CN114900314A - Electronic anti-dismantling method and system, readable storage medium and OBU device - Google Patents

Electronic anti-dismantling method and system, readable storage medium and OBU device Download PDF

Info

Publication number
CN114900314A
CN114900314A CN202210452916.5A CN202210452916A CN114900314A CN 114900314 A CN114900314 A CN 114900314A CN 202210452916 A CN202210452916 A CN 202210452916A CN 114900314 A CN114900314 A CN 114900314A
Authority
CN
China
Prior art keywords
random number
encryption result
hardware address
vehicle
mounted terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210452916.5A
Other languages
Chinese (zh)
Inventor
齐帅
韩茂强
王庆飞
张国永
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Wanji Technology Co Ltd
Original Assignee
Beijing Wanji Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Wanji Technology Co Ltd filed Critical Beijing Wanji Technology Co Ltd
Priority to CN202210452916.5A priority Critical patent/CN114900314A/en
Publication of CN114900314A publication Critical patent/CN114900314A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B15/00Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points
    • G07B15/06Arrangements for road pricing or congestion charging of vehicles or vehicle users, e.g. automatic toll systems
    • G07B15/063Arrangements for road pricing or congestion charging of vehicles or vehicle users, e.g. automatic toll systems using wireless information transmission between the vehicle and a fixed station
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The application provides an electronic anti-dismantling method, an electronic anti-dismantling system, a readable storage medium and an OBU device. The method comprises the following steps: the first public key encrypts the generated first random number and the hardware address of the Ethernet module of the OBU device to obtain a first encryption result; sending a first encryption result to the vehicle-mounted terminal; receiving a second encryption result from the vehicle-mounted terminal; decrypting the second encryption result through a second private key to obtain a second random number; judging whether the second random number is the same as the first random number; if so, the authentication is successful; if not, the authentication fails, so that the bidirectional authentication between the OBU device and the vehicle-mounted terminal is realized, the instability of mechanical anti-disassembly is solved, and the safety of electronic anti-disassembly is improved.

