CN115107701A - Automobile anti-theft authentication method and system - Google Patents
Automobile anti-theft authentication method and system Download PDFInfo
- Publication number
- CN115107701A CN115107701A CN202210884660.5A CN202210884660A CN115107701A CN 115107701 A CN115107701 A CN 115107701A CN 202210884660 A CN202210884660 A CN 202210884660A CN 115107701 A CN115107701 A CN 115107701A
- Authority
- CN
- China
- Prior art keywords
- authentication
- key
- automobile
- message
- pin
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 104
- 230000004044 response Effects 0.000 claims abstract description 95
- 208000035139 partial with pericentral spikes epilepsy Diseases 0.000 claims abstract description 61
- 230000008569 process Effects 0.000 claims abstract description 41
- 238000012795 verification Methods 0.000 claims description 7
- 230000002457 bidirectional effect Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 23
- 230000006870 function Effects 0.000 description 8
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000007123 defense Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R25/00—Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
- B60R25/20—Means to switch the anti-theft system on or off
- B60R25/24—Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
- B60R25/241—Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user whereby access privileges are related to the identifiers
Landscapes
- Engineering & Computer Science (AREA)
- Mechanical Engineering (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention provides an automobile anti-theft authentication method and system. The automobile anti-theft authentication method applied to the VCU of the whole automobile controller comprises the following steps: sending an authentication request message to a keyless entry and startup system PEPS at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code; receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through the first key, wherein the authentication response message comprises an encrypted second automobile PIN code; and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, successfully authenticating, and otherwise, failing to authenticate. The invention carries out bidirectional authentication through the authentication request message comprising the encrypted first automobile PIN code and the authentication response message comprising the encrypted second automobile PIN code, and the authentication process is simple, safe and reliable.
Description
Technical Field
The invention mainly relates to the technical field of automobiles, in particular to an automobile anti-theft authentication method and system.
Background
An automobile anti-theft system is a system configured to prevent theft of an automobile itself or an article in the automobile. At present, the method can be divided into the following steps according to the structure: mechanical type, electronic type, chip type and network type 4 types, at present, the electronic type is mainly adopted, and the network type is gradually transited. The theft of heavy tools such as shears, hacksaws and the like is difficult to be resisted by a mechanical type, and an anti-theft system of an automobile can be started by an electronic type through radio waves or infrared rays emitted by a decoding remote controller. The network type anti-theft has the defects of high price and certain service fee paid every month.
Therefore, a chip-type automobile anti-theft authentication method and system with high security performance and low cost are needed.
Disclosure of Invention
The invention aims to provide a chip type automobile anti-theft authentication method and system, and solves the problem that the existing automobile anti-theft system is low in safety performance.
In order to solve the technical problem, the invention provides an automobile anti-theft authentication method, which is applied to a VCU of a vehicle controller and comprises the following steps: sending the authentication request message to a keyless entry and startup system PEPS at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code; receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through a first key, wherein the authentication response message comprises an encrypted second automobile PIN; and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, successfully authenticating, and otherwise, failing to authenticate.
Optionally, the encrypted first car PIN is generated by encrypting the first car PIN with a first key, wherein the first key and the first car PIN are both learned.
Optionally, the method further comprises determining whether the first key and the first car PIN are learned, and if not, failing authentication.
Optionally, if the first key is not learned, a first key learning procedure is entered.
Optionally, the step of the first key learning procedure includes: receiving a key learning message sent by the PEPS, and decrypting the key learning message through a default key, wherein the key learning message comprises an encrypted second key; and verifying the decrypted second key, and if the verification is passed, pre-storing the second key in a storage unit as the learned first key.
Optionally, the step of the first key learning procedure further includes sending a key learning result message to the PEPS, where the key learning result message includes an answer code.
Optionally, if the first car PIN code is not learned, entering a first car PIN code learning process.
Optionally, the step of the first car PIN code learning process includes: receiving a PIN learning message sent by the PEPS, and decrypting the PIN learning message through a default key, wherein the PIN learning message comprises an encrypted second automobile PIN; and verifying the decrypted second automobile PIN code, and if the verification is passed, pre-storing the second automobile PIN code in a storage unit as the learned first automobile PIN code.
Optionally, the step of the first car PIN learning process further includes sending a PIN learning result message to the PEPS, where the PIN learning result message includes an answer code.
Optionally, the method further comprises: receiving an anti-theft reset message sent by the PEPS, and decrypting the anti-theft reset message through a default key, wherein the anti-theft reset message comprises an encrypted second automobile PIN code; and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, and if so, setting the value of the first automobile PIN code and the value of the first secret key as first values.
Optionally, the method further comprises sending a reset result message to the PEPS, the reset result message comprising an answer code.
Optionally, the method further includes determining whether the authentication response message is received within a threshold time, and if not, failing the authentication.
In order to solve the technical problems, the invention provides an automobile anti-theft authentication method which is applied to a keyless entry and startup system PEPS and comprises the following steps: receiving an authentication request message sent by a VCU of the vehicle controller, and decrypting the authentication request message through a second secret key prestored by the VCU, wherein the authentication request message comprises an encrypted first vehicle PIN code; judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored by the automobile, if so, generating an authentication response message according to the second secret key, the second automobile PIN code and a second random number, and if not, taking a second value as the authentication response message; and sending the authentication response message to the VCU, wherein the authentication response message is used for judging whether the authentication is successful or not.
