CN113946852A - Vehicle-mounted intelligent data dynamic encryption method - Google Patents

Vehicle-mounted intelligent data dynamic encryption method Download PDF

Info

Publication number
CN113946852A
CN113946852A CN202111254018.0A CN202111254018A CN113946852A CN 113946852 A CN113946852 A CN 113946852A CN 202111254018 A CN202111254018 A CN 202111254018A CN 113946852 A CN113946852 A CN 113946852A
Authority
CN
China
Prior art keywords
key
mod
vehicle
rsa
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111254018.0A
Other languages
Chinese (zh)
Inventor
梁渝
江畅
谷雨
彭书遥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Zhenlianhui Internet Of Things Technology Co ltd
Original Assignee
Chongqing Zhenlianhui Internet Of Things Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Zhenlianhui Internet Of Things Technology Co ltd filed Critical Chongqing Zhenlianhui Internet Of Things Technology Co ltd
Priority to CN202111254018.0A priority Critical patent/CN113946852A/en
Publication of CN113946852A publication Critical patent/CN113946852A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data encryption, in particular to a dynamic encryption method for vehicle-mounted intelligent data. The RSA encryption algorithm is combined with the D-H key exchange algorithm, so that keys transmitted by each terminal for data transmission are different and dynamically generated, the whole system cannot be greatly damaged even if the keys are leaked, and the leaked keys can be quickly invalidated. The technical effects that the same information is encrypted by different secret keys to obtain the ciphertext are different, and the problem of cracking by using a brute force attack method is solved.

Description

Vehicle-mounted intelligent data dynamic encryption method
Technical Field
The invention relates to the technical field of data encryption, in particular to a data dynamic encryption technology based on vehicle-mounted mobile equipment, and specifically relates to a vehicle-mounted intelligent data dynamic encryption method.
Background
Since the middle of the 20 th century, with the continuous development of various technologies in the information field such as computer technology and the like, the mobile internet of things technology is continuously improved from scratch, and a powerful comprehensive technology is added for vehicle safety and monitoring. For more than half a century, with the rapid development of the information technology field and the fundamental improvement of the information collection technology in the traffic field, the security in data transmission is also faced with serious challenges. The current data encryption methods AES, DES and RSA all need the secret keys agreed by the two transmission parties in advance, and the encryption mode has two problems:
(1) keys are easily cracked once they are revealed.
(2) The data after the encryption of the same protocol data is the same, so that the data is easy to crack violently.
In view of the above, based on the above encryption problem and the application scenario of vehicle security and monitoring, it is necessary to provide a method that the secret key does not cause too much damage to the entire system after being compromised, and can no longer be decrypted by using a brute force attack.
Disclosure of Invention
The invention aims to provide a vehicle-mounted intelligent data dynamic encryption method, which solves the problem that once a secret key is leaked, the data encrypted by the same protocol data is the same, the data is easily cracked violently by a data encryption technology based on internet big data.
In order to achieve the purpose, the invention adopts the following technical scheme: a dynamic encryption method for vehicle-mounted intelligent data is characterized in that an RSA encryption algorithm and a D-H key exchange algorithm are combined, and the method specifically comprises the following steps:
firstly, a server generates an RSA public key and a private key;
step two, RSA signature and signature verification: the client signs data through an RSA public key, and the server decrypts and verifies the data by using a private key so as to prevent the data from being forged;
thirdly, generating a data connection key: and acquiring public key data of the opposite party through a D-H key exchange algorithm, and generating respective session keys at the two nodes.
The principle and the advantages of the scheme are as follows: the key exchange algorithm is adopted to carry out dynamic key agreement on the key, so that the key transmitted by each terminal in each data transmission is different and dynamically generated, the whole system cannot be greatly damaged even if the key is leaked, and the leaked key can be quickly invalidated. The technical effects that the same information is encrypted by different secret keys to obtain the ciphertext are different, and the problem of cracking by using a brute force attack method is solved.
Even if the eavesdropper steals the ciphertext and violently operates by sending the repeated ciphertext, the eavesdropping can generate a new session, but a new session key is changed according to a protocol, so that effective access cannot be realized by using the old ciphertext, and the effects of encryption and cracking prevention are achieved.
Preferably, as an improvement, the RSA encryption algorithm discloses the product of two large prime numbers as the encryption key. According to number theory, it is relatively simple to find two large prime numbers, while factoring their product is extremely difficult, so that its product is disclosed as an encryption key.
Preferably, as an improvement, the RSA encryption algorithm is as follows:
(1) randomly selecting two different large prime numbers p and q to calculate a product;
(2) randomly selecting a large integer e to satisfy
Figure BDA0003323282430000021
The integer e is used as an encryption key;
(3) a determined decryption key d, satisfy
Figure BDA0003323282430000022
Namely, it is
Figure BDA0003323282430000023
k is an arbitrary integer not less than 1; therefore, if e and
Figure BDA0003323282430000024
d is calculated.
Preferably, as an improvement, the D-H key exchange algorithm is used for transmission and distribution of keys.
Preferably, as an improvement, the D-H key exchange algorithm has one end a and the other end B to confirm the shared password used at this time; firstly, A and B agree a large prime number x and an original root y thereof, then A randomly generates a number a only known by A, calculates A1 as y a modx, and sends A1 to B; b randomly generating a number B known only by B, calculating B1 as y B modx, and sending B1 to A; then A calculates k ═ B1 a mod x; b, calculating k ═ A1B modx; the following equation is derived from the law of multiplication interchange and the law of multiplication combination, where k ═ A1B mod x ═ (y a mod x) B mod x ═ y ab mod x ═ (y B mod x) a mod x ═ B1 a mod x ═ k.
Preferably, as an improvement, during key exchange, the corresponding public key and private key are generated according to the obtained RSA key P.
Even if an eavesdropper obtains four data of x, y, A1 and B1 in the whole process, if the eavesdropper wants to obtain the key k, discrete logarithms a and B must be calculated firstly. The numerical values of a, b and x can be made larger during the call process, so that all the values of modx can be prevented from being obtained in an enumeration mode.
According to the D-H key exchange principle, if a party in communication wants to generate a session key of this time, public key data of the other party is acquired. For example, when the node a communicates with the node B, the node a obtains public key data of the node B by querying Authorization data stored in the Authorization server cluster, and finally generates a session key at the node a. The principle of the node B is the same as that of the node a. A symmetric key is determined in the system by rsdh _ computer _ key ().
Detailed Description
The following is further detailed by way of specific embodiments:
the invention discloses a dynamic encryption method for vehicle-mounted intelligent data, which is a data encryption technology based on vehicle-mounted equipment internet big data. The technical effects that the same information is encrypted by different secret keys to obtain the ciphertext are different, and the problem of cracking by using a brute force attack method is solved.
Even if the eavesdropper steals the ciphertext and violently operates by sending the repeated ciphertext, the eavesdropping can generate a new session, but a new session key is changed according to a protocol, so that effective access cannot be realized by using the old ciphertext, and the effects of encryption and cracking prevention are achieved.
The invention provides a dynamic encryption method for vehicle-mounted intelligent data, which is combined by an RSA encryption algorithm and a D-H secret key exchange algorithm and comprises the following specific steps:
firstly, generating an RSA public key and a private key by an Internet of vehicles server;
step two, RSA signature and signature verification: the vehicle-mounted client signs data through the RSA public key, and the vehicle-mounted server decrypts and verifies the data by using a private key so as to prevent the data from being forged;
thirdly, generating a data connection key: and acquiring public key data of the opposite party through a D-H key exchange algorithm, and generating respective session keys at the two nodes.
The principle and the advantages of the scheme are as follows: the key exchange algorithm is adopted to carry out dynamic key agreement on the key, so that the key transmitted by each vehicle-mounted terminal in each data transmission is different and dynamically generated, the whole vehicle networking system cannot be greatly damaged even if the key is leaked, and the leaked key can be quickly invalidated. The technical effects that the same information is encrypted by different secret keys to obtain the ciphertext are different, and the problem of cracking by using a brute force attack method is solved.
Even if the eavesdropper steals the ciphertext and violently operates by sending the repeated ciphertext, the eavesdropping can generate a new session, but a new session key is changed according to a protocol, so that effective access cannot be realized by using the old ciphertext, and the effects of encryption and cracking prevention are achieved.
The RSA encryption algorithm discloses the product of two large prime numbers as an encryption key. According to number theory, it is relatively simple to find two large prime numbers, while factoring their product is extremely difficult, so that its product is disclosed as an encryption key. The RSA encryption algorithm is as follows:
(1) randomly selecting two different large prime numbers p and q to calculate a product;
(2) randomly selecting a large integer e to satisfy
Figure BDA0003323282430000041
The integer e is used as a key (note: e is easily selected, e.g., the integer value of the approximate one-minute average speed of the e-source vehicle and the prime number greater than the product of p and q are both available);
(3) a determined decryption key d, satisfy
Figure BDA0003323282430000042
Namely, it is
Figure BDA0003323282430000043
k is an arbitrary integer not less than 1; therefore, if e and
Figure BDA0003323282430000044
d is calculated.
The D-H key exchange algorithm is used for the transmission and distribution of the key. D-H key exchange algorithm, one end is A, another end is B, in order to confirm the shared cipher used this time; firstly, A and B agree a large prime number x and an original root y thereof, then A randomly generates a number a only known by A, calculates A1 as y a modx, and sends A1 to B; b randomly generates a number B known only to B, calculates B1 ═ y B modx, and sends B1 to a; then A calculates k ═ B1 a mod x; b, calculating k ═ A1B modx; the following equation is derived from the law of multiplication interchange and the law of multiplication combination, where k ═ A1B mod x ═ (y a mod x) B mod x ═ y ab mod x ═ (y B mod x) a mod x ═ B1 a mod x ═ k.
And during key exchange, generating a corresponding public key and a corresponding private key according to the obtained RSA key P.
Even if an eavesdropper obtains four data of x, y, A1 and B1 in the whole process, if the eavesdropper wants to obtain the key k, discrete logarithms a and B must be calculated firstly. The numerical values of a, b and x can be made larger during the call process, so that all the values of modx can be prevented from being obtained in an enumeration mode.
According to the D-H key exchange principle, if a party in communication wants to generate a session key of this time, public key data of the other party is acquired. For example, when the node a communicates with the node B, the node a obtains public key data of the node B by querying Authorization data stored in the Authorization server cluster, and finally generates a session key at the node a. The principle of the node B is the same as that of the node a. A symmetric key is determined in the system by rsdh _ computer _ key ().
In the embodiment of the present invention, during key exchange, generating a corresponding public key and a corresponding private key according to the obtained RSA key P specifically includes: A. b is two nodes in the network, the A node randomly generates Xa, and the B node randomly generates Xb; xa and Xb correspond to respective private keys of the two nodes, that is, Ya ═ Xa × P, Yb ═ Xb × P, and Ya and Yb correspond to respective public keys of the two nodes. When a sends Ya to B and B sends Yb to a, it is difficult for an eavesdropper to steal but want to solve it in the case of the ciphertext of RSA. The eavesdropper cannot calculate Xa, Xb. When a obtains Yb of B, H ═ Xa × Yb can be calculated, i.e., a symmetric key H is obtained by exchanging D-H keys between its own private key Xa and public key Yb of a, and similarly, Ya of B obtains a calculates H2 ═ Xb ═ Ya. The symmetric key H2 is then derived from its own private key Xb and B's public key Ya by D-H key exchange.
The use of the RSA encryption algorithm in combination with the D-H key exchange algorithm further enhances security. The exchanged secret key is a public key in a secret key pair generated by an asymmetric cryptographic algorithm such as RSA and the like, and each node of the private key is independently stored and is not exposed to anyone, so that the communication safety is ensured; and all data are signed and verified in the process of key exchange, so that the identity authenticity of the network access person is ensured.
The foregoing is merely an example of the present invention and common general knowledge in the art of designing and/or characterizing particular aspects and/or features is not described in any greater detail herein. It should be noted that, for those skilled in the art, variations and modifications can be made without departing from the technical solution of the present invention, and those skilled in the art can understand the specific meaning of the above terms in the present invention according to specific situations. These should also be construed as the scope of the present invention, and they should not be construed as affecting the effectiveness of the practice of the present invention or the applicability of the patent. The scope of the claims of the present application shall be determined by the contents of the claims, and the description of the embodiments and the like in the specification shall be used to explain the contents of the claims.

Claims (6)

1. A dynamic encryption method for vehicle-mounted intelligent data is characterized by comprising the following steps: the encryption method is combined by an RSA encryption algorithm and a D-H secret key exchange algorithm, and comprises the following specific steps:
firstly, a server generates an RSA public key and a private key;
step two, RSA signature and signature verification: the client signs data through an RSA public key, and the server decrypts and verifies the data by using a private key so as to prevent the data from being forged;
thirdly, generating a data connection key: and acquiring public key data of the opposite party through a D-H key exchange algorithm, and generating respective session keys at the two nodes.
2. The dynamic encryption method for the vehicle-mounted intelligent data according to claim 1, characterized in that: the RSA encryption algorithm discloses the product of two large prime numbers as an encryption key.
3. The dynamic encryption method for the vehicle-mounted intelligent data according to claim 2, characterized in that: the RSA encryption algorithm is as follows:
(1) randomly selecting two different large prime numbers p and q to calculate a product;
(2) randomly selecting a large integer e to satisfy
Figure FDA0003323282420000011
The integer e is used as an encryption key;
(3) a determined decryption key d, satisfy
Figure FDA0003323282420000014
Namely, it is
Figure FDA0003323282420000012
Is an arbitrary integer; therefore, if e and
Figure FDA0003323282420000013
d is calculated.
4. The dynamic encryption method for the vehicle-mounted intelligent data according to claim 1, characterized in that: the D-H key exchange algorithm is used for the transmission and distribution of the key.
5. The dynamic encryption method for the vehicle-mounted intelligent data according to claim 4, characterized in that: D-H key exchange algorithm, one end is A, another end is B, in order to confirm the shared cipher used this time; firstly, A and B agree a large prime number x and an original root y thereof, then A randomly generates a number a only known by A, calculates A1 as y a modx, and sends A1 to B; b randomly generating a number B known only by B, calculating B1 as y B modx, and sending B1 to A; then A calculates k ═ B1 a mod x; b, calculating k ═ A1B modx; the following equation is derived from the law of multiplication interchange and the law of multiplication combination, where k ═ A1B mod x ═ (y a mod x) B mod x ═ y ab mod x ═ (y B mod x) a mod x ═ B1 a mod x ═ k.
6. The dynamic encryption method for the vehicle-mounted intelligent data according to claim 5, characterized in that: and during key exchange, generating a corresponding public key and a corresponding private key according to the obtained RSA key P.
CN202111254018.0A 2021-10-27 2021-10-27 Vehicle-mounted intelligent data dynamic encryption method Pending CN113946852A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111254018.0A CN113946852A (en) 2021-10-27 2021-10-27 Vehicle-mounted intelligent data dynamic encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111254018.0A CN113946852A (en) 2021-10-27 2021-10-27 Vehicle-mounted intelligent data dynamic encryption method

Publications (1)

Publication Number Publication Date
CN113946852A true CN113946852A (en) 2022-01-18

Family

ID=79332720

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111254018.0A Pending CN113946852A (en) 2021-10-27 2021-10-27 Vehicle-mounted intelligent data dynamic encryption method

Country Status (1)

Country Link
CN (1) CN113946852A (en)

Similar Documents

Publication Publication Date Title
CN107947913B (en) Anonymous authentication method and system based on identity
US8670563B2 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
US7716482B2 (en) Conference session key distribution method in an ID-based cryptographic system
US6697488B1 (en) Practical non-malleable public-key cryptosystem
CN111277412B (en) Data security sharing system and method based on block chain key distribution
CN107733648A (en) The RSA digital signature generation method and system of a kind of identity-based
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN110278088A (en) A kind of SM2 collaboration endorsement method
CN113285959A (en) Mail encryption method, decryption method and encryption and decryption system
CN110999202A (en) Computer-implemented system and method for highly secure, high-speed encryption and transmission of data
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN111988299A (en) Method for establishing trusted link between client and server
CN113852460A (en) Implementation method and system for enhancing safety of working key based on quantum key
CN1472914A (en) High performance and quick public pin encryption
CN109104278A (en) A kind of encrypting and decrypting method
CN110519226B (en) Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate
Gupta et al. Enhancement of Security of Diffie-Hellman Key Exchange Protocol using RSA Cryptography.
CN113132104A (en) Active and safe ECDSA (electronic signature SA) digital signature two-party generation method
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage
CN111656728B (en) Device, system and method for secure data communication
CN116599659B (en) Certificate-free identity authentication and key negotiation method and system
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
CN111245609A (en) Secret sharing and random number based quantum secret communication key distribution and negotiation system and method thereof
CN114189338B (en) SM9 key secure distribution and management system and method based on homomorphic encryption technology
CN113946852A (en) Vehicle-mounted intelligent data dynamic encryption method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination