Disclosure of Invention
The invention aims to solve the technical problem of providing a chip type automobile anti-theft authentication method and system, and solves the problem of low safety performance of the existing automobile anti-theft system.
In order to solve the technical problems, the invention provides an automobile anti-theft authentication method, which is applied to a vehicle controller VCU and comprises the following steps: sending the authentication request message to a keyless entry and start system (PEPS) at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code; receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through a first key, wherein the authentication response message comprises an encrypted second car PIN code; judging whether the decrypted second car PIN code is matched with the first car PIN code, if so, authenticating successfully, otherwise, authenticating failure.
Optionally, the encrypted first car PIN code is generated by encrypting the first car PIN code with a first key, wherein both the first key and the first car PIN code are learned.
Optionally, the method further comprises judging whether the first key and the first car PIN code are learned, if not, authentication fails.
Optionally, if the first key is not learned, entering a first key learning procedure.
Optionally, the steps of the first key learning procedure include: receiving a key learning message sent by the PEPS, and decrypting the key learning message through a default key, wherein the key learning message comprises an encrypted second key; and checking the decrypted second key, and if the second key passes the check, pre-storing the second key in a storage unit as the learned first key.
Optionally, the steps of the first key learning procedure further include sending a key learning result message to the PEPS, the key learning result message including a reply code.
Optionally, if the first car PIN code is not learned, entering a first car PIN code learning process.
Optionally, the steps of the first car PIN code learning process include: receiving a PIN code learning message sent by the PEPS, and decrypting the PIN code learning message through a default key, wherein the PIN code learning message comprises an encrypted second automobile PIN code; and checking the decrypted second car PIN code, and if the second car PIN code passes the check, pre-storing the second car PIN code in a storage unit to be used as a learned first car PIN code.
Optionally, the step of the first automotive PIN code learning procedure further includes sending a PIN code learning result message to the PEPS, where the PIN code learning result message includes a response code.
Optionally, the method further comprises: receiving an anti-theft reset message sent by the PEPS, and decrypting the anti-theft reset message through a default key, wherein the anti-theft reset message comprises an encrypted second automobile PIN code; judging whether the decrypted second car PIN code is matched with the first car PIN code, and if so, setting the value of the first car PIN code and the value of the first key as a first value.
Optionally, the method further includes sending a reset result message to the PEPS, the reset result message including a reply code.
Optionally, the method further comprises determining whether the authentication response message is received within a threshold time, and if not, failing authentication.
In order to solve the technical problems, the invention provides an automobile anti-theft authentication method which is applied to a keyless entry and startup system PEPS, and comprises the following steps: receiving an authentication request message sent by a vehicle control unit VCU, and decrypting the authentication request message through a second key prestored in the VCU, wherein the authentication request message comprises an encrypted first vehicle PIN code; judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored in the automobile PIN code, if so, generating an authentication response message according to the second secret key, the second automobile PIN code and a second random number, and if not, taking a second value as the authentication response message; and sending the authentication response message to the VCU, wherein the authentication response message is used for judging whether authentication is successful or not.
Optionally, the method further comprises: transmitting a key learn message to the VCU at intervals, the key learn message including the encrypted second key; judging whether the key learning result message sent by the VCU is received within a time threshold, if not, failing the key learning.
Optionally, the method further comprises: transmitting a PIN code learning message to the VCU at intervals, the PIN code learning message including the encrypted second car PIN code; judging whether the PIN code learning result message sent by the VCU is received within a time threshold, if not, the PIN code learning fails.
Optionally, the method further comprises: transmitting an anti-theft reset message to the VCU at intervals, the anti-theft reset message including the encrypted second car PIN code; judging whether a reset feedback message sent by the VCU is received within a time threshold, if not, the reset fails.