Optionally, the method further comprises: sending a key learning message to the VCU at intervals, the key learning message including the encrypted second key; and judging whether the key learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the key this time.
Optionally, the method further comprises: sending a PIN learning message to the VCU at intervals, the PIN learning message including the encrypted second automobile PIN; and judging whether the PIN learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the PIN.
Optionally, the method further comprises: sending an anti-theft reset message to the VCU at intervals, the anti-theft reset message comprising the encrypted second automobile PIN code; and judging whether the reset feedback message sent by the VCU is received within a time threshold, and if not, failing the current reset.
In order to solve the above technical problems, the present invention provides an automobile anti-theft authentication system, which comprises: the vehicle control unit VCU is used for sending the authentication request message to the keyless entry and start system PEPS at intervals, receiving the authentication response message fed back by the PEPS and judging whether the authentication is successful or not according to the authentication response message, wherein the authentication request message comprises an encrypted first automobile PIN; the keyless entry and start system PEPS is used for receiving an authentication request message sent by the VCU of the vehicle controller, decrypting the authentication request message through a second key prestored by the PEPS, judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored by the PEPS, and sending an authentication response message to the VCU according to a matching result, wherein the authentication response message comprises the encrypted second automobile PIN code.
Optionally, the step of sending the authentication response message to the VCU according to the matching result includes: if the matching is successful, generating an authentication response message according to the second secret key, the second automobile PIN code and a second random number; and if the matching is unsuccessful, using the second value as the authentication response message.
Optionally, the encrypted first car PIN is generated by encrypting the first car PIN with a first key, wherein the first key and the first car PIN are both learned.
Optionally, the step of determining whether the authentication is successful according to the authentication response message includes: decrypting the authentication response message by the first key; and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, the authentication is successful, and otherwise, the authentication is failed.
Compared with the prior art, the invention has the following advantages:
the automobile anti-theft authentication method carries out bidirectional authentication through the authentication request message comprising the encrypted first automobile PIN code and the authentication response message comprising the encrypted second automobile PIN code, and the authentication process is simple, safe and reliable; the first secret key and the first automobile PIN of the VCU have a self-learning function, and factory configuration of the function can be conveniently and efficiently completed on a production line; the VCU also has the function of anti-theft authentication reset, and is convenient for reconfiguration after sale.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the principle of the invention. In the drawings:
FIG. 1 is a VCU state transition diagram of a vehicle control unit according to an embodiment of the invention;
FIG. 2 is a flow chart of a vehicle anti-theft authentication method according to an embodiment of the invention;
FIG. 3 is a flow chart of the vehicle anti-theft authentication method of the optimized embodiment of FIG. 2;
fig. 4 is a schematic structural diagram of an authentication request message according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an authentication response message according to an embodiment of the present invention;
FIG. 6 is a flow diagram of a first key learning process according to an embodiment of the invention;
FIG. 7 is a diagram illustrating the structure of a key learning message according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a key learning result message according to an embodiment of the present invention;
FIG. 9 is a flow chart of a first vehicle PIN learning process according to one embodiment of the present invention;
fig. 10 is a schematic structural diagram of a PIN code learning message according to an embodiment of the present invention;
fig. 11 is a schematic structural diagram of a PIN code learning result message according to an embodiment of the present invention;
FIG. 12 is a flow chart of a reset procedure for a first key and a first car PIN code according to one embodiment of the present invention;
FIG. 13 is a block diagram of an anti-theft reset message according to an embodiment of the present invention;
FIG. 14 is a structural illustration of a reset result message according to an embodiment of the invention;
FIG. 15 is a flowchart of a vehicle anti-theft authentication method according to another embodiment of the present invention;
fig. 16 is a system block diagram of an automobile anti-theft authentication system according to an embodiment of the invention.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the description of the embodiments will be briefly introduced below. It is obvious that the drawings in the following description are only examples or embodiments of the application, from which the application can also be applied to other similar scenarios without inventive effort for a person skilled in the art. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
As used in this application and in the claims, the terms "a," "an," "the," and/or "the" are not intended to be inclusive in the singular, but rather are intended to include the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that steps and elements are included which are explicitly identified, that the steps and elements do not form an exclusive list, and that a method or apparatus may include other steps or elements.
The relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present application unless specifically stated otherwise. Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description. Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate. In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
In the description of the present application, it is to be understood that the orientation or positional relationship indicated by the directional terms such as "front, rear, upper, lower, left, right", "lateral, vertical, horizontal" and "top, bottom", etc., are generally based on the orientation or positional relationship shown in the drawings, and are used for convenience of description and simplicity of description only, and in the case of not making a reverse description, these directional terms do not indicate and imply that the device or element being referred to must have a particular orientation or be constructed and operated in a particular orientation, and therefore, should not be considered as limiting the scope of the present application; the terms "inner and outer" refer to the inner and outer relative to the profile of the respective component itself.