Description

Electronic anti-dismantling method and system, readable storage medium and OBU device
Technical Field
The application belongs to the technical field of vehicle-mounted units, and particularly relates to an electronic anti-dismounting method, an electronic anti-dismounting system, a readable storage medium and an OBU device.
Background
In an ETC system, an OBU device adopts DSRC technology to establish a microwave communication link with an RSU device, and realizes vehicle identity identification and electronic fee deduction without stopping the vehicle on the way of the vehicle, so that the vehicle is not stopped and a card is not taken, and an unattended vehicle channel is established.
At present, the front-mounted application requirements related to the OBU device are increasingly large, but the existing anti-dismounting means of the front-mounted OBU device has the problems of instability and low safety, and the anti-dismounting requirements cannot be met.
Disclosure of Invention
The embodiment of the application provides an electronic anti-dismounting method, an electronic anti-dismounting system, a readable storage medium and an OBU device, and can solve the problems of unstable anti-dismounting means and low safety of a front-mounted OBU device.
In a first aspect, an embodiment of the present application provides an electronic tamper-evident method, including:
encrypting the generated first random number and the hardware address of the Ethernet module of the OBU device through a first public key to obtain a first encryption result;
sending the first encryption result to the vehicle-mounted terminal;
receiving a second encryption result from the vehicle-mounted terminal, wherein the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain the first random number and the hardware address, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address;
decrypting the second encryption result through a second private key to obtain a second random number;
judging whether the second random number is the same as the first random number or not;
if so, the authentication is successful; if not, the authentication fails.
Further, the method further comprises:
if the authentication is successful, starting the DSRC module;
and if the authentication fails, controlling an ESAM module to be invalid and starting the DSRC module.
Further, before obtaining the first encryption result, the method further includes:
after a second public and private key pair is generated, storing the second private key, and sending the hardware address and the second public key to the vehicle-mounted terminal through an Ethernet module of the OBU device;
and receiving a first public key from the vehicle-mounted terminal through an Ethernet module of the OBU device, and storing the first public key.
In a second aspect, an embodiment of the present application provides an electronic tamper-evident method, including:
after receiving a first encryption result from the OBU device, decrypting the first encryption result through a first private key to obtain a first random number and a hardware address of an Ethernet module of the OBU device;
judging whether the hardware address is the same as a pre-stored hardware address or not;
if so, encrypting the first random number through a second public key to obtain a second encryption result;
and sending the second encryption result to the OBU device.
Further, after determining whether the hardware address is the same as a pre-stored hardware address, the method further includes:
if not, executing the flow termination operation.
Further, before receiving the first encryption result from the OBU device, the method further includes:
after a first public and private key pair is generated, storing the first private key, and sending a first public key to the OBU device through an Ethernet module of the vehicle-mounted terminal;
receiving and storing the second public key and the hardware address from the OBU device.
In a third aspect, an embodiment of the present application provides an OBU device, including: the system comprises an Ethernet module, a main control module, an ESAM module, a DSRC module and a power supply module;
the Ethernet module is used for sending a first encryption result to the vehicle-mounted terminal;
the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain a first random number and a hardware address of the Ethernet module, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address;
the main control module is configured to encrypt the generated first random number and the hardware address of the ethernet module by using a first public key to obtain a first encryption result;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
the random number generating unit is used for judging whether the second random number is the same as the first random number or not;
if so, successfully authenticating and starting the DSRC module;
if not, the authentication fails, the ESAM module is controlled to be invalid, and the DSRC module is started;
and the power supply module is used for providing power supply.
In a fourth aspect, an embodiment of the present application provides an electronic anti-tamper system, including an OBU device and a vehicle-mounted terminal;
the OBU device is used for encrypting the generated first random number and the hardware address of the Ethernet module of the OBU device through a first public key to obtain a first encryption result;
the first encryption result is sent to the vehicle-mounted terminal;
the second encryption device is used for receiving a second encryption result from the vehicle-mounted terminal;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
the second random number is used for judging whether the second random number is the same as the first random number or not;
if so, successfully authenticating; if not, authentication fails;
the vehicle-mounted terminal is used for receiving a first encryption result from the OBU device and then decrypting the first encryption result through a first private key to obtain a first random number and a hardware address of an Ethernet module of the OBU device;
the hardware address is used for judging whether the hardware address is the same as a pre-stored hardware address or not;
if so, encrypting the first random number through a second public key to obtain a second encryption result;
for sending the second encryption result to the OBU device.
In a fifth aspect, an embodiment of the present application provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor, when executing the computer program, implements the method according to any one of the first aspect or the second aspect.