In order to solve the technical problems, the invention provides an automobile anti-theft authentication system, which comprises: the vehicle controller VCU is used for sending the authentication request message to the keyless entry and starting system PEPS at intervals, wherein the authentication request message comprises an encrypted first vehicle PIN code and an authentication response message fed back by the PEPS, and judging whether the authentication is successful or not according to the authentication response message; the keyless entry and starting system PEPS is used for receiving an authentication request message sent by the VCU, decrypting the authentication request message through a second key pre-stored in the VCU, judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code pre-stored in the VCU, and sending an authentication response message to the VCU according to a matching result, wherein the authentication response message comprises the encrypted second automobile PIN code.
Optionally, the step of sending the authentication response message to the VCU according to the matching result includes: if the matching is successful, generating an authentication response message according to the second secret key, the second car PIN code and the second random number; and if the matching is unsuccessful, taking the second value as the authentication response message.
Optionally, the encrypted first car PIN code is generated by encrypting the first car PIN code with a first key, wherein both the first key and the first car PIN code are learned.
Optionally, the step of judging whether the authentication is successful according to the authentication response message includes: decrypting the authentication response message with the first key; judging whether the decrypted second car PIN code is matched with the first car PIN code, if so, authenticating successfully, otherwise, authenticating failure.
Compared with the prior art, the invention has the following advantages:
the automobile anti-theft authentication method carries out bidirectional authentication through the authentication request message comprising the encrypted first automobile PIN code and the authentication response message comprising the encrypted second automobile PIN code, and has simple authentication flow, safety and reliability; the first secret key of the VCU and the first car PIN code both have self-learning functions, and factory configuration of the functions can be conveniently and efficiently completed on a production line; the VCU also has the anti-theft authentication reset function, thereby facilitating the reconfiguration after sale.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are used in the description of the embodiments will be briefly described below. It is apparent that the drawings in the following description are only some examples or embodiments of the present application, and it is obvious to those skilled in the art that the present application may be applied to other similar situations according to the drawings without inventive effort. Unless otherwise apparent from the context of the language or otherwise specified, like reference numerals in the figures refer to like structures or operations.
As used in this application and in the claims, the terms "a," "an," "the," and/or "the" are not specific to the singular, but may include the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that the steps and elements are explicitly identified, and they do not constitute an exclusive list, as other steps or elements may be included in a method or apparatus.
The relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present application unless it is specifically stated otherwise. Meanwhile, it should be understood that the sizes of the respective parts shown in the drawings are not drawn in actual scale for convenience of description. Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but should be considered part of the specification where appropriate. In all examples shown and discussed herein, any specific values should be construed as merely illustrative, and not a limitation. Thus, other examples of the exemplary embodiments may have different values. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
In the description of the present application, it should be understood that, where azimuth terms such as "front, rear, upper, lower, left, right", "transverse, vertical, horizontal", and "top, bottom", etc., indicate azimuth or positional relationships generally based on those shown in the drawings, only for convenience of description and simplification of the description, these azimuth terms do not indicate and imply that the apparatus or elements referred to must have a specific azimuth or be constructed and operated in a specific azimuth, and thus should not be construed as limiting the scope of protection of the present application; the orientation word "inner and outer" refers to inner and outer relative to the contour of the respective component itself.
Spatially relative terms, such as "above … …," "above … …," "upper surface at … …," "above," and the like, may be used herein for ease of description to describe one device or feature's spatial location relative to another device or feature as illustrated in the figures. It will be understood that the spatially relative terms are intended to encompass different orientations in use or operation in addition to the orientation depicted in the figures. For example, if the device in the figures is turned over, elements described as "above" or "over" other devices or structures would then be oriented "below" or "beneath" the other devices or structures. Thus, the exemplary term "above … …" may include both orientations of "above … …" and "below … …". The device may also be positioned in other different ways (rotated 90 degrees or at other orientations) and the spatially relative descriptors used herein interpreted accordingly.