Spatially relative terms, such as "above … …", "above … …", "above … …, on a surface", "above", and the like, may be used herein for ease of description to describe one device or feature's spatial relationship to another device or feature as illustrated in the figures. It will be understood that the spatially relative terms are intended to encompass different orientations of the device in use or operation in addition to the orientation depicted in the figures. For example, if a device in the figures is turned over, devices described as "above" or "on" other devices or configurations would then be oriented "below" or "under" the other devices or configurations. Thus, the exemplary term "above … …" can include both an orientation of "above … …" and "below … …". The device may be otherwise variously oriented (rotated 90 degrees or at other orientations) and the spatially relative descriptors used herein interpreted accordingly.
It should be noted that the terms "first", "second", and the like are used to define the components, and are only used for convenience of distinguishing the corresponding components, and the terms have no special meanings unless otherwise stated, and therefore, the scope of protection of the present application is not to be construed as being limited. Further, although the terms used in the present application are selected from publicly known and used terms, some of the terms mentioned in the specification of the present application may be selected by the applicant at his or her discretion, the detailed meanings of which are described in relevant parts of the description herein. Further, it is required that the present application is understood not only by the actual terms used but also by the meaning of each term lying within.
Flowcharts are used herein to illustrate the operations performed by systems according to embodiments of the present application. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, various steps may be processed in reverse order or simultaneously. Meanwhile, other operations are added to or removed from these processes.
A Vehicle Control Unit (VCU), also called a Vehicle Control Unit, is a core electronic Control Unit for implementing a Vehicle Control decision, and is widely used in pure electric vehicles and hybrid electric vehicles. The VCU of the vehicle controller can be mutually authenticated with a Passive Entry and Start system (PEPS), so that the anti-theft authentication method for the vehicle is realized. Fig. 1 is a state transition diagram of a VCU of a vehicle control unit according to an embodiment of the invention. As shown in fig. 1, the vehicle controller VCU has two states: armed state 11 and disarmed state 12. The default state of the VCU after power-on initialization is the arming state 11. When the authentication between the VCU and the PEPS is unsuccessful, the VCU is still in a fortifying state 11; if the communication authentication between the VCU and the PEPS is successful, the VCU is converted into a defense solving state 12 from a defense setting state 11. The VCU only allows system start-up when in the disarmed state 12.
Fig. 2 is a flowchart of an automobile anti-theft authentication method 200 according to an embodiment of the invention, and fig. 3 is a flowchart of an automobile anti-theft authentication method 300 according to an optimized embodiment of fig. 2. The vehicle anti-theft authentication method 200 and the vehicle anti-theft authentication method 300 are both applied to a vehicle control unit VCU. As shown in fig. 2, the method 200 for authenticating an automobile includes the following steps:
step S210: sending an authentication request message to a keyless entry and startup system PEPS at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code;
step S220: receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through the first key, wherein the authentication response message comprises an encrypted second automobile PIN code;
step S230: and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, successfully authenticating, and otherwise, failing to authenticate.
In some preferred embodiments, as shown in fig. 3, before step S210, step S205 is further included: and judging whether the first secret key and the first automobile PIN code are learned or not. If yes, the process proceeds to step S210, otherwise, the authentication is determined to fail. In addition, before step S220, step S215 is further included: and judging whether the authentication response message is received within the threshold time, if so, entering the step S220, otherwise, failing to authenticate.
Steps S205 to S230 will be described in detail below with reference to fig. 2 and 3.
In S205, it is determined whether the first key and the first car PIN are learned. When the vehicle control unit VCU leaves a factory, a default first secret key and a first vehicle PIN code are stored in a storage unit. After the VCU initialization configuration is completed, whether the VCU is a default first secret key and a first automobile PIN code or not is judged, if yes, the fact that the VCU is not learned is shown, the first secret key and the first automobile PIN code need to enter a learning process, and the authentication fails; if learning is performed, the process proceeds to step S220. The learned first key is consistent with a second key prestored in the PEPS, and the learned first automobile PIN is consistent with a second automobile PIN prestored in the PEPS.
In step S210, the VCU generates a first random number, then encrypts the learned first car PIN using the learned first key and an encryption algorithm to generate an encrypted first car PIN, and then generates an authentication request message according to the first random number and the encrypted first car PIN. The encryption algorithm can be a symmetric encryption algorithm or an asymmetric encryption algorithm, and the type of the encryption algorithm is not limited in the application. In some embodiments, the Encryption algorithm is preferably Advanced Encryption Standard (AES). Fig. 4 is a schematic structural diagram of an authentication request message 400 according to an embodiment of the present invention. As shown in fig. 4, the authentication request message 400 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes a first random number and an encrypted first car PIN code. The first random number may be 4 Bytes (Bytes) in length, and the encrypted first car PIN code is also 4 Bytes.
In step S210, an authentication request message is sent to the PEPS at intervals, for example, the VCU sends the same authentication request message to the PEPS every 100 ms. The time interval for the VCU to send the authentication request message to the PEPS may be set as needed, which is not limited in this application.
In S215, it is determined whether the authentication response message is received within a threshold time, and if not, the authentication fails. The threshold time may be set as desired, and the application is not limited in this regard. For example, it is determined whether the authentication response message is received within 2 seconds, and if not, the authentication fails, and if so, the process proceeds to step S220.