In a sixth aspect, the present application provides a computer-readable storage medium, which stores a computer program, and when executed by a processor, the computer program implements the method according to any one of the first aspect or the second aspect.
In a seventh aspect, this application embodiment provides a computer program product, which when run on an electronic device, causes the electronic device to perform the method of any one of the first aspect or the second aspect.
Compared with the prior art, the embodiment of the application has the advantages that:
the method comprises the steps that a first random number generated and a hardware address of an Ethernet module of an OBU device are encrypted through a first public key to obtain a first encryption result; sending a first encryption result to the vehicle-mounted terminal; receiving a second encryption result from the vehicle-mounted terminal, wherein the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain a first random number and a hardware address, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address; decrypting the second encryption result through a second private key to obtain a second random number; judging whether the second random number is the same as the first random number; if so, the authentication is successful; if not, the authentication fails, the bidirectional authentication between the OBU device and the vehicle-mounted terminal is realized, the instability of mechanical anti-dismounting can be solved, and the safety of electronic anti-dismounting is improved.
It is to be understood that, the beneficial effects of the second to seventh aspects may be referred to the relevant description of the first aspect, and are not repeated herein.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic flow chart of an electronic tamper-evident method according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of an electronic tamper-evident method according to another embodiment of the present application;
fig. 3 is a schematic structural diagram of an OBU device provided in an embodiment of the present application;
FIG. 4 is a schematic structural diagram of an electronic tamper system provided in an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
Fig. 1 is a schematic flowchart of an electronic tamper-evident method according to an embodiment of the present application. By way of example and not limitation, as shown in fig. 1, the method, applied to an OBU device, includes:
s101: and encrypting the generated first random number and the hardware address of the Ethernet module of the OBU device through the first public key to obtain a first encryption result.
When a user uses a vehicle, the OBU device is in a working state after the vehicle is ignited, the OBU device generates a first random number, and the first random number and the hardware address are encrypted by using a first public key to obtain a first encryption result.
The hardware address is the MAC address of the ethernet module. The ethernet module is capable of providing a hardware address differently from other communication modules, such as a CAN module (Controller Area Network).
S102: and sending the first encryption result to the vehicle-mounted terminal.
Specifically, the first encryption result is sent through a TCP link established between an ethernet module in the OBU device and the vehicle-mounted terminal. The first random number and the hardware address are transmitted through the first encryption result, the security of data transmission can be improved, and the first random number is generated randomly and is changed, so that the security of anti-dismantling can be ensured.
S103: receiving a second encryption result from the vehicle-mounted terminal;
and the second encryption result is obtained by encrypting the first random number through the second public key after the vehicle-mounted terminal decrypts the first encryption result through the first private key to obtain the first random number and the hardware address and judges that the hardware address is the same as the pre-stored hardware address.
Specifically, the second encryption result from the in-vehicle terminal is received through the TCP link.
S104: and decrypting the second encryption result through a second private key to obtain a second random number.
In application, the second random number obtained by decrypting the second encryption result through the second private key is compared with the first random number to confirm the legality of the vehicle-mounted terminal, so that the security of the anti-tamper authentication is realized.
S105: and judging whether the second random number is the same as the first random number.
S106: if yes, the authentication is successful.
If the authentication is successful, the OBU device is not detached.
S107: if not, the authentication fails.
If the authentication fails, the OBU device is disassembled.
The first encryption result and the second encryption result both encrypt the random number, that is, the random number generated by the OBU device is used as a bidirectional authentication basis, so that instability caused by authentication of various data can be reduced.
It can be understood that through the bidirectional multiple authentication between the OBU device and the vehicle-mounted terminal, the electronic anti-disassembly safety can be improved, and the mechanical anti-disassembly instability can be solved through the electronic anti-disassembly.
In the embodiment, the generated first random number and the hardware address of the ethernet module are encrypted by the first public key to obtain a first encryption result; sending a first encryption result to the vehicle-mounted terminal; receiving a second encryption result from the vehicle-mounted terminal, wherein the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain a first random number and a hardware address, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address; decrypting the second encryption result through a second private key to obtain a second random number; judging whether the second random number is the same as the first random number; if so, the authentication is successful; if not, the authentication fails, the bidirectional authentication between the OBU device and the vehicle-mounted terminal is realized, the instability of mechanical anti-dismounting can be solved, and the safety of electronic anti-dismounting is improved.
In another embodiment, the method further comprises:
and if the authentication is successful, starting the DSRC module.
Specifically, before performing authentication, a DSRC module (Dedicated Short Range Communication) is in a closed state. If the authentication is successful, the OBU device is not detached, and the DSRC module is started to start the DSRC function for transmitting ETC transaction data.