In addition, the terms "first", "second", etc. are used to define the components, and are merely for convenience of distinguishing the corresponding components, and unless otherwise stated, the terms have no special meaning, and thus should not be construed as limiting the scope of the present application. Furthermore, although terms used in the present application are selected from publicly known and commonly used terms, some terms mentioned in the specification of the present application may be selected by the applicant at his or her discretion, the detailed meanings of which are described in relevant parts of the description herein. Furthermore, it is required that the present application be understood, not simply by the actual terms used but by the meaning of each term lying within.
Flowcharts are used in this application to describe the operations performed by systems according to embodiments of the present application. It should be understood that the preceding or following operations are not necessarily performed in order precisely. Rather, the various steps may be processed in reverse order or simultaneously. At the same time, other operations are added to or removed from these processes.
The whole vehicle controller (Vehicle Control Unit, VCU), also called whole vehicle control unit, is a core electronic control unit for realizing whole vehicle control decision, and is now widely applied to pure electric vehicles and hybrid electric vehicles. The VCU of the whole vehicle controller can mutually authenticate with a keyless entry and starting system (Passive Entry Passive Start, PEPS) to realize an automobile anti-theft authentication method. Fig. 1 is a state transition diagram of an overall vehicle controller VCU according to an embodiment of the invention. As shown in fig. 1, there are two states of the vehicle controller VCU: arming state 11 and disarming state 12. The default state of the VCU at the completion of the power-up initialization is the armed state 11. When authentication between the VCU and the PEPS is unsuccessful, the VCU is still in the fortification state 11; if the communication authentication between the VCU and the PEPS is successful, the VCU is converted from the fortification state 11 to the defence state 12. The VCU can only allow the system to boot up when in the disarmed state 12.
Fig. 2 is a flow chart of an automobile anti-theft authentication method 200 according to an embodiment of the present invention, and fig. 3 is a flow chart of an automobile anti-theft authentication method 300 according to an optimized embodiment of fig. 2. Both the car antitheft authentication method 200 and the car antitheft authentication method 300 are applied to the whole car controller VCU. As shown in fig. 2, the automobile anti-theft authentication method 200 includes the steps of:
step S210: sending an authentication request message to a keyless entry and start system PEPS at intervals, wherein the authentication request message comprises an encrypted first automobile PIN code;
step S220: receiving an authentication response message fed back by the PEPS, and decrypting the authentication response message through the first key, wherein the authentication response message comprises an encrypted second car PIN code;
step S230: judging whether the decrypted second car PIN code is matched with the first car PIN code, if so, authenticating successfully, otherwise, authenticating failure.
In some preferred embodiments, as shown in fig. 3, before step S210, step S205 is further included: and judging whether the first key and the first car PIN code are learned or not. If yes, go to step S210, otherwise, judge authentication failure. In addition, before step S220, step S215 is further included: and judging whether the authentication response message is received within the threshold time, if so, proceeding to step S220, otherwise, failing the authentication.
Steps S205 to S230 will be described in detail below with reference to fig. 2 and 3.
In S205, it is determined whether the first key and the first car PIN code have undergone learning. The whole vehicle controller VCU stores a default first key and a first vehicle PIN code in a storage unit when leaving a factory. After the VCU initialization configuration is completed, judging whether the VCU is a default first key and a default first car PIN code, if so, indicating that the VCU is not learned, wherein the first key and the first car PIN code need to enter a learning flow, and the authentication fails; if learning has been performed, the process proceeds to step S220. The first automobile PIN code after learning is consistent with the second automobile PIN code prestored in the PEPS.
In step S210, the VCU generates a first random number, encrypts the learned first car PIN code with the learned first key and an encryption algorithm, generates an encrypted first car PIN code, and generates an authentication request message according to the first random number and the encrypted first car PIN code. The encryption algorithm can be a symmetric encryption algorithm or an asymmetric encryption algorithm, and the type of the encryption algorithm is not limited in the application. In some embodiments, the encryption algorithm is preferably an advanced encryption standard (Advanced Encryption Standard, AES). Fig. 4 is a schematic diagram of an authentication request message 400 according to an embodiment of the present invention. As shown in fig. 4, the authentication request message 400 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises a first random number and an encrypted first car PIN code. The first random number may be 4 Bytes (Bytes) in length and the encrypted first car PIN code is also 4 Bytes.
An authentication request message is sent to the keyless entry and start system PEPS at intervals in step S210, e.g. the VCU sends the same authentication request message to the PEPS every 100 ms. The time interval for the VCU to send the authentication request message to the PEPS may be set as desired, as this application is not limited in this regard.
In S215, it is determined whether an authentication response message is received within a threshold time, and if not, authentication fails. The threshold time may be set as desired, as this application is not limited in this regard. For example, it is determined whether the authentication response message is received within 2 seconds, if not, authentication fails, and if yes, the process proceeds to step S220.
In step S220, the authentication response message may be generated from the second random number, the second key pre-stored by the PEPS, and the second car PIN code. Specifically, the PEPS generates a second random number, encrypts the second car PIN code by using a second key and an encryption algorithm to generate an encrypted second car PIN code, and then generates an authentication response message according to the second random number and the encrypted second car PIN code. Wherein the encryption algorithm used by the PEPS is the same as the encryption algorithm used by the VCU. Fig. 5 is a schematic diagram of an authentication response message 500 according to an embodiment of the present invention. As shown in fig. 5, the authentication response message 500 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes a second random number and an encrypted second car PIN code. The second random number may be 4 Bytes (Bytes) in length and the encrypted second car PIN code is also 4 Bytes. The VCU receives the authentication response message fed back by the PEPS, and since the learned first key is consistent with the second key, the VCU may decrypt the authentication response message through the first key.
In some embodiments, the authentication response message may also be generated from a second value, which may be set by convention. For example, a second value of all 0 xffs of 8 bytes may be set. After receiving the authentication response message, the VCU further includes the step of, before decrypting the authentication response message: whether the authentication response message is a set value or not is judged first, if yes, authentication failure is judged directly, and if no, the authentication response message is decrypted.
In step S230, it is determined whether the decrypted second car PIN code is matched with the first car PIN code, if so, authentication is successful, otherwise, authentication fails.
In some embodiments, if it is determined that the first key has not been learned, the first key learning procedure is entered. The VCU needs to support a learning function, and when the VCU is in a completely new state (a default first key or a first car PIN code), the VCU can update the first key and the first car PIN code through the learning function. Fig. 6 is a flow chart of a first key learning process 600 according to an embodiment of the invention. As shown in fig. 6, the steps of the first key learning process 600 include:
step S610: and receiving a key learning message sent by the PEPS, and decrypting the key learning message through a default key, wherein the key learning message comprises an encrypted second key. The same default key is stored in both the VCU and PEPS memory units by default. The default key is only available before shipment, i.e. the learning process of the first key can only be completed before shipment. After the car leaves the factory, the default key is invisible to the ordinary user, and only the user with super authority (such as an after-sales engineer) can obtain the default key. Fig. 7 is a schematic diagram of a structure of a key learning message 700 according to an embodiment of the present invention. As shown in fig. 7, the key learning message 700 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises an encrypted second key, the encrypted second key having a length of 8 bytes.
Step S620: the second key decrypted is checked, and the checking method can be CRC16 or CRC32, which is not limited in this application. Judging whether the verification is passed or not, and ending the key learning process if the verification fails. If the verification passes, the process proceeds to step S630.
Step S630: and judging whether the value of the first key is the first value, if not, not operating, and ending the learning process. If so, the process proceeds to step S640. The first value may be 0xFF. For example, it is determined whether the value of the first key is 0xFF, and if the value of the first key is 0xFF, it means that the first key has been learned, no operation is required.
Step S640: the second key is pre-stored in the storage unit as a learned first key. Specifically, the value of the second key is replaced with the value of the first key in the storage unit of the VCU, and after learning, the first key is consistent with the second key.
In some embodiments, the first key learning process further includes sending a key learning result message to the PEPS, the key learning result message including the reply code. Wherein the answer code represents the result of the key learning. Fig. 8 is a schematic diagram of a structure of a key learning result message 800 according to an embodiment of the present invention. As shown in fig. 8, the key learning result message 800 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises an answer code and padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the response code can be as shown in table 1:
TABLE 1
Response code
|
Description of the invention
|
00
|
VCU successful execution
|
20
|
Request not supported
|
21
|
Unknown reasons, unable to execute requests
|
30
|
VCU busy
|
31
|
VCU does not learn, has no SK
|
32
|
VCU does not learn, does not have PIN
|
33
|
VCU has learned SK, but SK does not conform to
|
34
|
VCU has learned the PIN, but the PIN does not correspond
|
35
|
SK or PIN CRC check errors
|
36
|
Because of the PIN mismatch, the request does not execute |
As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully performs the key learning. And when the response code received by the PEPS is other values, the key learning failure and the reason of the failure are indicated.
In some embodiments, if it is determined that the first car PIN code has not been learned, the first car PIN code learning process is entered. Fig. 9 is a flowchart of a learning process 900 of the first car PIN code according to an embodiment of the present invention. As shown in fig. 9, the steps of the learning process 900 of the first car PIN code include:
step S910: and receiving a PIN code learning message sent by the PEPS, and decrypting the PIN code learning message through a default key, wherein the PIN code learning message comprises an encrypted second automobile PIN code. Fig. 10 is a schematic diagram of the structure of a PIN code learning message 1000 according to an embodiment of the present invention. As shown in fig. 10, the PIN code learning message 1000 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes the encrypted second car PIN code, CRC16, and padding data. The encrypted second car PIN code has a length of 4 bytes, the CRC16 has a length of 2 bytes, and the pad data has a length of 2 bytes.
Step S920: and checking the decrypted second automobile PIN code, and ending the PIN code learning process if the check fails. If the verification passes, the process proceeds to step S930.
Step S930: and judging whether the value of the first car PIN code is a first value, if not, not operating, and ending the learning process. If so, the process proceeds to step S940. The first value may be 0xFF. For example, it is determined whether the values of the first car PIN codes are all 0xFF, and if not, it means that the first car PIN codes have been learned, and no operation is required.
Step S940: the second car PIN code is pre-stored in the storage unit as the first car PIN code. Specifically, the value of the second car PIN code is used for replacing the value of the first car PIN code in the storage unit of the VCU, and after learning, the first car PIN code is consistent with the second car PIN code.
In some embodiments, the learning process of the first car PIN further includes sending a PIN learning result message to the PEPS. The PIN code learning result message includes a response code and padding data. The result of the PIN code learning is represented by a response code. Fig. 11 is a schematic diagram of the structure of a PIN code learning result message 1100 according to an embodiment of the present invention. As shown in fig. 11, the PIN code learning result message 1100 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises an answer code and padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the reply code may be as shown in table 1. As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully executes and the PIN code learning is successful. And when the response code received by the PEPS is other values, indicating that the PIN code learning fails and the reason of the failure.
In some embodiments, the car theft protection authentication method further comprises a resetting process of the first key and the first car PIN code. The resetting process can be finished before the delivery of the automobile, or after the delivery of the automobile. For example, when the car leaves the factory and the car has a problem and needs to reset the first key and the first car PIN, the after-sales engineer resets the first key and the first car PIN by using the default key. Fig. 12 is a flowchart of a reset procedure 1200 of the first key and the first car PIN code according to an embodiment of the present invention. As shown in fig. 12, the steps of the reset procedure 1200 of the first key and the first car PIN code include:
step S1201: and judging whether the first car PIN code stored in the VCU is a first value (0 xFF), if so, indicating that the first car PIN code is in a default state, and ending the reset process without resetting. If not, the process proceeds to step S1202.
Step S1202: and receiving an anti-theft reset message sent by the PEPS, and decrypting the anti-theft reset message through a default key, wherein the anti-theft reset message comprises an encrypted second automobile PIN code. Fig. 13 is a schematic diagram of an anti-theft reset message 1300 according to an embodiment of the present invention. As shown in fig. 13, the anti-theft reset message 1300 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field includes an encrypted second car PIN code and a second random number. The encrypted second car PIN code is 4 bytes in length and the second random number is 4 bytes in length.
Step S1203: and judging whether the decrypted second car PIN code is matched with the first car PIN code, if not, ending the resetting process. If so, the process proceeds to step S1204.
Step S1204: the value of the first car PIN code and the value of the first key are set to a first value. Specifically, the value of the first car PIN code and the value of the first key in the VCU memory unit are erased so that both the value of the first car PIN code and the value of the first key are 0xFF.
In some embodiments, the resetting of the first key and the first car PIN further comprises sending a reset result message to the PEPS. The reset result message includes an answer code and padding data. The reset result is represented by a reply code. Fig. 14 is a schematic diagram of a configuration of a reset result message 1400 according to an embodiment of the invention. As shown in fig. 14, the reset result message 1400 includes a name, a sender, a receiver, an ID, and a data field. Wherein the data field comprises an answer code and padding data. The length of the response code is 1 byte, and the length of the padding data is 7 bytes. Wherein the definition of the reply code may be as shown in table 1. As can be seen from table 1, when the response code received by the PEPS is 00, it indicates that the VCU successfully executes and the reset is successful. And when the response code received by the PEPS is other values, the reset failure and the reason of the failure are indicated.
The automobile anti-theft authentication method carries out bidirectional authentication through the authentication request message comprising the encrypted first automobile PIN code and the authentication response message comprising the encrypted second automobile PIN code, and has simple authentication flow, safety and reliability; the first secret key of the VCU and the first car PIN code both have self-learning functions, and factory configuration of the functions can be conveniently and efficiently completed on a production line; the VCU also has the anti-theft authentication reset function, thereby facilitating the reconfiguration after sale.
Fig. 15 is a flowchart of an automobile anti-theft authentication method 1500 according to another embodiment of the present invention, where the automobile anti-theft authentication method 1500 is applied to a keyless entry and startup system PEPS. As shown in fig. 15, the automobile anti-theft authentication method 1500 includes the steps of:
step S1501: and receiving an authentication request message sent by the VCU, and decrypting the authentication request message through a second key pre-stored in the VCU, wherein the authentication request message comprises an encrypted first automobile PIN code. The encrypted first car PIN code is generated by encrypting the learned first car PIN code by using the learned first key and an encryption algorithm. The learned first key is consistent with the second key. Thus, the PEPS may decrypt the authentication request message including the encrypted first car PIN code using the second key and the same encryption algorithm as the VCU.
Step S1502: and judging whether the decrypted first automobile PIN code is matched with a second automobile PIN code prestored in the automobile, if not, turning to step S1503, and if so, turning to step S1504.
Step S1503: the second value is taken as an authentication response message. The value of the second value may be set according to a convention, for example, may be set to all 0xFF of 8 bytes, indicating a one-way authentication failure of the VCU to the PEPS, and thus an overall authentication failure.
Step S1504: and generating an authentication response message according to the second key, the second car PIN code and the second random number.
Step S1505: and sending an authentication response message to the VCU, wherein the authentication response message is used for judging whether authentication is successful or not.
In some embodiments, the car theft prevention authentication method further comprises sending a key learn message to the VCU at intervals, the key learn message including the encrypted second key; judging whether the key learning result message sent by the VCU is received within the time threshold, if not, the key learning fails.
In some embodiments, the car theft prevention authentication method further comprises sending a PIN code learning message to the VCU at intervals, the PIN code learning message including an encrypted second car PIN code; judging whether the PIN code learning result message sent by the VCU is received within the time threshold, if not, the PIN code learning fails.
In some embodiments, the vehicle anti-theft authentication method further comprises sending an anti-theft reset message to the VCU at intervals, the anti-theft reset message comprising an encrypted second vehicle PIN code; judging whether a reset result message sent by the VCU is received within a time threshold, if not, the reset fails.
Fig. 16 is a system block diagram of an automobile anti-theft authentication system 1600 according to an embodiment of the present invention. As shown in fig. 16, the automobile anti-theft authentication system 1600 includes a Vehicle Control Unit (VCU) 1601 and a keyless entry and start system (PEPS) 1602. The vehicle controller 1601 and the keyless entry and start system 1602 may communicate via a CAN network. The vehicle controller 1601 is configured to send an authentication request message to the keyless entry and start system 1602 at intervals, where the authentication request message includes an encrypted first car PIN code, and receive an authentication response message fed back by the keyless entry and start system 1602, and determine whether authentication is successful according to the authentication response message. In some embodiments, the encrypted first car PIN is generated by encrypting the first car PIN with a first key, wherein both the first key and the first car PIN are learned.
The keyless entry and start system 1602 is configured to receive an authentication request message sent by the vehicle controller 1601, decrypt the authentication request message with a second key pre-stored in the vehicle controller 1601, determine whether the decrypted first car PIN code is matched with the second car PIN code pre-stored in the vehicle controller 1601, and send an authentication response message to the vehicle controller 1601 according to a matching result.
In some embodiments, the step of sending an authentication response message to the VCU based on the matching result includes: and if the matching is successful, generating an authentication response message according to the second key, the second car PIN code and the second random number, and if the matching is not successful, taking the second value as the authentication response message.
In some embodiments, the step of determining whether the authentication is successful based on the authentication response message comprises: decrypting the authentication response message with the first key; judging whether the decrypted second car PIN code is matched with the first car PIN code, if so, authenticating successfully, otherwise, authenticating failure.
In some embodiments, the step of determining whether the authentication is successful based on the authentication response message further comprises: before decrypting the authentication response message, judging whether the authentication response message is a second value, if so, directly judging that the authentication fails, and if not, decrypting the authentication response message.
In some embodiments, the vehicle controller 1601 and keyless entry and start system 1602 encrypt and decrypt data using the same AES algorithm, potentially reducing VCU resource usage and ensuring data security.
While the basic concepts have been described above, it will be apparent to those skilled in the art that the above disclosure is by way of example only and is not intended to be limiting. Although not explicitly described herein, various modifications, improvements, and adaptations of the present application may occur to one skilled in the art. Such modifications, improvements, and modifications are intended to be suggested within this application, and are therefore within the spirit and scope of the exemplary embodiments of this application.
Meanwhile, the present application uses specific words to describe embodiments of the present application. Reference to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic is associated with at least one embodiment of the present application. Thus, it should be emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various positions in this specification are not necessarily referring to the same embodiment. Furthermore, certain features, structures, or characteristics of one or more embodiments of the present application may be combined as suitable.
Likewise, it should be noted that in order to simplify the presentation disclosed herein and thereby aid in understanding one or more inventive embodiments, various features are sometimes grouped together in a single embodiment, figure, or description thereof. This method of disclosure, however, is not intended to imply that more features than are presented in the claims are required for the subject application. Indeed, less than all of the features of a single embodiment disclosed above.
While the present application has been described with reference to the present specific embodiments, those of ordinary skill in the art will recognize that the above embodiments are for illustrative purposes only, and that various equivalent changes or substitutions can be made without departing from the spirit of the present application, and therefore, all changes and modifications to the embodiments described above are intended to be within the scope of the claims of the present application.