In step S220, the authentication response message may be generated by the second random number, the second key pre-stored by the PEPS, and the second car PIN code. Specifically, the PEPS generates a second random number, then encrypts the second car PIN code through the second key and the encryption algorithm to generate an encrypted second car PIN code, and then generates an authentication response message according to the second random number and the encrypted second car PIN code. The encryption algorithm adopted by the PEPS is the same as that adopted by the VCU. Fig. 5 is a schematic structural diagram of an authentication response message 500 according to an embodiment of the present invention. As shown in fig. 5, the authentication response message 500 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes a second random number and an encrypted second car PIN code. The second random number may be 4 Bytes (Bytes) in length, and the encrypted second car PIN code is also 4 Bytes. And the VCU receives the authentication response message fed back by the PEPS, and can decrypt the authentication response message through the first key because the learned first key is consistent with the second key.
In some embodiments, the authentication response message may also be generated from a second value, which may be set as agreed. For example, all 0xFF with a second value of 8 bytes may be set. After receiving the authentication response message, the VCU further includes, before decrypting the authentication response message, the steps of: firstly, judging whether the authentication response message is a set value, if so, directly judging that the authentication fails, and if not, decrypting the authentication response message.
In step S230, it is determined whether the decrypted second car PIN code matches the first car PIN code, if so, the authentication is successful, otherwise, the authentication is failed.
In some embodiments, if it is determined that the first key has not been learned, a first key learning procedure is entered. The VCU needs to support a learning function, and when the VCU is in a new state (a default first key or a first car PIN code), the VCU can update the first key and the first car PIN code through the learning function. Fig. 6 is a flow diagram of a first key learning process 600 according to an embodiment of the invention. As shown in fig. 6, the steps of the first key learning process 600 include:
step S610: and receiving a key learning message sent by the PEPS, and decrypting the key learning message through a default key, wherein the key learning message comprises an encrypted second key. The same default key is stored by default in both the storage units of the VCU and the PEPS. The default key is only available before the factory, i.e. the learning process of the first key can only be completed before the factory. After the automobile leaves the factory, the default key is invisible to ordinary users, and only users with super authority (such as after-sales engineers) can obtain the default key. Fig. 7 is a schematic structural diagram of a key learning message 700 according to an embodiment of the present invention. As shown in fig. 7, the key learning message 700 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises an encrypted second key, the length of the encrypted second key being 8 bytes.
Step S620: and checking the decrypted second key, wherein the checking method can be CRC16 and CRC32, and the application does not limit the checking method. And judging whether the verification passes, and if the verification fails, ending the key learning process. If the check is passed, the process proceeds to step S630.
Step S630: and judging whether the value of the first key is the first value or not, if not, not operating, and ending the learning process. If so, the process proceeds to step S640. The first value may be 0 xFF. For example, it is determined whether the value of the first key is 0xFF, and if the value of the first key is 0xFF, it means that the first key has been learned, no operation is required.
Step S640: the second key is pre-stored in the storage unit as the learned first key. Specifically, the value of the first key in the storage unit of the VCU is replaced with the value of the second key, and after learning, the first key is consistent with the second key.
In some embodiments, the learning process of the first key further comprises sending a key learning result message to the PEPS, the key learning result message including the answer code. Wherein the response code represents the result of the key learning. Fig. 8 is a schematic structural diagram of a key learning result message 800 according to an embodiment of the present invention. As shown in fig. 8, the key learning result message 800 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes the response code and the padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the response code can be as shown in table 1:
TABLE 1
| Answer code | Description of the invention |
| 00 | Successful execution of VCU |
| 20 | Request not supported |
| 21 | Unknown cause, inability to perform requests |
| 30 | VCU busy |
| 31 | VCU not learned, not SK |
| 32 | VCU not learned, no PIN |
| 33 | The VCU has learned SK, but SK does not conform to |
| 34 | The VCU has learned the PIN, but the PIN has not been met |
| 35 | SK or PIN CRC error checking |
| 36 | Request not to execute due to PIN mismatch |
As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully executes, and the key learning succeeds. When the response code received by the PEPS is other value, it represents the key learning failure and the reason of the failure.
In some embodiments, if the first car PIN is not learned, a first car PIN learning process is entered. Fig. 9 is a flow diagram of a first car PIN learning process 900 according to an embodiment of the invention. As shown in fig. 9, the steps of the first car PIN learning process 900 include:
step S910: and receiving a PIN learning message sent by the PEPS, and decrypting the PIN learning message through a default key, wherein the PIN learning message comprises an encrypted second automobile PIN. Fig. 10 is a schematic structural diagram of a PIN code learning message 1000 according to an embodiment of the present invention. As shown in fig. 10, the PIN code learning message 1000 includes name, sender, receiver, ID, and data fields. Wherein the data field includes the encrypted second car PIN code, CRC16, and padding data. The encrypted second car PIN code is 4 bytes long, the CRC16 is 2 bytes long, and the padding data is 2 bytes long.
Step S920: and verifying the decrypted second automobile PIN code, and if the verification fails, ending the PIN code learning process. If the check is passed, the process proceeds to step S930.
Step S930: and judging whether the value of the first automobile PIN code is the first value or not, if not, not operating, and ending the learning process. If so, the process proceeds to step S940. The first value may be 0 xFF. For example, it is determined whether the values of the first car PIN code are all 0xFF, and if not, it indicates that the first car PIN code has been learned and does not need to be operated.