And if the authentication fails, controlling the ESAM module to be invalid and starting the DSRC module.
Specifically, if the authentication fails, it indicates that the OBU device is detached, and the ESAM Module stores vehicle information and ETC transaction key information, and further has an IC card file structure for storing card information, and it is necessary to control the failure of the ESAM Module (Embedded Secure Access Module) to ensure that the legal information of the vehicle is not stolen and utilized. At the same time, the DSRC module is activated to satisfy the need for subsequent users to reactivate OBU devices normally using DSRC functionality.
The method for controlling the ESAM module to fail is to modify the content of the ESAM module so as to enable the ESAM module to fail.
In another embodiment, before obtaining the first encryption result, the method further includes:
first, after a second public and private key pair is generated, the second private key is stored, and a hardware address and a second public key are sent to the vehicle-mounted terminal through the Ethernet module.
After a second public and private key pair is generated, the second public key is stored so as to meet the requirement of a user on subsequent operation of the second public key.
Then, the first public key from the vehicle-mounted terminal is received through the Ethernet module, and the first public key is stored.
The first public key is used for encrypting the random number and the hardware address.
Specifically, in the automobile production stage and the after-sales service stage, when the OBU device is installed and the vehicle is in an ignition state, the hardware address and the second public key are sent to the vehicle-mounted terminal through a TCP link established by the Ethernet module, and the first public key from the vehicle-mounted terminal is received. The process can be executed once when the vehicle is in an ignition state, and the process does not need to be executed when the OBU device and the vehicle-mounted terminal are authenticated each time.
And in the automobile production stage and the after-sales service stage, when the OBU device is installed and the vehicle is in an ignition state, the process is executed, and under the environment, other equipment can be prevented from stealing a public key, a hardware address and simulation imitation.
And in the vehicle using process of the user, the OBU device and the vehicle-mounted terminal only transmit the public key and the hardware address of the Ethernet module of the OBU device, and the private key cannot be transmitted, namely, the private key cannot be stolen (the private key is generated and stored in the device per se). On the basis, even if the public key and the hardware address are stolen and simulated and imitated, when the simulation equipment simulates the vehicle-mounted terminal to authenticate with the OBU device, the authentication with the OBU device can be failed under the condition that the simulation equipment does not obtain the private key of the vehicle-mounted terminal, and therefore the electronic anti-dismantling safety of the OBU device is improved.
Fig. 2 is a schematic flow chart of an electronic tamper-evident method according to another embodiment of the present application. By way of example and not limitation, as shown in fig. 2, the method, applied to a vehicle-mounted terminal, includes:
s201: and after receiving the first encryption result from the OBU device, decrypting the first encryption result through a first private key to obtain a first random number and a hardware address of an Ethernet module of the OBU device.
Specifically, a first encryption result from the OBU device is received through a TCP link established between an Ethernet module in the vehicle-mounted terminal and the OBU device.
S202: and judging whether the hardware address is the same as a pre-stored hardware address.
S203: if so, encrypting the first random number through the second public key to obtain a second encryption result.
The vehicle-mounted terminal confirms the legality of the OBU device when the hardware address is judged to be the same as the pre-stored hardware address, the anti-disassembly safety is guaranteed, a subsequent authentication process can be carried out, then the first random number is encrypted to obtain a second encryption result, the first random number is transmitted through the second encryption result, and the authentication safety can be improved.
S204: and sending the second encryption result to the OBU device.
Specifically, the second encryption result is sent to the OBU device through a TCP link established between an ethernet module in the vehicle-mounted terminal and the OBU device.
In this embodiment, after receiving the first encryption result from the OBU device, the first encryption result is decrypted by the first private key to obtain the first random number and the hardware address of the ethernet module of the OBU device; judging whether the hardware address is the same as a pre-stored hardware address or not; if so, encrypting the first random number through the second public key to obtain a second encryption result; and a second encryption result is sent to the OBU device, so that bidirectional authentication between the OBU device and the vehicle-mounted terminal is realized, the problem of instability of mechanical anti-dismantling is solved, and the safety of electronic anti-dismantling is improved.
In another embodiment, after determining whether the hardware address is the same as the pre-stored hardware address, the method further includes:
if not, executing the flow termination operation.
Specifically, if it is determined that the hardware address is different from the pre-stored hardware address, it indicates that the OBU device is detached, and the process is directly terminated without performing the next step. At this time, the DSRC module of the OBU device is in an off state, and the DSRC function is not activated.
It may further be configured that, after executing the flow termination operation, the method further includes:
and executing alarm operation.
In another embodiment, before receiving the first encryption result from the OBU device, the method further includes:
firstly, after a first public and private key pair is generated, a first private key is stored, and a first public key is sent to an OBU device through an Ethernet module of a vehicle-mounted terminal.
In application, the first public key is sent to the OBU device through a TCP link established between an Ethernet module in the vehicle-mounted terminal and the OBU device.
After the first public and private key pair is generated, the first public key is stored so as to meet the requirement of a user on subsequent operation of the first public key.
A second public key and hardware address from the OBU device are then received and stored.
Specifically, the second public key is used to encrypt the random number.
After storing the hardware address from the OBU device, obtaining a pre-stored hardware address; and subsequently judging whether the received hardware address is the same as the prestored hardware address through prestoring the hardware address of the OBU device so as to judge whether the OBU device is detached.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Corresponding to the methods described in the above embodiments, only the portions related to the embodiments of the present application are shown for convenience of explanation.
Fig. 3 is a schematic structural diagram of an OBU device according to an embodiment of the present disclosure. By way of example and not limitation, as shown in fig. 3, the apparatus, comprises: the system comprises an Ethernet module 10, a main control module 11, a DSRC module 12, an ESAM module 13 and a power supply module 14;
the Ethernet module 10 is used for sending a first encryption result to the vehicle-mounted terminal;
and the second encryption result is obtained by encrypting the first random number through the second public key after the vehicle-mounted terminal decrypts the first encryption result through the first private key to obtain the first random number and the hardware address of the Ethernet module and judges that the hardware address is the same as the pre-stored hardware address.
Wherein, based on the communication of the Ethernet module, a large amount of data can be transmitted.
The main control module 11 is configured to encrypt the generated first random number and the hardware address of the ethernet module by using the first public key to obtain a first encryption result;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
used for judging whether the second random number is the same as the first random number;
if yes, the authentication is successful, and the DSRC module 12 is started;
if not, the authentication fails, the ESAM module 13 is controlled to be invalid, and the DSRC module 12 is started;
and a power supply module 14 for supplying power.
In another embodiment, the main control module is further configured to store a second private key and the first public key after generating a second public-private key pair;
the Ethernet module is also used for sending the hardware address and the second public key to the vehicle-mounted terminal;
and receiving the first public key from the vehicle-mounted terminal.
Fig. 4 is a schematic structural diagram of an electronic tamper system provided in an embodiment of the present application. By way of example and not limitation, as shown in fig. 4, the system includes an OBU device 20 and a vehicle-mounted terminal 21;
the OBU device 20 is configured to encrypt the generated first random number and the hardware address of the ethernet module of the OBU device by using the first public key to obtain a first encryption result;
the first encryption result is sent to the vehicle-mounted terminal;
the second encryption device is used for receiving a second encryption result from the vehicle-mounted terminal;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
used for judging whether the second random number is the same as the first random number;
if so, successfully authenticating; if not, authentication fails;
the vehicle-mounted terminal 21 is configured to decrypt the first encryption result through the first private key after receiving the first encryption result from the OBU device, so as to obtain a first random number and a hardware address of an ethernet module of the OBU device;
used for judging whether the hardware address is the same as the pre-stored hardware address;
if so, encrypting the first random number through the second public key to obtain a second encryption result;
for sending the second encryption result to the OBU device.
In another embodiment, the vehicle-mounted terminal is further used for executing the flow termination operation if the vehicle-mounted terminal is not used for executing the flow termination operation.
In another embodiment, the vehicle-mounted terminal is further configured to generate a first public and private key pair, store the first private key, and send the first public key to the OBU device;
a second public key and hardware address from the OBU device are received and stored.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 5, the electronic apparatus 3 of this embodiment includes: at least one processor 30 (only one shown in fig. 5), a memory 31, and a computer program 32 stored in the memory 31 and executable on the at least one processor 30, the steps of any of the various method embodiments described above being implemented when the computer program 32 is executed by the processor 30.
The electronic device 3 may be an OBU device or a vehicle-mounted terminal. The electronic device 3 may include, but is not limited to, a processor 30, a memory 31. Those skilled in the art will appreciate that fig. 5 is merely an example of the electronic device 3, and does not constitute a limitation of the electronic device 3, and may include more or less components than those shown, or combine some of the components, or different components, such as an input-output device, a network access device, and the like.
The Processor 30 may be a Central Processing Unit (CPU), and the Processor 30 may be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 31 may in some embodiments be an internal storage unit of the electronic device 3, such as a hard disk or a memory of the electronic device 3. The memory 31 may also be an external storage device of the electronic device 3 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 3. Further, the memory 31 may also include both an internal storage unit and an external storage device of the electronic device 3. The memory 31 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of the computer program. The memory 31 may also be used to temporarily store data that has been output or is to be output.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the steps in the above-mentioned method embodiments may be implemented.
Embodiments of the present application provide a computer program product, which when executed on an electronic device, enables the electronic device to implement the steps in the above method embodiments.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other ways. For example, the above-described apparatus/network device embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implementing, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (10)

1. An electronic tamper method, applied to an OBU device, comprising:
encrypting the generated first random number and the hardware address of the Ethernet module of the OBU device through a first public key to obtain a first encryption result;
sending the first encryption result to the vehicle-mounted terminal;
receiving a second encryption result from the vehicle-mounted terminal, wherein the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain the first random number and the hardware address, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address;
decrypting the second encryption result through a second private key to obtain a second random number;
judging whether the second random number is the same as the first random number or not;
if so, the authentication is successful; if not, the authentication fails.
2. The method of claim 1, wherein the method further comprises:
if the authentication is successful, starting the DSRC module;
and if the authentication fails, controlling an ESAM module to be invalid and starting the DSRC module.
3. The method of claim 1, wherein obtaining the first encryption result further comprises, prior to:
after a second public and private key pair is generated, storing the second private key, and sending the hardware address and the second public key to the vehicle-mounted terminal through an Ethernet module of the OBU device;
and receiving a first public key from the vehicle-mounted terminal through an Ethernet module of the OBU device, and storing the first public key.
4. An electronic anti-dismounting method is applied to a vehicle-mounted terminal, and is characterized by comprising the following steps:
after receiving a first encryption result from the OBU device, decrypting the first encryption result through a first private key to obtain a first random number and a hardware address of an Ethernet module of the OBU device;
judging whether the hardware address is the same as a pre-stored hardware address or not;
if so, encrypting the first random number through a second public key to obtain a second encryption result;
and sending the second encryption result to the OBU device.
5. The method of claim 4, wherein after determining whether the hardware address is the same as a pre-stored hardware address, further comprising:
if not, executing the flow termination operation.
6. The method of claim 4, wherein prior to receiving the first encryption result from the OBU device, further comprising:
after a first public and private key pair is generated, storing the first private key, and sending a first public key to the OBU device through an Ethernet module of the vehicle-mounted terminal;
receiving and storing the second public key and the hardware address from the OBU device.
7. An OBU apparatus, comprising: the system comprises an Ethernet module, a main control module, an ESAM module, a DSRC module and a power supply module;
the Ethernet module is used for sending a first encryption result to the vehicle-mounted terminal;
the second encryption result is obtained by decrypting the first encryption result through a first private key by the vehicle-mounted terminal to obtain a first random number and a hardware address of the Ethernet module, and encrypting the first random number through a second public key after judging that the hardware address is the same as a pre-stored hardware address;
the main control module is configured to encrypt the generated first random number and the hardware address of the ethernet module by using a first public key to obtain a first encryption result;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
the random number generating unit is used for judging whether the second random number is the same as the first random number or not;
if so, successfully authenticating and starting the DSRC module;
if not, the authentication fails, the ESAM module is controlled to be invalid, and the DSRC module is started;
and the power supply module is used for providing power supply.
8. An electronic anti-disassembly system is characterized by comprising an OBU device and a vehicle-mounted terminal;
the OBU device is used for encrypting the generated first random number and the hardware address of the Ethernet module of the OBU device through a first public key to obtain a first encryption result;
the first encryption result is sent to the vehicle-mounted terminal;
the second encryption device is used for receiving a second encryption result from the vehicle-mounted terminal;
the second encryption device is used for decrypting the second encryption result through a second private key to obtain a second random number;
the random number generating unit is used for judging whether the second random number is the same as the first random number or not;
if so, successfully authenticating; if not, authentication fails;
the vehicle-mounted terminal is used for receiving a first encryption result from the OBU device and then decrypting the first encryption result through a first private key to obtain a first random number and a hardware address of an Ethernet module of the OBU device;
the hardware address is used for judging whether the hardware address is the same as a pre-stored hardware address or not;
if so, encrypting the first random number through a second public key to obtain a second encryption result;
for sending the second encryption result to the OBU device.
9. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the method of any of claims 1 to 3 or 4 to 6 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 3 or 4 to 6.
CN202210452916.5A 2022-04-27 2022-04-27 Electronic anti-dismantling method and system, readable storage medium and OBU device Pending CN114900314A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210452916.5A CN114900314A (en) 2022-04-27 2022-04-27 Electronic anti-dismantling method and system, readable storage medium and OBU device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210452916.5A CN114900314A (en) 2022-04-27 2022-04-27 Electronic anti-dismantling method and system, readable storage medium and OBU device

Publications (1)

Publication Number Publication Date
CN114900314A true CN114900314A (en) 2022-08-12

Family

ID=82718960

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210452916.5A Pending CN114900314A (en) 2022-04-27 2022-04-27 Electronic anti-dismantling method and system, readable storage medium and OBU device

Country Status (1)

Country Link
CN (1) CN114900314A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment
CN105656941A (en) * 2016-03-14 2016-06-08 美的集团股份有限公司 Identity authentication device and method
CN108512846A (en) * 2018-03-30 2018-09-07 北京邮电大学 Mutual authentication method and device between a kind of terminal and server
CN110191438A (en) * 2019-06-05 2019-08-30 深圳成谷科技有限公司 A kind of authentication method and Related product for truck traffic
CN111193721A (en) * 2019-12-16 2020-05-22 北京握奇数据股份有限公司 ETC safety communication method and system
CN112652080A (en) * 2020-12-17 2021-04-13 北京万集智能网联技术有限公司 Anti-dismounting method and device for vehicle-mounted electronic label equipment and electronic equipment
CN113453223A (en) * 2021-06-07 2021-09-28 北京聚利科技有限公司 Key updating method, system, device, storage medium and terminal

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment
CN105656941A (en) * 2016-03-14 2016-06-08 美的集团股份有限公司 Identity authentication device and method
CN108512846A (en) * 2018-03-30 2018-09-07 北京邮电大学 Mutual authentication method and device between a kind of terminal and server
CN110191438A (en) * 2019-06-05 2019-08-30 深圳成谷科技有限公司 A kind of authentication method and Related product for truck traffic
CN111193721A (en) * 2019-12-16 2020-05-22 北京握奇数据股份有限公司 ETC safety communication method and system
CN112652080A (en) * 2020-12-17 2021-04-13 北京万集智能网联技术有限公司 Anti-dismounting method and device for vehicle-mounted electronic label equipment and electronic equipment
CN113453223A (en) * 2021-06-07 2021-09-28 北京聚利科技有限公司 Key updating method, system, device, storage medium and terminal

Similar Documents

Publication Publication Date Title
CN107743067B (en) Method, system, terminal and storage medium for issuing digital certificate
US20200236097A1 (en) Message authentication with secure code verification
CN108122311B (en) Vehicle virtual key implementation method and system
CN111404696B (en) Collaborative signature method, security service middleware, related platform and system
CN110621014B (en) Vehicle-mounted equipment, program upgrading method thereof and server
CN110891257B (en) Internet-connected vehicle remote upgrading system and method with anti-attack bidirectional authentication
EP1712992A1 (en) Updating of data instructions
JP2008507203A (en) Method for transmitting a direct proof private key in a signed group to a device using a distribution CD
CN107733636B (en) Authentication method and authentication system
CN109598104B (en) Software authorization protection system and method based on timestamp and secret authentication file
CN113794734A (en) Vehicle-mounted CAN bus encryption communication method, control device and readable storage medium
CN111539720B (en) Credible transaction method and system based on digital currency
JP6387908B2 (en) Authentication system
CN113378119A (en) Software authorization method, device, equipment and storage medium
CN111510448A (en) Communication encryption method, device and system in OTA (over the air) upgrade of automobile
CN116419217B (en) OTA data upgrading method, system, equipment and storage medium
KR102551592B1 (en) Method for preventing mileage tampering of car and mileage recording device using the same
CN114189862A (en) Wireless terminal and interface access authentication method of wireless terminal in Uboot mode
CN103281188A (en) Method and system for backing up private key in electronic signature token
CN116193436A (en) OTA upgrade package issuing method and system for vehicle-mounted equipment
CN114900314A (en) Electronic anti-dismantling method and system, readable storage medium and OBU device
CN113343203A (en) Digital car key processing method, equipment and platform system
CN103248490A (en) Method and system for backing-up information in electronic signature token
CN110414192B (en) Control and management system and method applied to safety manufacture
CN114040221A (en) Anti-copy method for security authentication based on set top box server side double signatures

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination