direction when stationary, and can be used for applications for recognizing the gesture of a mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer, knocking), and the like. Other sensors such as gyroscopes, barometers, hygrometers, thermometers, infrared sensors, etc. that may be configured for the mobile terminal 1500 are not described herein.
Audio circuitry 1560, speaker 1561, and microphone 1562 may provide a video interface between a user and mobile terminal 1500. The audio circuit 1560 may transmit the received electrical signal converted from audio data to the speaker 1561, and be converted into a sound signal by the speaker 1561 for output; on the other hand, the microphone 1562 converts the collected sound signals into electrical signals, which are then received by the audio circuit 1560 for conversion into audio data, which is then processed by the audio data output processor 1580 for transmission, e.g., via the RF circuit 1510 to another mobile terminal, or for output to the memory 1520 for further processing. Audio circuitry 1560 may also include an ear bud jack to provide communication between the peripheral ear bud and mobile terminal 1500.
WiFi belongs to a short-distance wireless transmission technology, and the mobile terminal 1500 can help a user to send and receive emails, browse webpages, access streaming media and the like through the WiFi module 1570, so that wireless broadband Internet access is provided for the user. Although fig. 15 shows WiFi module 1570, it is understood that it does not belong to the essential constitution of mobile terminal 1500 and may be omitted entirely as desired within the scope of not changing the essence of the invention.
The processor 1580 is a control center of the mobile terminal 1500, connects various parts of the entire mobile phone using various interfaces and lines, and performs various functions and processes data of the mobile terminal 1500 by running or executing software programs and/or modules stored in the memory 1520 and calling data stored in the memory 1520, thereby performing overall monitoring of the mobile phone. Optionally, processor 1580 may include one or more processing cores; preferably, the processor 1580 can integrate an application processor and a modem processor, wherein the application processor primarily processes operating systems, user interfaces, application programs, and the like, and the modem processor primarily processes wireless communications. It is to be appreciated that the modem processor described above may not be integrated into the processor 1580.
The mobile terminal 1500 also includes a power supply 150 (e.g., a battery) for powering the various components, which may be logically connected to the processor 1580 by a power management system, thereby performing functions such as managing charging, discharging, and power consumption by the power management system. The power supply 150 may also include one or more of any of a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like. Although not shown, the mobile terminal 1500 may further include a bluetooth module, etc., which will not be described herein.
In particular, in the present embodiment, the mobile terminal 1500 further includes a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors. The one or more programs include instructions for performing a method of pairing a vehicle with a digital key provided by the method embodiments described above.
The embodiment of the application also provides a vehicle end which comprises a processor and a memory, wherein at least one instruction, at least one section of program, a code set or an instruction set is stored in the memory, and the at least one instruction, the at least one section of program, the code set or the instruction set is loaded and executed by the processor so as to realize the pairing method of the vehicle and the digital key.
The memory may be used to store software programs and modules, and the processor may execute various functional applications and detection of abnormal behavior subjects by running the software programs and modules stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, application programs required for functions, and the like; the storage data area may store data created according to the use of the device, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory may also include a memory controller to provide access to the memory by the processor.
Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the mobile terminal reads the computer instruction from the computer readable storage medium, and the processor of the mobile terminal executes the computer instruction to enable the mobile terminal to execute a pairing method of the vehicle and the digital key in the method embodiment; or, the processor of the vehicle end reads the computer instruction from the computer readable storage medium, and the processor of the vehicle end executes the computer instruction, so that the vehicle end executes a pairing method of the vehicle at the vehicle end side and the digital key in the method embodiment;
The embodiments of the present application also provide a non-transitory computer readable storage medium including instructions, for example, a memory including instructions, where the instructions may be executed by a processor of a mobile terminal to perform steps on a mobile terminal side in the above method embodiments, or where the instructions may be executed by a processor of a vehicle terminal to perform steps on a vehicle terminal side in the above method embodiments. For example, the non-transitory computer readable storage medium may be ROM, random Access Memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
The pairing method and device of the vehicle and the digital key provided by the embodiment can have the following technical effects:
in the scheme provided by the application, the vehicle and the mobile terminal are both provided with the physical unclonable component, and the first characteristic parameter of the mobile terminal and the second characteristic parameter of the vehicle are obtained based on the respective physical unclonable components, and are used for generating the key parameter, namely the cloud server is not required to be involved in the key generation pretreatment, the key parameter is not required to be implanted in the vehicle in advance, the generation process of the shared key is simplified, and the transmission safety and privacy protection of the key data are ensured; in addition, the characteristic parameters generated based on the physical unclonable components have uniqueness and randomness, so that not only can the leakage of the secret key be prevented, but also the operand can be reduced, and the safety and the convenience of the pairing process are further improved;
The scheme provided by the application can also generate the shared key in the pairing process based on the near field and key exchange algorithm such as Bluetooth, NFC and the like under the condition of no mobile network, so that the bidirectional authentication of the vehicle and the mobile terminal, namely the pairing of the vehicle and the digital key, is realized.
The embodiments of the present application are described in a progressive manner, and the same and similar parts of the embodiments are all referred to each other, and each embodiment is mainly described in the differences from the other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program for instructing relevant hardware, where the program may be stored in a computer readable storage medium, and the storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The foregoing description of the preferred embodiments of the application is not intended to limit the application to the precise form disclosed, and any such modifications, equivalents, and alternatives falling within the spirit and scope of the application are intended to be included within the scope of the application.

Claims (8)

1. A method for pairing a vehicle with a digital key, applied to a mobile terminal, the method comprising:
determining channel parameters of an ultra-wideband channel between the mobile terminal and the vehicle in response to pairing operation of a user;
transmitting the channel parameters to a physical unclonable component of the mobile terminal, determining a first characteristic parameter of the mobile terminal, and transmitting a pairing request to the vehicle;
receiving a second key parameter sent by the vehicle in response to the pairing request;
generating a mobile terminal session key of the ultra-wideband communication between the mobile terminal and the vehicle according to the second key parameter, the first characteristic parameter and the calculation factor;
and authenticating the vehicle based on the mobile terminal session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
2. The method of pairing a vehicle with a digital key according to claim 1, wherein the sending a pairing request to the vehicle comprises:
obtaining a first key parameter according to the calculation factor and the first characteristic parameter;
a pairing request is sent to the vehicle based on a bluetooth or NFC connection of a physical layer, the pairing request including the first key parameter and the calculation factor.
3. The method for pairing a vehicle and a digital key according to claim 2, wherein authenticating the vehicle based on the mobile terminal session key to obtain an authentication result comprises:
receiving an authentication ciphertext sent by the vehicle, wherein the authentication ciphertext is obtained by encrypting the received first key parameter by the vehicle according to a vehicle session key;
and decrypting the authentication ciphertext according to the mobile terminal session key, and if the first key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
4. A method of pairing a vehicle with a digital key, applied to a vehicle, the method comprising:
determining channel parameters of an ultra-wideband channel between the vehicle and the mobile terminal in response to a pairing request sent by the mobile terminal;
transmitting the channel parameters into a physical unclonable component of the vehicle, and determining second characteristic parameters of the vehicle;
determining a first key parameter and a calculation factor according to a pairing request sent by the mobile terminal;
generating a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second characteristic parameter and the calculation factor;
And authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, wherein the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
5. The method of pairing a vehicle with a digital key according to claim 4, further comprising:
obtaining a second key parameter according to the calculation factor and the second characteristic parameter;
and sending the second key parameter to the mobile terminal based on the Bluetooth connection or NFC connection of the physical layer.
6. The method of pairing a vehicle with a digital key according to claim 5, wherein authenticating the mobile terminal based on the vehicle session key comprises:
receiving an authentication ciphertext sent by the mobile terminal, wherein the authentication ciphertext is obtained by encrypting the received second key parameter by the mobile terminal according to a session key of the mobile terminal;
and decrypting the authentication ciphertext according to the vehicle session key, and if the second key parameter is obtained, determining an authentication result, wherein the authentication result indicates that the mobile terminal is successfully paired with the vehicle as a digital key.
7. A pairing device for a vehicle and a digital key, applied to a mobile terminal, the device comprising:
The first characteristic parameter determining module is used for responding to the pairing operation of the user and determining the channel parameters of the ultra-wideband channel between the mobile terminal and the vehicle; transmitting the channel parameters to a physical unclonable component of the mobile terminal, determining a first characteristic parameter of the mobile terminal, and transmitting a pairing request to the vehicle;
the first receiving determining module is used for receiving a second key parameter sent by the vehicle in response to the pairing request;
the first key generation module is used for generating a mobile terminal session key of the ultra-wideband communication between the mobile terminal and the vehicle according to the second key parameter, the first characteristic parameter and the calculation factor;
the first authentication module is used for authenticating the vehicle based on the mobile terminal session key to obtain an authentication result, and the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
8. A vehicle-to-digital key pairing device for use at a vehicle end, the device comprising:
the second characteristic parameter determining module is used for responding to a pairing request sent by the mobile terminal and determining the channel parameter of the ultra-wideband channel between the vehicle and the mobile terminal; and transmitting the channel parameters into a physically unclonable component of the vehicle, determining second characteristic parameters of the vehicle;
The second receiving and determining module is used for determining a first key parameter and a calculation factor according to the pairing request sent by the mobile terminal;
the second key generation module is used for generating a vehicle session key for ultra-wideband communication between the vehicle and the mobile terminal according to the first key parameter, the second characteristic parameter and the calculation factor;
and the second authentication module is used for authenticating the mobile terminal based on the vehicle session key to obtain an authentication result, and the authentication result indicates whether the mobile terminal is successfully paired with the vehicle as a digital key.
CN202110770831.7A 2021-07-08 2021-07-08 Pairing method and device for vehicle and digital key Active CN113613197B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110770831.7A CN113613197B (en) 2021-07-08 2021-07-08 Pairing method and device for vehicle and digital key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110770831.7A CN113613197B (en) 2021-07-08 2021-07-08 Pairing method and device for vehicle and digital key

Publications (2)

Publication Number Publication Date
CN113613197A CN113613197A (en) 2021-11-05
CN113613197B true CN113613197B (en) 2023-09-15

Family

ID=78304146

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110770831.7A Active CN113613197B (en) 2021-07-08 2021-07-08 Pairing method and device for vehicle and digital key

Country Status (1)

Country Link
CN (1) CN113613197B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114282232A (en) * 2021-11-22 2022-04-05 岚图汽车科技有限公司 Vehicle communication key management method and device, storage medium and equipment
CN114302334A (en) * 2021-12-28 2022-04-08 重庆集诚汽车电子有限责任公司 Digital key positioning method, device, medium and equipment based on UWB ranging
CN114684070B (en) * 2022-03-23 2023-07-25 中汽创智科技有限公司 Safety vehicle control method and device, vehicle system and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015156622A2 (en) * 2014-04-09 2015-10-15 (주) 아이씨티케이 Authentication apparatus and method
CN105991644A (en) * 2015-03-17 2016-10-05 现代自动车株式会社 Method and apparatus for performing cross-authentication based on secret information
CN108173662A (en) * 2018-02-12 2018-06-15 海信集团有限公司 The authentication method and device of a kind of equipment
CN109245904A (en) * 2018-10-17 2019-01-18 南京航空航天大学 A kind of lightweight car networking system safety certifying method based on PUF
CN110177354A (en) * 2019-06-21 2019-08-27 湖北亿咖通科技有限公司 A kind of wireless control method and system of vehicle
CN110545543A (en) * 2019-09-03 2019-12-06 南瑞集团有限公司 authentication method, device and system of wireless equipment
CN110752919A (en) * 2019-10-21 2020-02-04 湖北工业大学 Two-party authentication and session key exchange method based on BST-PUF
CN112398894A (en) * 2019-08-19 2021-02-23 广州汽车集团股份有限公司 Safety verification method and device for vehicle

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8831224B2 (en) * 2012-09-14 2014-09-09 GM Global Technology Operations LLC Method and apparatus for secure pairing of mobile devices with vehicles using telematics system
US9258710B2 (en) * 2013-05-29 2016-02-09 Panasonic Intellectual Property Corporation Of America Wireless communication device, wireless communication method, remote operation device and remote operation method
US10148653B2 (en) * 2016-12-14 2018-12-04 The Boeing Company Authenticating an aircraft data exchange using detected differences of onboard electronics
KR102384664B1 (en) * 2019-06-28 2022-04-11 한국전자통신연구원 User device, physical unclonable function based authentication server and operating method thereof

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015156622A2 (en) * 2014-04-09 2015-10-15 (주) 아이씨티케이 Authentication apparatus and method
CN105991644A (en) * 2015-03-17 2016-10-05 现代自动车株式会社 Method and apparatus for performing cross-authentication based on secret information
CN108173662A (en) * 2018-02-12 2018-06-15 海信集团有限公司 The authentication method and device of a kind of equipment
CN109245904A (en) * 2018-10-17 2019-01-18 南京航空航天大学 A kind of lightweight car networking system safety certifying method based on PUF
CN110177354A (en) * 2019-06-21 2019-08-27 湖北亿咖通科技有限公司 A kind of wireless control method and system of vehicle
CN112398894A (en) * 2019-08-19 2021-02-23 广州汽车集团股份有限公司 Safety verification method and device for vehicle
CN110545543A (en) * 2019-09-03 2019-12-06 南瑞集团有限公司 authentication method, device and system of wireless equipment
CN110752919A (en) * 2019-10-21 2020-02-04 湖北工业大学 Two-party authentication and session key exchange method based on BST-PUF

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
一种基于PUF的两方认证与会话密钥交换协议;贺章擎;李红;万美琳;吴铁洲;;计算机工程与应用(18);全文 *
量子密钥数字证书系统及其应用;原磊;;信息安全研究(06);全文 *

Also Published As

Publication number Publication date
CN113613197A (en) 2021-11-05

Similar Documents

Publication Publication Date Title
CN113613197B (en) Pairing method and device for vehicle and digital key
EP4007321A1 (en) Information sharing method, terminal apparatus, storage medium, and computer program product
CN109417758B (en) Bluetooth connection method and terminal
CN110881184B (en) Communication method and device
RU2697645C1 (en) Method of protecting messages and corresponding device and system
EP3605989A1 (en) Information sending method, information receiving method, apparatus, and system
US9654981B2 (en) Data integrity for proximity-based communication
US9615257B2 (en) Data integrity for proximity-based communication
CN105141568B (en) Secured communication channel method for building up and system, client and server
EP4099733A1 (en) Security authentication method and apparatus, and electronic device
WO2015027712A1 (en) Network access method of mobile terminal, mobile terminal, and terminal device
EP3308519A1 (en) System, apparatus and method for transferring ownership of a device from manufacturer to user using an embedded resource
EP3956792B1 (en) Cryptographic key generation for mobile communications device
EP4021048A1 (en) Identity authentication method and apparatus
KR20240004874A (en) Pairing of groups of accessories
US20210243599A1 (en) User authentication method through bluetooth device and device therefor
CN114553612B (en) Data encryption and decryption method and device, storage medium and electronic equipment
US9654975B2 (en) Method and device for authenticating a mobile device
WO2023240574A1 (en) Information processing method and apparatus, communication device and storage medium
CN117643088A (en) Key generation method and device, communication equipment and storage medium
CN114650537A (en) Credit relay communication method, device, terminal and network side equipment
CN116260607A (en) Communication method, device, storage medium, electronic equipment and server
CN116889002A (en) Information processing method, apparatus, communication device and storage medium
CN115460579A (en) Processing method and obtaining method of key material, information transmission method and equipment
CN115460580A (en) Sending method and obtaining method of key material, information transmission method and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant