CN114124401A - Data authentication method, device, equipment and storage medium - Google Patents
Data authentication method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN114124401A CN114124401A CN202111290898.7A CN202111290898A CN114124401A CN 114124401 A CN114124401 A CN 114124401A CN 202111290898 A CN202111290898 A CN 202111290898A CN 114124401 A CN114124401 A CN 114124401A
- Authority
- CN
- China
- Prior art keywords
- check code
- verification
- authentication
- authentication data
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000012795 verification Methods 0.000 claims abstract description 112
- 238000004891 communication Methods 0.000 claims description 15
- 238000013461 design Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 5
- 238000004590 computer program Methods 0.000 description 3
- 230000000246 remedial effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 230000007488 abnormal function Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
Abstract
The application provides a data authentication method, a device, equipment and a storage medium, relates to the technical field of vehicles, and can improve the success probability of vehicle-mounted important data authentication. The method comprises the following steps: determining that first authentication data stored in a Micro Control Unit (MCU) does not pass the verification of a first check code; the first check code is stored in the MCU in advance; acquiring second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance; and in the case that the second authentication data passes the verification of the second check code, performing an authentication operation based on the second authentication data.
Description
Technical Field
The present application relates to the field of vehicle technologies, and in particular, to a data authentication method, apparatus, device, and storage medium.
Background
Currently, important data for authentication in an in-vehicle infotainment (IVI) system are generally stored in a solid state memory FLASH of a Micro Controller Unit (MCU).
However, the power supply of the IVI system usually comes from the vehicle body battery and the engine, but the electronic environment interference in the vehicle is much, such as power supply noise interference during ignition and transient current fluctuation caused by power on and power off of the battery are too large, which may cause logic disorder of the circuit in the MCU, and the important data cannot be read from the FLASH with the reading signal in a stable state, thereby causing problems of the IVI system such as abnormal function and authentication failure.
Disclosure of Invention
The application provides a data authentication method, a device, equipment and a storage medium, which can improve the success probability of the authentication of vehicle-mounted important data.
In order to achieve the purpose, the technical scheme is as follows:
in a first aspect, the present application provides a data authentication method applied to a system on chip SOC, where the method may include: determining that first authentication data stored in a Micro Control Unit (MCU) does not pass the verification of a first check code; the first check code is stored in the MCU in advance; acquiring second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance; and in the case that the second authentication data passes the verification of the second check code, performing an authentication operation based on the second authentication data.
Optionally, determining that the first authentication data stored in the MCU does not pass the verification of the first check code includes: receiving a verification failure message sent by the MCU; the verification failure message is used for indicating that the first authentication data does not pass the verification of the first verification code; the verification failure message is generated by the MCU under the condition that the first authentication data does not pass the verification of the first verification code.
Optionally, determining that the first authentication data stored in the MCU does not pass the verification of the first check code includes: acquiring first authentication data and a first check code; determining a target check code of the first authentication data; and under the condition that the target check code is inconsistent with the first check code, determining that the first authentication data stored in the MCU does not pass the verification of the first check code.
Optionally, under the condition that the target check code is consistent with the first check code, the second authentication data in the SOC is updated based on the received first authentication data, and the second check code in the SOC is updated based on the received first check code.
Optionally, the obtaining the first authentication data and the first check code includes: receiving a verification success message sent by the MCU, and acquiring first authentication data and a first verification code from the verification success message; the verification success message is generated by the MCU after the first authentication data is determined to pass the verification of the first verification code.
In a second aspect, the present application provides a data authentication device, which is applied to a system on chip SOC, and includes: the determining unit is used for determining that the first authentication data stored in the MCU does not pass the verification of the first check code; the first check code is stored in the MCU in advance; the acquisition unit is used for acquiring second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance; and the authentication unit is used for executing authentication operation based on the second authentication data under the condition that the second authentication data passes the verification of the second check code.