Step S940: the second car PIN code is prestored in the storage unit as the first car PIN code. Specifically, the value of the first automobile PIN code in the storage unit of the VCU is replaced by the value of the second automobile PIN code, and after learning, the first automobile PIN code is consistent with the second automobile PIN code.
In some embodiments, the learning process of the first car PIN further includes sending a PIN learning result message to the PEPS. The PIN code learning result message includes a response code and padding data. The PIN code learning result is represented by the answer code. Fig. 11 is a schematic structural diagram of a PIN code learning result message 1100 according to an embodiment of the present invention. As shown in fig. 11, the PIN code learning result message 1100 includes name, sender, receiver, ID, and data fields. Wherein the data field includes the response code and the padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the response code can be as shown in table 1. As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully executes, and the PIN code learning is successful. When the response code received by the PEPS is other value, it represents the failure of learning the PIN code and the reason of the failure.
In some embodiments, the vehicle anti-theft authentication method further comprises a resetting process of the first secret key and the first vehicle PIN code. The resetting process can be completed before the automobile leaves the factory or after the automobile leaves the factory. For example, when the automobile leaves the factory and has a problem and needs to reset the first secret key and the first automobile PIN code, an after-sales engineer resets the first secret key and the first automobile PIN code through a default secret key. Fig. 12 is a flow diagram of a process 1200 for resetting a first key and a first car PIN code in accordance with an embodiment of the present invention. As shown in fig. 12, the steps of the process 1200 for resetting the first key and the first car PIN code include:
step S1201: and judging whether the first automobile PIN code stored by the VCU is a first value (0xFF), if so, indicating that the automobile PIN code is in a default state, and ending the reset process without resetting. If not, the process proceeds to step S1202.
Step S1202: and receiving the anti-theft reset message sent by the PEPS, and decrypting the anti-theft reset message through a default key, wherein the anti-theft reset message comprises an encrypted second automobile PIN code. Fig. 13 is a block diagram of an anti-theft reset message 1300 according to an embodiment of the invention. As shown in fig. 13, the anti-theft reset message 1300 includes name, sender, receiver, ID, and data fields. Wherein the data field includes the encrypted second car PIN code and the second random number. The encrypted second car PIN code has a length of 4 bytes and the second random number has a length of 4 bytes.
Step S1203: and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, and if not, ending the reset process. If so, the process proceeds to step S1204.
Step S1204: the value of the first car PIN code and the value of the first key are set to a first value. Specifically, the value of the first car PIN code and the value of the first key in the VCU storage unit are erased so that both the value of the first car PIN code and the value of the first key are 0 xFF.
In some embodiments, the process of resetting the first key and the first car PIN further comprises sending a reset result message to the PEPS. The reset result message includes a response code and padding data. The reset result is represented by the answer code. Fig. 14 is a diagram illustrating a structure of a reset result message 1400 according to an embodiment of the present invention. As shown in fig. 14, the reset result message 1400 includes name, sender, receiver, ID, and data fields. Wherein the data field includes the response code and the padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the response code can be as shown in table 1. As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully executes and the reset succeeds. When the response code received by the PEPS is other value, it indicates the reset failure and the reason of the failure.
The automobile anti-theft authentication method carries out bidirectional authentication through the authentication request message comprising the encrypted first automobile PIN code and the authentication response message comprising the encrypted second automobile PIN code, and the authentication process is simple, safe and reliable; the first secret key and the first automobile PIN of the VCU have a self-learning function, and factory configuration of the function can be conveniently and efficiently completed on a production line; the VCU also has the function of anti-theft authentication reset, and is convenient for reconfiguration after sale.
Fig. 15 is a flowchart of an automobile anti-theft authentication method 1500 according to another embodiment of the invention, wherein the automobile anti-theft authentication method 1500 is applied to a keyless entry and startup system PEPS. As shown in fig. 15, the vehicle anti-theft authentication method 1500 includes the following steps:
step S1501: and receiving an authentication request message sent by the VCU of the vehicle controller, and decrypting the authentication request message through a second secret key prestored by the VCU, wherein the authentication request message comprises an encrypted first vehicle PIN code. The encrypted first automobile PIN code is generated by encrypting the learned first automobile PIN code through the learned first secret key and an encryption algorithm. The learned first key is consistent with the second key. Thus, the PEPS may decrypt the authentication request message including the encrypted first car PIN using the second key and the same encryption algorithm as the VCU.
Step S1502: and judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored by the automobile, if not, turning to the step S1503, and if so, turning to the step S1504.
Step S1503: and taking the second value as an authentication response message. The value of the second value may be set according to convention, for example, may be set to all 0xFF of 8 bytes, which indicates that the VCU fails to perform unidirectional authentication for the PEPS, and thus fails to perform overall authentication.
Step S1504: and generating an authentication response message according to the second secret key, the second automobile PIN code and the second random number.
Step S1505: and sending an authentication response message to the VCU, wherein the authentication response message is used for judging whether the authentication is successful.
In some embodiments, the vehicle anti-theft authentication method further comprises sending a key learning message to the VCU at intervals, the key learning message including the encrypted second key; and judging whether a key learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the key this time.
In some embodiments, the vehicle anti-theft authentication method further comprises sending a PIN code learning message to the VCU at intervals, the PIN code learning message comprising an encrypted second vehicle PIN code; and judging whether a PIN learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the PIN.
In some embodiments, the vehicle anti-theft authentication method further comprises sending an anti-theft reset message to the VCU at intervals, the anti-theft reset message comprising an encrypted second vehicle PIN code; and judging whether a reset result message sent by the VCU is received within a time threshold, and if not, failing to reset this time.
Fig. 16 is a system block diagram of an automobile anti-theft authentication system 1600 according to an embodiment of the invention. As shown in fig. 16, the vehicle anti-theft authentication system 1600 includes a Vehicle Control Unit (VCU)1601 and a keyless entry and start system (PEPS) 1602. The vehicle control unit 1601 and the keyless entry and start system 1602 may communicate via a CAN network. The vehicle control unit 1601 is configured to send an authentication request message to the keyless entry and start system 1602 at intervals, where the authentication request message includes an encrypted first car PIN code, receive an authentication response message fed back by the keyless entry and start system 1602, and determine whether authentication is successful according to the authentication response message. In some embodiments, the encrypted first car PIN is generated by encrypting the first car PIN with a first key, wherein both the first key and the first car PIN are learned.
The keyless entry and start system 1602 is configured to receive an authentication request message sent by the vehicle controller 1601, decrypt the authentication request message through a second key pre-stored by the vehicle controller, determine whether the decrypted first vehicle PIN code matches with a second vehicle PIN pre-stored by the vehicle controller 1601, and send an authentication response message to the vehicle controller 1601 according to a matching result.
In some embodiments, the step of sending an authentication response message to the VCU according to the matching result comprises: and if the matching is successful, generating an authentication response message according to the second secret key, the second automobile PIN code and the second random number, and if not, taking the second value as the authentication response message.
In some embodiments, the step of determining whether the authentication is successful according to the authentication response message includes: decrypting the authentication response message through the first key; and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, successfully authenticating, and otherwise, failing to authenticate.
In some embodiments, the step of determining whether the authentication is successful according to the authentication response message further includes: before decrypting the authentication response message, judging whether the authentication response message is a second value or not, if so, directly judging that the authentication fails, and if not, decrypting the authentication response message.
In some embodiments, the vehicle control unit 1601 and the keyless entry and start system 1602 use the same AES algorithm to encrypt and decrypt data, which may reduce VCU resource usage and ensure data security to the greatest extent possible.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing disclosure is by way of example only, and is not intended to limit the present application. Various modifications, improvements and adaptations to the present application may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present application and thus fall within the spirit and scope of the exemplary embodiments of the present application.
Also, the present application uses specific words to describe embodiments of the application. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the present application is included in at least one embodiment of the present application. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the present application may be combined as appropriate.
Similarly, it should be noted that in the preceding description of embodiments of the application, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to require more features than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single disclosed embodiment.
Although the present application has been described with reference to the present specific embodiments, it will be recognized by those skilled in the art that the foregoing embodiments are merely illustrative of the present application and that various changes and substitutions of equivalents may be made without departing from the spirit of the application, and therefore, it is intended that all changes and modifications to the above-described embodiments that come within the spirit of the application fall within the scope of the claims of the application.
Claims (20)
1. An automobile anti-theft authentication method is applied to a VCU (vehicle control unit), and is characterized by comprising the following steps:
sending the authentication request message to a keyless entry and startup system PEPS at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code;
receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through a first key, wherein the authentication response message comprises an encrypted second automobile PIN;
and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, successfully authenticating, and otherwise, failing to authenticate.
2. The vehicle anti-theft authentication method according to claim 1, wherein the encrypted first vehicle PIN is generated by encrypting the first vehicle PIN by a first key, wherein the first key and the first vehicle PIN are learned.
3. The vehicle anti-theft authentication method according to claim 2, further comprising: and judging whether the first secret key and the first automobile PIN are learned or not, and if not, failing authentication.
4. The vehicle anti-theft authentication method according to claim 3, wherein if the first key is not learned, a first key learning process is entered.
5. The vehicle anti-theft authentication method according to claim 4, wherein the step of the first key learning procedure comprises:
receiving a key learning message sent by the PEPS, and decrypting the key learning message through a default key, wherein the key learning message comprises an encrypted second key;
and verifying the decrypted second key, and if the verification is passed, pre-storing the second key in a storage unit as the learned first key.
6. The vehicle anti-theft authentication method according to claim 5, further comprising sending a key learning result message to the PEPS, the key learning result message including a response code.
7. The vehicle anti-theft authentication method according to claim 3, wherein if the first vehicle PIN is not learned, a first vehicle PIN learning process is entered.
8. The vehicle anti-theft authentication method according to claim 4, wherein the step of the first vehicle PIN code learning process comprises:
receiving a PIN learning message sent by the PEPS, and decrypting the PIN learning message through a default key, wherein the PIN learning message comprises an encrypted second automobile PIN;
and verifying the decrypted second automobile PIN code, and if the verification is passed, pre-storing the second automobile PIN code in a storage unit as the learned first automobile PIN code.
9. The vehicle anti-theft authentication method according to claim 5, further comprising sending a PIN learning result message to the PEPS, the PIN learning result message including a response code.
10. The vehicle anti-theft authentication method according to claim 1, further comprising:
receiving an anti-theft reset message sent by the PEPS, and decrypting the anti-theft reset message through a default key, wherein the anti-theft reset message comprises an encrypted second automobile PIN code;
and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, and if so, setting the value of the first automobile PIN code and the value of the first secret key as first values.
11. The vehicle anti-theft authentication method according to claim 10, further comprising sending a reset result message to the PEPS, the reset result message including a response code.
12. The vehicle anti-theft authentication method according to claim 1, further comprising determining whether the authentication response message is received within a threshold time, and if not, failing the authentication.
13. An automobile anti-theft authentication method is applied to a keyless entry and start system PEPS and is characterized by comprising the following steps:
receiving an authentication request message sent by a VCU of the vehicle controller, and decrypting the authentication request message through a second secret key prestored by the VCU, wherein the authentication request message comprises an encrypted first vehicle PIN code;
judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored by the automobile, if so, generating an authentication response message according to the second secret key, the second automobile PIN code and a second random number, and if not, taking a second value as the authentication response message;
and sending the authentication response message to the VCU, wherein the authentication response message is used for judging whether the authentication is successful or not.
14. The vehicle anti-theft authentication method according to claim 13, further comprising:
sending a key learning message to the VCU at intervals, the key learning message including the encrypted second key;
and judging whether the key learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the key this time.
15. The vehicle anti-theft authentication method according to claim 13, further comprising:
sending a PIN learning message to the VCU at intervals, the PIN learning message including the encrypted second automobile PIN;
and judging whether the PIN learning result message sent by the VCU is received within a time threshold, and if not, failing to learn the PIN.
16. The vehicle anti-theft authentication method according to claim 13, further comprising:
sending an anti-theft reset message to the VCU at intervals, the anti-theft reset message comprising the encrypted second automobile PIN code;
and judging whether the reset feedback message sent by the VCU is received within a time threshold, and if not, failing to reset this time.
17. An automobile anti-theft authentication system, comprising:
the vehicle control unit VCU is used for sending the authentication request message to the keyless entry and start system PEPS at intervals, receiving an authentication response message fed back by the PEPS and judging whether the authentication is successful or not according to the authentication response message, wherein the authentication request message comprises an encrypted first automobile PIN;
the keyless entry and start system PEPS is used for receiving an authentication request message sent by a VCU of the vehicle controller, decrypting the authentication request message through a second key prestored by the PEPS, judging whether the decrypted first vehicle PIN code is matched with a second vehicle PIN code prestored by the PEPS, and sending an authentication response message to the VCU according to a matching result, wherein the authentication response message comprises the encrypted second vehicle PIN code.
18. The vehicle anti-theft authentication system of claim 17, wherein the step of transmitting the authentication response message to the VCU according to the matching result comprises:
if the matching is successful, generating an authentication response message according to the second secret key, the second automobile PIN code and a second random number;
and if the matching is unsuccessful, using the second value as the authentication response message.
19. The vehicle anti-theft authentication system according to claim 17, wherein the encrypted first vehicle PIN is generated by encrypting the first vehicle PIN with a first key, wherein the first key and the first vehicle PIN are learned.
20. The vehicle immobilizer system of claim 19, wherein the step of determining whether the authentication is successful based on the authentication response message comprises:
decrypting the authentication response message by the first key;
and judging whether the decrypted second automobile PIN code is matched with the first automobile PIN code, if so, the authentication is successful, and otherwise, the authentication is failed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210884660.5A CN115107701B (en) | 2022-07-26 | 2022-07-26 | Automobile anti-theft authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210884660.5A CN115107701B (en) | 2022-07-26 | 2022-07-26 | Automobile anti-theft authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115107701A true CN115107701A (en) | 2022-09-27 |
| CN115107701B CN115107701B (en) | 2024-02-23 |
Family
ID=83334607
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210884660.5A Active CN115107701B (en) | 2022-07-26 | 2022-07-26 | Automobile anti-theft authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115107701B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103178966A (en) * | 2013-03-19 | 2013-06-26 | 北京经纬恒润科技有限公司 | KPD (key position detection) authentication method and system for vehicle and smart key and vehicle base station |
| CN204641672U (en) * | 2015-02-13 | 2015-09-16 | 中国第一汽车股份有限公司 | A kind of hybrid vehicle electronic locking anti-theft system of high security |
| WO2016037541A1 (en) * | 2014-09-11 | 2016-03-17 | 苏州海博智能系统有限公司 | Checking and signing method and device |
| CN106034028A (en) * | 2015-03-17 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Terminal equipment authentication method, apparatus and system thereof |
| CN106627489A (en) * | 2016-12-09 | 2017-05-10 | 广州汽车集团股份有限公司 | Method and system for anti-theft authentication of pure electric vehicle |
| CN107257283A (en) * | 2017-04-26 | 2017-10-17 | 中南大学 | Fingerprint verification method based on quantum figure state |
| CN109728899A (en) * | 2017-10-30 | 2019-05-07 | 北京长城华冠汽车科技股份有限公司 | A kind of pure electric vehicle authentication key method for managing security and system |
| CN110289967A (en) * | 2019-06-19 | 2019-09-27 | 长城华冠汽车科技(苏州)有限公司 | Communication authentication method, device and vehicle |
| CN111028397A (en) * | 2019-05-28 | 2020-04-17 | 上海银基信息安全技术股份有限公司 | Authentication method and device, and vehicle control method and device |
| CN112994898A (en) * | 2021-04-08 | 2021-06-18 | 北京邮电大学 | Vehicle intranet communication safety authentication method and device |
| CN114248722A (en) * | 2020-09-24 | 2022-03-29 | 长城汽车股份有限公司 | Control method and device and vehicle |
| CN114547586A (en) * | 2022-01-14 | 2022-05-27 | 重庆长安汽车股份有限公司 | Vehicle-mounted bus message authentication key learning method and system and readable storage medium |
-
2022
- 2022-07-26 CN CN202210884660.5A patent/CN115107701B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103178966A (en) * | 2013-03-19 | 2013-06-26 | 北京经纬恒润科技有限公司 | KPD (key position detection) authentication method and system for vehicle and smart key and vehicle base station |
| WO2016037541A1 (en) * | 2014-09-11 | 2016-03-17 | 苏州海博智能系统有限公司 | Checking and signing method and device |
| CN204641672U (en) * | 2015-02-13 | 2015-09-16 | 中国第一汽车股份有限公司 | A kind of hybrid vehicle electronic locking anti-theft system of high security |
| CN106034028A (en) * | 2015-03-17 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Terminal equipment authentication method, apparatus and system thereof |
| CN106627489A (en) * | 2016-12-09 | 2017-05-10 | 广州汽车集团股份有限公司 | Method and system for anti-theft authentication of pure electric vehicle |
| CN107257283A (en) * | 2017-04-26 | 2017-10-17 | 中南大学 | Fingerprint verification method based on quantum figure state |
| CN109728899A (en) * | 2017-10-30 | 2019-05-07 | 北京长城华冠汽车科技股份有限公司 | A kind of pure electric vehicle authentication key method for managing security and system |
| CN111028397A (en) * | 2019-05-28 | 2020-04-17 | 上海银基信息安全技术股份有限公司 | Authentication method and device, and vehicle control method and device |
| CN110289967A (en) * | 2019-06-19 | 2019-09-27 | 长城华冠汽车科技(苏州)有限公司 | Communication authentication method, device and vehicle |
| CN114248722A (en) * | 2020-09-24 | 2022-03-29 | 长城汽车股份有限公司 | Control method and device and vehicle |
| CN112994898A (en) * | 2021-04-08 | 2021-06-18 | 北京邮电大学 | Vehicle intranet communication safety authentication method and device |
| CN114547586A (en) * | 2022-01-14 | 2022-05-27 | 重庆长安汽车股份有限公司 | Vehicle-mounted bus message authentication key learning method and system and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115107701B (en) | 2024-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109862040B (en) | Security authentication method and authentication system | |
| CN108122311B (en) | Vehicle virtual key implementation method and system | |
| US9954851B2 (en) | Method for controlling vehicle security access based on certificate | |
| CN111376865B (en) | Vehicle digital key activation method, system and storage medium | |
| JP5973224B2 (en) | Electronic key registration method | |
| CN111204311B (en) | Vehicle-mounted TBOX, vehicle and Bluetooth key realization method and system | |
| US9450937B2 (en) | Vehicle network authentication system, and vehicle network authentication method | |
| CN105704131A (en) | Vehicle lock control method and cloud management server | |
| US9479329B2 (en) | Motor vehicle control unit having a cryptographic device | |
| US20130214900A1 (en) | System and method to enable passive entry | |
| JP2018133744A (en) | Communication system, vehicle, and monitoring method | |
| KR20080106954A (en) | Method for the protection of a movable object, especially a vehicle, against unauthorized use | |
| WO2019004097A1 (en) | Maintenance system and maintenance method | |
| CN109714769B (en) | Information binding method, device, equipment and storage medium | |
| CN111083670A (en) | Vehicle using method and device based on intelligent key | |
| CN111845624B (en) | Method for starting vehicle without key | |
| CN111935317B (en) | Vehicle information verification method and device and computer-readable storage medium | |
| CN111083696B (en) | Communication verification method and system, mobile terminal and vehicle machine side | |
| CN113285932B (en) | Method for acquiring edge service, server and edge device | |
| JP6981755B2 (en) | In-vehicle network system | |
| CN109131218B (en) | Starting method and device of vehicle, vehicle and computer readable storage medium | |
| CN110808998B (en) | Initialization of identity authentication device, identity authentication method and device | |
| CN115107701B (en) | Automobile anti-theft authentication method and system | |
| CN109743283B (en) | Information transmission method and equipment | |
| CN114785532B (en) | Security chip communication method and device based on bidirectional signature authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 314500 988 Tong Tong Road, Wu Tong Street, Tongxiang, Jiaxing, Zhejiang Applicant after: United New Energy Automobile Co.,Ltd. Address before: 314500 988 Tong Tong Road, Wu Tong Street, Tongxiang, Jiaxing, Zhejiang Applicant before: Hezhong New Energy Vehicle Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Vehicle anti-theft certification method and system Granted publication date: 20240223 Pledgee: Tongxiang Science and Technology Entrepreneurship Service Center Co.,Ltd. Pledgor: United New Energy Automobile Co.,Ltd. Registration number: Y2024330000709 |