Optionally, the determining unit is specifically configured to: receiving a verification failure message sent by the MCU; the verification failure message is used for indicating that the first authentication data does not pass the verification of the first verification code; the verification failure message is generated by the MCU under the condition that the first authentication data does not pass the verification of the first verification code.
Optionally, the determining unit is specifically configured to: acquiring first authentication data and a first check code; determining a target check code of the first authentication data; and under the condition that the target check code is inconsistent with the first check code, determining that the first authentication data stored in the MCU does not pass the verification of the first check code.
Optionally, the data authentication apparatus further includes an updating unit; the updating unit is used for updating the second authentication data in the SOC based on the received first authentication data under the condition that the target check code is consistent with the first check code, and updating the second check code in the SOC based on the received first check code.
Optionally, the obtaining unit is specifically configured to: receiving a verification success message sent by the MCU, and acquiring first authentication data and a first verification code from the verification success message; the verification success message is generated by the MCU after the first authentication data is determined to pass the verification of the first verification code.
In a third aspect, the present application provides a terminal, including: a processor, a communication interface, and a memory. Wherein the memory is used to store one or more programs. The one or more programs include computer executable instructions which, when executed by the terminal, cause the terminal to perform the data authentication method of the first aspect and any of its various alternative implementations.
In a fourth aspect, the present application provides a computer-readable storage medium, in which instructions are stored, and when the instructions are executed by a computer, the computer executes the data authentication method of any one of the first aspect and various optional implementations thereof.
In a fifth aspect, the present application provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the data authentication method of any one of the above first aspect and its various alternative implementations.
According to the data authentication method and device, the second authentication data and the second CRC code are stored in the EMMC of the SOC. After the SOC receives the verification failure message sent by the MCU, the SOC determines that the first authentication data in the MCU fails to be verified. Further, the SOC obtains second authentication data and a second CRC code from the EMMC to check the second authentication data, and determines to provide an authentication basis for the application program of the IVI system based on the second authentication data when the second authentication data passes the second CRC code check. Therefore, even if the MCU reads data errors caused by factors such as circuit logic disorder or current fluctuation in the process of reading the first authentication data, the SOC can ensure that all functions of the IVI system are normal according to the stored second authentication data.
Drawings
Fig. 1 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of another terminal provided in the embodiment of the present application;
fig. 3 is a schematic flowchart of a data authentication method according to an embodiment of the present application;
fig. 4 is a schematic flowchart of another data authentication method according to an embodiment of the present application;
fig. 5 is a schematic flowchart of another data authentication method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a data authentication device according to an embodiment of the present application.
Detailed Description
A data authentication method, an apparatus, a device and a storage medium provided in the embodiments of the present application are described in detail below with reference to the accompanying drawings.
The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone.
The terms "first" and "second" and the like in the description and drawings of the present application are used for distinguishing different objects or for distinguishing different processes for the same object, and are not used for describing a specific order of the objects.
Furthermore, the terms "including" and "having," and any variations thereof, as referred to in the description of the present application, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may alternatively include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
In the description of the present application, the meaning of "a plurality" means two or more unless otherwise specified.
The data authentication method provided by the embodiment of the application can be applied to the terminal shown in figure 1,
as shown in fig. 1, the terminal 10 includes a system-on-a-chip (SOC) and an MCU, and the terminal 12 may be a vehicle communication terminal.
The SOC and the MCU can be in communication connection through a line.
It should be noted that fig. 1 is only an exemplary architecture diagram, and the terminal may include other functional units besides the functional units shown in fig. 1, which is not limited in this embodiment of the application.
Fig. 2 shows a schematic diagram of a possible structure of the terminal, and as shown in fig. 2, the terminal 20 includes a processor 201, a communication interface 202, a communication line 203, and a memory 204.
The processor 201 may be a CPU, a general purpose processor Network (NP), a Digital Signal Processor (DSP), a microprocessor, a microcontroller, a Programmable Logic Device (PLD), or any combination thereof. The processor 201 may also be other devices with processing functions, such as, without limitation, a circuit, a device, or a software module. In one example, processor 201 may include one or more CPUs, such as CPU0 and CPU1 in fig. 2.
A communication interface 202 for communicating with other devices or other communication networks. The other communication network may be an ethernet, a Radio Access Network (RAN), a Wireless Local Area Network (WLAN), or the like. The communication interface may be a module, a circuit, a communication interface, or any device capable of enabling communication.
A communication line 203 for transmitting information between the respective components included in the data authentication system.
A memory 204 for storing instructions. Wherein the instructions may be a computer program.
The memory 204 may be a read-only memory (ROM) or other types of static storage devices that can store static information and/or instructions, a Random Access Memory (RAM) or other types of dynamic storage devices that can store information and/or instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disc storage, optical disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disc storage medium or other magnetic storage devices, and the like, without limitation.
It is noted that the memory 204 may exist separately from the processor 201 or may be integrated with the processor 201. The memory 204 may be used for storing instructions or program code or some data etc. The memory 302 may be located inside the terminal 20 or outside the terminal 20, without limitation. The processor 201 is configured to execute the instructions stored in the memory 204 to implement the data authentication method provided in the following embodiments of the present application.
As an alternative implementation, the terminal 20 includes multiple processors, for example, the processor 207 may be included in addition to the processor 201 in fig. 2.
As an alternative implementation, the terminal 20 further comprises an output device 205 and an input device 206. Illustratively, the input device 205 is a keyboard, mouse, microphone, joystick, or the like, and the output device 205 is a display screen, speaker (spaker), or the like.
In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices.
In addition, acts, terms, and the like referred to between the embodiments of the present application may be mutually referenced and are not limited. In the embodiment of the present application, the name of the message exchanged between the devices or the name of the parameter in the message, etc. are only an example, and other names may also be used in the specific implementation, which is not limited.
In addition, acts, terms, and the like referred to between the embodiments of the present application may be mutually referenced and are not limited. In the embodiment of the present application, the name of the message exchanged between the devices or the name of the parameter in the message, etc. are only an example, and other names may also be used in the specific implementation, which is not limited.
The embodiment of the present application provides a data authentication method, which may be applied to the terminal, or may be applied to a data authentication device included in the terminal, or may be applied to other similar devices including the authentication device. Hereinafter, the data authentication method will be described by taking an example of the application to the SOC. As shown in fig. 3, the method may include S301-S304:
s301, the SOC determines that the first authentication data stored in the MCU does not pass the verification of the first check code.
The first check code is stored in the MCU in advance. As a possible implementation manner, the SOC may verify that the first authentication data fails to pass the first check code by receiving a check failure message sent by the MCU.
It should be noted that the authentication data is data for performing an authentication operation, and the first check code is used for verifying the authentication data. The first check code is pre-stored in a solid-state memory FLASH in the MCU, and the check code can be a cyclic redundancy check CRC code.
Additionally, the authentication data may include an identification number TUID, a Vehicle Identification Number (VIN), and a vehicle model configuration number.
The specific implementation manner of this step may refer to the following description of S3011-S3015, which is not described herein again.
S302, the SOC acquires second authentication data and a second check code.
And the second authentication data and the second check code are both pre-stored in the SOC.
As a possible implementation manner, the SOC may obtain the second authentication data and the second check code from the embedded multimedia card EMMC of the SOC.
It should be noted that the SOC may establish a communication connection with the MCU through a universal asynchronous receiver/transmitter (UART) and a Controller Area Network (CAN) to receive the authentication data and the check code sent by the MCU, and store the received authentication data and the check code in the EMMC to form second authentication data and a second check code.
S303, the SOC judges whether the second authentication data passes the verification of the second verification code;
s304, the SOC executes authentication operation based on the second authentication data under the condition that the second authentication data passes the verification of the second check code.
As a possible implementation manner, the SOC may perform the identification, authentication and application configuration through the second authentication data.
It can be understood that when the first authentication data stored in the MCU of the SOC does not pass the verification of the first check code, the SOC determines whether the second authentication data in the SOC can pass the verification of the second check code, thereby avoiding the problems of erroneous vehicle type configuration and identity verification failure in the IVI vehicle type caused by no remedial measures after the MCU authenticates the data and verifies the error in the prior art.
In one design, in order to determine that the first authentication data stored in the MCU does not pass the verification of the first check code, as shown in fig. 4, S301 provided in this embodiment of the present application specifically includes the following S3011:
s3011, the SOC receives a verification failure message sent by the MCU.
Wherein, the check failure message is used for indicating that the first authentication data fails the verification of the first check code. The verification failure message is generated by the MCU under the condition that the first authentication data does not pass the verification of the first verification code.
As a possible implementation manner, the SOC may receive the verification failure message sent by the MCU through a communication interface such as UART and SPI.
In some embodiments, when the IVI system is started, the MCU may calculate whether the first authentication data can pass the first check code by reading the first authentication data and the first check code in the FLASH.
It can be understood that after the authentication data in the MCU fails to be verified, the MCU actively sends a failure message to the SOC, thereby avoiding no remedial measures after the authentication data in the MCU fails to be verified and improving the success rate of authentication.
In one design, in order to determine that the first authentication data stored in the MCU does not pass the verification of the first check code, as shown in fig. 4, S301 provided in this embodiment of the present application further includes the following steps S3012 to S3015:
s3012, the SOC obtains the first authentication data and the first check code.
As a possible implementation manner, the SOC may obtain the first authentication data and the first check code from the MCU.
S3013, the SOC determines a target check code of the first authentication data.
And the target check code is calculated by the SOC according to the first authentication data.
As a possible implementation manner, the SOC calculates the target check code according to the first authentication data.
It should be noted that the target validation code may be a CRC code.
S3014, the SOC judges whether the target check code is consistent with the first check code.
S3015, the SOC determines that the first authentication data stored in the MCU fails to pass the verification of the first check code under the condition that the target check code is inconsistent with the first check code.
It can be understood that the SOC may calculate the corresponding target verification code according to the first authentication data in the MCU, and compare the target verification code with the first verification code in the MCU to determine whether the target verification code is consistent with the first verification code, thereby improving the accuracy of the authentication data.
In one design, in a case that the target check code is consistent with the first check code, as shown in fig. 4, after S3014 provided in this embodiment of the present application, the method further includes the following S401-S402:
s401, the SOC updates second authentication data in the SOC based on the received first authentication data.
As a possible implementation manner, the SOC may delete the second authentication data currently stored in the EMMC and store the received first authentication data to update the second authentication data in the SOC.
Note that the SOC may store the first authentication data in the EMMC.
S402, the SOC updates a second check code in the SOC based on the received first check code.
As a possible implementation manner, the SOC may delete the second check code currently stored in the EMMC and store the received first check code to update the second check code in the SOC.
Note that the SOC may store the first check code in the EMMC.
It can be understood that the SOC may improve the success rate of the SOC acquiring the authentication data from the EMMC by updating the second check code and the second validation data in the SOC.
In one design, in order to obtain the first authentication data and the first check code, as shown in fig. 5, S3012 provided in this embodiment of the present application specifically includes the following S501-502:
s501, the SOC receives a verification success message sent by the MCU.
And the verification success message is generated after the MCU determines that the first authentication data passes the verification of the first verification code.
It should be noted that the verification success message includes the first authentication data and the first verification code.
In some embodiments, the MCU reads the first authentication data and the first check code in the FLASH, and generates a check success message when the first authentication data passes the first check code.
S502, the SOC acquires the first authentication data and the first check code from the check success message.
In one possible implementation, the SOC parses the verification success message to obtain the first authentication data and the first check code
It can be understood that the EMMC of the SOC stores the second authentication data and the second CRC code. After the SOC receives the verification failure message sent by the MCU, the SOC determines that the first authentication data in the MCU fails to be verified. Further, the SOC obtains second authentication data and a second CRC code from the EMMC to check the second authentication data, and determines to provide an authentication basis for the application program of the IVI system based on the second authentication data when the second authentication data passes the second CRC code check. Therefore, even if the MCU reads data errors caused by factors such as circuit logic disorder or current fluctuation in the process of reading the first authentication data, the SOC can ensure that all functions of the IVI system are normal according to the stored second authentication data.
In the embodiment of the present application, the terminal may be divided into the functional modules or the functional units according to the above method examples, for example, each functional module or each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one module. The integrated module may be implemented in a form of hardware, or may be implemented in a form of a software functional module or a functional unit. The division of the modules or units in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
Fig. 6 is a schematic diagram of a possible structure of the data authentication device according to the above embodiment. As shown in fig. 6, the data authentication apparatus 60 includes a determining unit 601, an obtaining unit 602, and an authentication unit 603.
The determining unit 601 is configured to determine that the first authentication data stored in the MCU does not pass the verification of the first check code; the first check code is stored in the MCU in advance. For example, as shown in fig. 3, the determination unit 601 may be configured to perform S301.
An obtaining unit 602, configured to obtain second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance; for example, as shown in fig. 3, the obtaining unit 602 is configured to execute S302.
An authentication unit 603, configured to perform an authentication operation based on the second authentication data if the second authentication data passes the check of the second check code. For example, as shown in fig. 3, the authentication unit 603 is configured to execute S303.
The data authentication device 60 may be implemented by referring to the behavior function of the data authentication device in the data authentication method shown in fig. 3.
In a possible design, as shown in fig. 6, the determining unit 601 provided in the embodiment of the present application is specifically configured to: receiving a verification failure message sent by the MCU; the verification failure message is used for indicating that the first authentication data does not pass the verification of the first verification code; the verification failure message is generated by the MCU under the condition that the first authentication data does not pass the verification of the first verification code. For example, as shown in fig. 4, the determination unit 601 may also be configured to execute S3012-S3015.
In a possible design, as shown in fig. 6, the determining unit 601 provided in the embodiment of the present application is specifically configured to: acquiring first authentication data and a first check code; determining a target check code of the first authentication data; and under the condition that the target check code is inconsistent with the first check code, determining that the first authentication data stored in the MCU does not pass the verification of the first check code. For example, as shown in fig. 5, the determination unit 601 may also be configured to perform S3031-S3033.
In a possible design, as shown in fig. 6, the data authentication apparatus provided in the embodiment of the present application further includes an updating unit 604; the updating unit 604 is configured to update the second authentication data in the SOC based on the received first authentication data and update the second check code in the SOC based on the received first check code if the target check code is identical to the first check code. For example, as shown in FIG. 4, the updating unit 604 may also be used to perform S401-S402.
In one possible design, as shown in fig. 6, the obtaining unit 602 is specifically configured to: receiving a verification success message sent by the MCU, and acquiring first authentication data and a first verification code from the verification success message; the verification success message is generated by the MCU after the first authentication data is determined to pass the verification of the first verification code. For example, as shown in fig. 5, the obtaining unit 602 may also be configured to perform S501-S502.
It can be understood that the data authentication apparatus provided in the present application stores the second authentication data and the second CRC code in the EMMC of the SOC. After the SOC receives the verification failure message sent by the MCU, the SOC determines that the first authentication data in the MCU fails to be verified. Further, the SOC obtains second authentication data and a second CRC code from the EMMC to check the second authentication data, and determines to provide an authentication basis for the application program of the IVI system based on the second authentication data when the second authentication data passes the second CRC code check. Therefore, even if the MCU reads data errors caused by factors such as circuit logic disorder or current fluctuation in the process of reading the first authentication data, the SOC can ensure that all functions of the IVI system are normal according to the stored second authentication data.
Through the above description of the embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.
The present application provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the data authentication method in the above method embodiments.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the data authentication apparatus executes the instructions, the data authentication apparatus executes each step executed by the data authentication apparatus in the method flow shown in the above method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an Erasable Programmable Read-Only Memory (EPROM), a register, a hard disk, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, any suitable combination of the above, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuit (ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (12)
1. A data authentication method is applied to a System On Chip (SOC), and is characterized by comprising the following steps:
determining that first authentication data stored in a Micro Control Unit (MCU) does not pass the verification of a first check code; the first check code is stored in the MCU in advance;
acquiring second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance;
performing an authentication operation based on the second authentication data if the second authentication data passes the verification of the second check code.
2. The data authentication method of claim 1, wherein the determining that the first authentication data stored in the MCU fails to pass the verification of the first check code comprises:
receiving a verification failure message sent by the MCU; the check failure message is used for indicating that the first authentication data fails to pass the verification of the first check code; the verification failure message is generated by the MCU under the condition that the first authentication data fails to pass the verification of the first verification code.
3. The data authentication method of claim 1, wherein the determining that the first authentication data stored in the MCU fails to pass the verification of the first check code comprises:
acquiring the first authentication data and the first check code;
determining a target check code of the first authentication data;
and under the condition that the target check code is inconsistent with the first check code, determining that the first authentication data stored in the MCU fails to pass the verification of the first check code.
4. The data authentication method of claim 3, wherein the method further comprises:
updating the second authentication data in the SOC based on the received first authentication data and updating the second check code in the SOC based on the received first check code if the target check code is identical to the first check code.
5. The data authentication method of claim 4, wherein the obtaining the first authentication data and the first check code comprises:
receiving a verification success message sent by the MCU, and acquiring the first authentication data and the first verification code from the verification success message; the verification success message is generated by the MCU after determining that the first authentication data passes the verification of the first verification code.
6. A data authentication device is applied to a System On Chip (SOC), and is characterized by comprising a determining unit, an obtaining unit and an authentication unit;
the determining unit is used for determining that the first authentication data stored in the MCU does not pass the verification of the first check code; the first check code is stored in the MCU in advance;
the acquiring unit is used for acquiring second authentication data and a second check code; the second authentication data and the second check code are stored in the SOC in advance;
and the authentication unit is used for executing authentication operation based on the second authentication data under the condition that the second authentication data passes the verification of the second check code.
7. The data authentication device of claim 6, wherein the determining unit is specifically configured to:
receiving a verification failure message sent by the MCU; the check failure message is used for indicating that the first authentication data fails to pass the verification of the first check code; the verification failure message is generated by the MCU under the condition that the first authentication data fails to pass the verification of the first verification code.
8. The data authentication device of claim 6, wherein the determining unit is specifically configured to:
acquiring the first authentication data and the first check code;
determining a target check code of the first authentication data;
and under the condition that the target check code is inconsistent with the first check code, determining that the first authentication data stored in the MCU fails to pass the verification of the first check code.
9. The data authentication device of claim 8, further comprising an update unit;
the updating unit is configured to update the second authentication data in the SOC based on the received first authentication data and update the second check code in the SOC based on the received first check code, if the target check code is identical to the first check code.
10. The data authentication device of claim 9, wherein the obtaining unit is specifically configured to:
receiving a verification success message sent by the MCU, and acquiring the first authentication data and the first verification code from the verification success message; the verification success message is generated by the MCU after determining that the first authentication data passes the verification of the first verification code.
11. A terminal, characterized in that the terminal comprises: a processor, a communication interface, and a memory; wherein the memory is used for storing one or more programs, the one or more programs comprising computer executable instructions, and when the terminal runs, the processor executes the computer executable instructions stored in the memory to make the terminal execute the data authentication method of any one of claims 1 to 5.
12. A computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computer, cause the computer to perform the data authentication method of any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111290898.7A CN114124401B (en) | 2021-11-02 | 2021-11-02 | Data authentication method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111290898.7A CN114124401B (en) | 2021-11-02 | 2021-11-02 | Data authentication method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114124401A true CN114124401A (en) | 2022-03-01 |
| CN114124401B CN114124401B (en) | 2023-11-17 |
Family
ID=80380238
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111290898.7A Active CN114124401B (en) | 2021-11-02 | 2021-11-02 | Data authentication method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114124401B (en) |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150363187A1 (en) * | 2014-06-16 | 2015-12-17 | Wipro Limited | Systems and methods for installing upgraded software on electronic devices |
| CN105376249A (en) * | 2015-11-30 | 2016-03-02 | 上海汽车集团股份有限公司 | Account login method for vehicular information entertainment system and vehicular equipment |
| CN105519028A (en) * | 2015-07-01 | 2016-04-20 | 海能达通信股份有限公司 | Wireless system access control method and apparatus |
| CN105653390A (en) * | 2014-11-10 | 2016-06-08 | 无锡华润矽科微电子有限公司 | SoC system verification method |
| CN107040501A (en) * | 2016-02-04 | 2017-08-11 | 杭州华为企业通信技术有限公司 | It is the authentication method and device of service based on platform |
| WO2017152875A1 (en) * | 2016-03-11 | 2017-09-14 | 比亚迪股份有限公司 | Secure communication method and apparatus for vehicle, vehicle multimedia system, and vehicle |
| CN109800104A (en) * | 2018-12-18 | 2019-05-24 | 盛科网络(苏州)有限公司 | Detection method, device, storage medium and the electronic device of data storage |
| CN110176990A (en) * | 2019-05-15 | 2019-08-27 | 百度在线网络技术(北京)有限公司 | Vehicle assembly replaces recognition methods, device, computer equipment and storage medium |
| CN110389778A (en) * | 2019-07-19 | 2019-10-29 | 苏州浪潮智能科技有限公司 | A kind of isomery accelerates the MCU firmware upgrade method and relevant apparatus of platform |
| CN110908682A (en) * | 2019-08-08 | 2020-03-24 | 中国第一汽车股份有限公司 | Firmware upgrading method and system for vehicle controller, vehicle and storage medium |
| CN112165533A (en) * | 2020-10-21 | 2021-01-01 | 苏州智加科技有限公司 | Data checking and transmitting method, device, equipment, system and storage medium |
| CN112558875A (en) * | 2020-12-14 | 2021-03-26 | 北京百度网讯科技有限公司 | Data verification method and device, electronic equipment and storage medium |
| CN112653668A (en) * | 2020-12-04 | 2021-04-13 | 深圳市广和通无线股份有限公司 | Data interaction method and device, computer equipment and storage medium |
| US20210166241A1 (en) * | 2018-08-14 | 2021-06-03 | World Concept Development Limited | Methods, apparatuses, storage mediums and terminal devices for authentication |
| CN113448643A (en) * | 2021-03-23 | 2021-09-28 | 中科创达软件股份有限公司 | Configuration data management system and method |
| CN113536278A (en) * | 2020-04-20 | 2021-10-22 | 深圳市江波龙电子股份有限公司 | Authentication method of storage device, storage device and authentication terminal |
-
2021
- 2021-11-02 CN CN202111290898.7A patent/CN114124401B/en active Active
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150363187A1 (en) * | 2014-06-16 | 2015-12-17 | Wipro Limited | Systems and methods for installing upgraded software on electronic devices |
| CN105653390A (en) * | 2014-11-10 | 2016-06-08 | 无锡华润矽科微电子有限公司 | SoC system verification method |
| CN105519028A (en) * | 2015-07-01 | 2016-04-20 | 海能达通信股份有限公司 | Wireless system access control method and apparatus |
| CN105376249A (en) * | 2015-11-30 | 2016-03-02 | 上海汽车集团股份有限公司 | Account login method for vehicular information entertainment system and vehicular equipment |
| CN107040501A (en) * | 2016-02-04 | 2017-08-11 | 杭州华为企业通信技术有限公司 | It is the authentication method and device of service based on platform |
| WO2017152875A1 (en) * | 2016-03-11 | 2017-09-14 | 比亚迪股份有限公司 | Secure communication method and apparatus for vehicle, vehicle multimedia system, and vehicle |
| US20210166241A1 (en) * | 2018-08-14 | 2021-06-03 | World Concept Development Limited | Methods, apparatuses, storage mediums and terminal devices for authentication |
| CN109800104A (en) * | 2018-12-18 | 2019-05-24 | 盛科网络(苏州)有限公司 | Detection method, device, storage medium and the electronic device of data storage |
| CN110176990A (en) * | 2019-05-15 | 2019-08-27 | 百度在线网络技术(北京)有限公司 | Vehicle assembly replaces recognition methods, device, computer equipment and storage medium |
| CN110389778A (en) * | 2019-07-19 | 2019-10-29 | 苏州浪潮智能科技有限公司 | A kind of isomery accelerates the MCU firmware upgrade method and relevant apparatus of platform |
| CN110908682A (en) * | 2019-08-08 | 2020-03-24 | 中国第一汽车股份有限公司 | Firmware upgrading method and system for vehicle controller, vehicle and storage medium |
| CN113536278A (en) * | 2020-04-20 | 2021-10-22 | 深圳市江波龙电子股份有限公司 | Authentication method of storage device, storage device and authentication terminal |
| CN112165533A (en) * | 2020-10-21 | 2021-01-01 | 苏州智加科技有限公司 | Data checking and transmitting method, device, equipment, system and storage medium |
| CN112653668A (en) * | 2020-12-04 | 2021-04-13 | 深圳市广和通无线股份有限公司 | Data interaction method and device, computer equipment and storage medium |
| CN112558875A (en) * | 2020-12-14 | 2021-03-26 | 北京百度网讯科技有限公司 | Data verification method and device, electronic equipment and storage medium |
| CN113448643A (en) * | 2021-03-23 | 2021-09-28 | 中科创达软件股份有限公司 | Configuration data management system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114124401B (en) | 2023-11-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9792440B1 (en) | Secure boot for vehicular systems | |
| CN110178114B (en) | Vehicle control device and program update system | |
| CN109039654B (en) | TBOX identity authentication method and terminal equipment | |
| CN103679005A (en) | Method to enable development mode of a secure electronic control unit | |
| CN109947449A (en) | Method for upgrading system, device, storage medium and electronic equipment | |
| US20170116427A1 (en) | Token-based control of software installation and operation | |
| CN109885037B (en) | Vehicle diagnosis method and related equipment | |
| CN109658542B (en) | Diagnostic parameter data verification method, diagnostic parameter data verification device, vehicle diagnostic equipment and storage medium | |
| CN112513850A (en) | Electronic control unit and data access method and device thereof | |
| CN111177703B (en) | Method and device for determining data integrity of operating system | |
| CN108108262B (en) | Integrated circuit with hardware check unit for checking selected memory accesses | |
| CN113608518A (en) | Data generation method, device, terminal equipment and medium | |
| CN110189434B (en) | Vehicle safety checking method and related equipment thereof | |
| US11924726B2 (en) | In-vehicle control device, information processing device, vehicle network system, method of providing application program, and recording medium with program recorded thereon | |
| CN114124401B (en) | Data authentication method, device, equipment and storage medium | |
| JP7176488B2 (en) | Data storage device and data storage program | |
| CN112306041A (en) | Vehicle configuration information writing method and device and electronic equipment | |
| US10897510B2 (en) | Service providing device and service providing system | |
| CN107995214B (en) | Website login method and related equipment | |
| CN112925546B (en) | Multistage verification method and system for preventing vehicle-mounted ECU from refreshing errors | |
| CN104052726A (en) | Access control method and mobile terminal which employs access control method | |
| CN111475400A (en) | Verification method of service platform and related equipment | |
| CN114090115B (en) | Startup verification method, device, equipment and storage medium | |
| US20220385659A1 (en) | Vehicle authentication control apparatus, vehicle control system, vehicle, and vehicle authentication processing method | |
| CN110610100B (en) | File verification method and device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |