CN115296815A - Identity authentication method for vehicle-mounted controller - Google Patents
Identity authentication method for vehicle-mounted controller Download PDFInfo
- Publication number
- CN115296815A CN115296815A CN202210903731.1A CN202210903731A CN115296815A CN 115296815 A CN115296815 A CN 115296815A CN 202210903731 A CN202210903731 A CN 202210903731A CN 115296815 A CN115296815 A CN 115296815A
- Authority
- CN
- China
- Prior art keywords
- key
- ecu
- gateway
- vehicle
- uid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000002347 injection Methods 0.000 claims abstract description 19
- 239000007924 injection Substances 0.000 claims abstract description 19
- 238000009826 distribution Methods 0.000 claims abstract description 15
- VIEYMVWPECAOCY-UHFFFAOYSA-N 7-amino-4-(chloromethyl)chromen-2-one Chemical compound ClCC1=CC(=O)OC2=CC(N)=CC=C21 VIEYMVWPECAOCY-UHFFFAOYSA-N 0.000 claims abstract description 11
- 230000004044 response Effects 0.000 claims description 15
- 238000004891 communication Methods 0.000 claims description 11
- 238000003860 storage Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 7
- 238000004519 manufacturing process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses an identity authentication method for a vehicle-mounted controller, which comprises the following steps: and (3) key injection: when the vehicle is off-line, a key injection tool is used for injecting the MasterKey into the gateway; key distribution: the gateway generates a key for the UID responded by the ECU by using a CMAC algorithm, and the key is more detailed to the HSM of the gateway after the ECU is successfully verified; identity authentication: when the whole vehicle is powered on, the gateway verifies the identity of the ECU through the stored UID of the ECU, and the ECU is ensured to be a legal ECU. The invention establishes the whole vehicle key management and distribution mechanism by taking the vehicle-mounted gateway as the credible center, provides a feasible method for the identity authentication of the vehicle-mounted controller, and reduces the implementation difficulty of the prior technical scheme.
Description
Technical Field
The invention belongs to the technical field of automobile information safety, and particularly relates to an identity authentication method for an on-board controller.
Background
In order to guarantee the application safety of the Internet of vehicles and the communication and data safety of the whole vehicle, a management system of a key and a certificate of the whole vehicle needs to be constructed. The system generally comprises a PKI infrastructure, an encryption authentication module, an algorithm generation module, a key generation module and the like. And constructing a whole vehicle trust chain system by generating, distributing and managing the identification key.
In the prior art, a cloud-based PKI infrastructure is generally adopted, and 1) a production line tool is used for injecting a secret key into an ECU when the ECU is off-line; 2) When the whole vehicle is off-line, network connection is established with PKI infrastructure through the T-Box, and after a certificate/key is obtained from the PKI infrastructure, the certificate/key is distributed in the vehicle through a CAN bus network; the basic mechanism of the vehicle key management system is shown in fig. 1. It has the following disadvantages:
1) The production line tool needs to be coupled with the development and manufacturing process of each ECU supplier, the influence is large, and the coordination difficulty is high;
2) The T-Box is connected with the PKI infrastructure, wireless network communication is relied on, and uncertainty exists in the production line environment of vehicle offline;
3) The key is distributed through the CAN bus network, a safe key interaction communication protocol needs to be additionally designed, and great pressure is brought to CAN bus load.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide an identity authentication method for a vehicle-mounted controller, which utilizes a hardware encryption module (HSM) arranged in a vehicle-mounted gateway to establish a whole vehicle key management and distribution mechanism with key generation, safe storage and automatic distribution; a system mechanism for identity authentication of a vehicle-mounted controller is established by taking a vehicle-mounted gateway as a trusted center.
In order to achieve the purpose, the identity authentication method of the vehicle-mounted controller is characterized by comprising the following steps:
s1, key injection: when the vehicle is off-line, a key injection tool is used for injecting a MasterKey, namely a root key into a gateway;
s2, key distribution: the gateway generates a key for the UID responded by the ECU by using a CMAC algorithm, and the key is more detailed to the HSM of the gateway after the ECU is successfully verified;
s3, identity authentication: when the whole vehicle is electrified, the gateway verifies the identity of the ECU through the stored UID of the ECU, and the ECU is ensured to be a legal ECU.
Preferably, step S1 is specifically as follows:
s101, a key injection tool requests to read the identity ID of a gateway;
s102, the gateway responds to the UID of the gateway;
s103, the key injection tool calculates key parameters M1-M5 through the UID in the S102 and sends the key parameters to the gateway; the key parameters M1-M3 are used for writing keys, and M4 and M5 are used for verifying the writing result;
s104, after receiving the key parameters, the gateway takes M1, M2 and M3 as parameters and calls a key load function of the HSM to generate a MasterKey;
and S105, the gateway verifies the return values M4 and M5 of the key load function, compares whether the M4 is consistent with the M4 and the M5 is consistent with the M5, and if so, the key injection is successful.
Preferably, step S2 is specifically as follows:
s201, the gateway sends a UID reading request, and the request data comprises a key state Mode field;
s202, the ECU sends a UID response according to the key state Mode, and response data comprise self addresses and UID information;
s203, the gateway stores the UID after receiving the UID information; generating a Master _ Key for the UID of each ECU by using a CMAC algorithm to obtain M1-M5 parameters, and sending a Key updating message to the ECUs, wherein the data comprises a Key state model, a target ECU address and M1-M5;
and S204, the ECU calculates and verifies M4 and M5 by using the same method, if the key is successful, the key is updated to the HSM, and meanwhile, a response is returned, and response data comprise a key state Mode, a destination ECU address and success or failure states.
Further preferably, in S201, the key status includes an initial status, an updated key status, and an erased key status; wherein, the initial state has no key.
More preferably, in S202, the address thereof is the lower 8 bits of the ECU diagnostic ID.
More preferably, in S202, a clear text UID is used; or the transmission ciphertext UID is used, and the decryption is carried out correspondingly in S203.
Preferably, in S3, the validity of the ECU is verified by calculating using a CMAC algorithm according to the random number sent by the gateway and the UID of the ECU.
More preferably, step S3 specifically includes the following steps:
s301, when the whole vehicle is electrified, the gateway generates a random number and sends an identity authentication request, and request data comprise the random number and an ECU destination address to be verified;
s302, the ECU calculates the UID of the ECU and the received gateway random number by using an AES _ CMAC algorithm and a safe storage key during key distribution to obtain an MAC;
s303, the ECU responds to the gateway, and response data comprise MAC;
s304, the gateway calculates the random number and the stored UID of the ECU by the same method to obtain MAC, compares whether the MAC and the MAC are consistent, if the MAC and the MAC are consistent, the ECU is a legal ECU, and can normally communicate; if the verification is inconsistent, the ECU is illegal, and the gateway gives an alarm or blocks communication.
Further preferably, in S301, when the entire vehicle is powered on, the gateway generates a 16-byte random number.
Further preferably, in S301, the identity authentication request data is required according to a field in a vehicle network communication security protocol.
The invention has the beneficial effects that: the invention establishes a whole vehicle key management and distribution mechanism by taking the vehicle-mounted gateway as a trusted center, provides a feasible method for the identity authentication of the vehicle-mounted controller and reduces the implementation difficulty of the prior technical scheme.
And (3) injecting the MasterKey into the gateway by using a key injection tool (diagnostic instrument), generating and distributing the key to each ECU by the gateway, and carrying out the integral flow and mechanism of identity authentication between the gateway and each ECU.
Drawings
FIG. 1 is a prior art vehicle key management architecture
FIG. 2 is a schematic diagram of key injection according to the present invention
FIG. 3 is a key distribution diagram of the present invention
FIG. 4 is a schematic diagram of identity authentication according to the present invention
Detailed Description
The invention will now be described in further detail, including the preferred embodiments, with reference to the accompanying drawings and by way of illustration of some alternative embodiments of the invention. It is to be understood that the described embodiments are merely a few embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without any inventive step, are within the scope of the present invention.
The invention relates to an identity authentication method of a vehicle-mounted controller, which comprises the following specific processes:
1) MasterKey, root key injection, as shown in figure 2,
when the vehicle is off-line, a key injection tool (diagnostic instrument) is used for injecting MasterKey into the gateway, and the flow is as follows:
a) A key injection tool (diagnostic instrument) requests to read the identity ID (UID) of the gateway;
b) The gateway responds to the UID of the gateway;
c) The key injection tool (diagnostic instrument) calculates key parameters M1-M5 through UID and sends the key parameters to the gateway;
d) Key parameters M1 to M5: M1-M3 are used for writing the secret key, and M4 and M5 are used for verifying the writing result;
e) After receiving the key parameters, the gateway takes M1, M2 and M3 as parameters and calls a key load function of the HSM to generate a MasterKey;
f) And verifying the return values M4 and M5 of the key load function, comparing M4 with M4, and comparing M5 with M5 to determine whether the comparison is consistent, wherein if the comparison is consistent, the key loader is successful.
2) The key distribution, as shown in figure 3,
the key is generated and distributed by the gateway to the respective ECUs (controllers).
a) The gateway sends a UID reading request, and the request data comprises a key state Mode field, wherein the key state comprises an initial state (without a key), an updated key state and an erased key state;
b) The ECU sends UID response according to the key state Mode, the response data comprises self address (lower 8 bits of ECU diagnosis ID) and plaintext UID, and the UID can be confused to obtain UID and transmit ciphertext UID);
c) The gateway receives the plain text UID, if the plain text UID is the ciphertext UID, the UID is obtained by confusing the UID, and then the UID is stored; generating Master _ Key for UID of each ECU by using CMAC algorithm to obtain M1-M5 parameters, sending a Key updating message to the ECU, wherein the data comprises Key state Mode, destination ECU address and M1-M5;
d) The ECU calculates and verifies M4 and M5 by using the same method, if the key is successful, the key is updated to the HSM, and meanwhile, a response is returned, and response data comprise a key state Mode, a destination ECU address and a success or failure state;
3) Identity authentication
And when the whole vehicle is powered on, the identity of the ECU of the whole vehicle is verified, and the communication ECU is ensured to be a legal ECU.
a) When the whole vehicle is powered on, the gateway generates a 16-byte random number and sends an identity authentication request, request data comprise the random number and an ECU destination address to be verified, and the identity authentication request data are required by fields in a vehicle-mounted network communication security protocol;
b) The ECU uses an AES _ CMAC algorithm and a safe storage key during key distribution to calculate the UID of the ECU and the received gateway random number to obtain MAC;
c) The ECU responds to the gateway, and response data contain MAC;
d) The gateway calculates the random number and the stored UID of the ECU to obtain MAC, compares whether the MAC is consistent or not, if the MAC is consistent, the ECU is a legal ECU, and can normally communicate; if the verification is inconsistent, the ECU is illegal, and the gateway gives an alarm or blocks communication. Generally, alarm processing is performed in a research and development testing stage, and communication is blocked in a mass production stage.
Device identity, device ID requires use of UID (globally unique identification code) inside HSM module;
the gateway of the present invention has a storage space for storing a plurality of UIDs, and each UID generally occupies 15 bytes.
The key update is triggered when the gateway and the ECU device are replaced. After the ECU is replaced, if the ECU is a legal ECU, a key distribution mechanism program is injected into the ECU, but the key state is an initial no-key state, and a key injection tool is required to transmit key distribution request data, and the step S2 is directly executed, so that the key distribution is only required.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and any modification, combination, replacement, or improvement made within the spirit and principle of the present invention is included in the scope of the present invention.
Claims (10)
1. An identity authentication method for a vehicle-mounted controller is characterized by comprising the following steps:
s1, key injection: when the vehicle is off-line, a key injection tool is used for injecting the root key into the gateway;
s2, key distribution: the gateway generates a key for the UID responded by the ECU by using a CMAC algorithm, and the key is more detailed to the HSM of the gateway after the ECU is successfully verified;
s3, identity authentication: when the whole vehicle is electrified, the gateway verifies the identity of the ECU through the stored UID of the ECU, and the ECU is ensured to be a legal ECU.
2. The vehicle-mounted controller identity authentication method according to claim 1, wherein: the step S1 is as follows:
s101, a key injection tool requests to read the identity ID of a gateway;
s102, the gateway responds to the UID of the gateway;
s103, the key injection tool calculates key parameters M1-M5 through the UID in the S102 and sends the key parameters to the gateway; the key parameters M1-M3 are used for writing keys, and M4 and M5 are used for verifying the writing result;
s104, after receiving the key parameters, the gateway takes M1, M2 and M3 as parameters and calls a key load function of the HSM to generate a MasterKey;
and S105, the gateway verifies the return values M4 and M5 of the key load function, compares whether the M4 is consistent with the M4 and the M5 is consistent with the M5, and if so, the key injection is successful.
3. The identity authentication method of the vehicle-mounted controller according to claim 1, characterized in that: step S2 is specifically as follows:
s201, the gateway sends a UID reading request, and the request data comprises a key state Mode field;
s202, the ECU sends a UID response according to the key state Mode, and response data comprise self addresses and UID information;
s203, the gateway stores the UID after receiving the UID information; generating a Master _ Key for the UID of each ECU by using a CMAC algorithm to obtain M1-M5 parameters, and sending a Key updating message to the ECUs, wherein the data comprises a Key state model, a target ECU address and M1-M5;
and S204, the ECU calculates and verifies M4 and M5 by using the same method, if the key is successful, the key is updated to the HSM, and meanwhile, a response is returned, and response data comprise a key state Mode, a destination ECU address and success or failure states.
4. The vehicle-mounted controller identity authentication method according to claim 3, wherein: in S201, the key state includes an initial state, an updated key state, and an erased key state; wherein, the initial state has no key.
5. The vehicle-mounted controller identity authentication method according to claim 3, wherein: in S202, the self address is the lower 8 bits of the ECU diagnostic ID.
6. The vehicle-mounted controller identity authentication method according to claim 3, wherein: in S202, a plaintext UID is used; or the transmission ciphertext UID is used, and decryption is performed correspondingly in S203.
7. The identity authentication method of the vehicle-mounted controller according to claim 1, characterized in that: and S3, calculating and verifying the legality of the ECU by using a CMAC algorithm according to the random number sent by the gateway and the UID of the ECU.
8. The vehicle-mounted controller identity authentication method according to claim 7, wherein: step S3 is specifically as follows:
s301, when the whole vehicle is electrified, the gateway generates a random number and sends an identity authentication request, and request data comprise the random number and an ECU destination address to be verified;
s302, the ECU calculates the UID of the ECU and the received gateway random number by using an AES _ CMAC algorithm and a safe storage key during key distribution to obtain an MAC;
s303, the ECU responds to the gateway, and response data comprise MAC;
s304, the gateway calculates the random number and the stored UID of the ECU by the same method to obtain MAC, compares whether the MAC and the MAC are consistent, if the MAC and the MAC are consistent, the ECU is a legal ECU, and can normally communicate; if the verification is inconsistent, the ECU is illegal, and the gateway gives an alarm or blocks communication.
9. The vehicle-mounted controller identity authentication method according to claim 8, wherein: in S301, when the entire vehicle is powered on, the gateway generates a 16-byte random number.
10. The vehicle-mounted controller identity authentication method according to claim 8, wherein: in S301, the identity authentication request data is requested according to the field in the communication security protocol of the vehicle-mounted network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210903731.1A CN115296815B (en) | 2022-07-28 | Identity authentication method for vehicle-mounted controller |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210903731.1A CN115296815B (en) | 2022-07-28 | Identity authentication method for vehicle-mounted controller |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115296815A true CN115296815A (en) | 2022-11-04 |
CN115296815B CN115296815B (en) | 2024-07-05 |
Family
ID=
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017006862A1 (en) * | 2015-07-03 | 2017-01-12 | Kddi株式会社 | Software distribution processing device, vehicle, software distribution processing method, and computer program |
CN106647723A (en) * | 2017-02-08 | 2017-05-10 | 宝沃汽车(中国)有限公司 | Vehicle condition monitoring method based on Internet of vehicles, vehicle condition monitoring system based on Internet of vehicles, and vehicle |
JP2017130908A (en) * | 2016-01-18 | 2017-07-27 | Kddi株式会社 | On-vehicle computer system, vehicle, key generator, management method, key generation method, and computer program |
CN107104791A (en) * | 2017-03-29 | 2017-08-29 | 江苏大学 | A kind of in-vehicle network one-time pad communication means hidden based on ECU identity |
CN109314640A (en) * | 2016-08-29 | 2019-02-05 | Kddi株式会社 | Information of vehicles collection system, car-mounted computer, information of vehicles collection device, information of vehicles collection method and computer program |
CN114599028A (en) * | 2022-03-21 | 2022-06-07 | 南通大学 | Vehicle networking pseudonym management method based on homomorphic encryption mechanism |
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017006862A1 (en) * | 2015-07-03 | 2017-01-12 | Kddi株式会社 | Software distribution processing device, vehicle, software distribution processing method, and computer program |
JP2017130908A (en) * | 2016-01-18 | 2017-07-27 | Kddi株式会社 | On-vehicle computer system, vehicle, key generator, management method, key generation method, and computer program |
CN109314640A (en) * | 2016-08-29 | 2019-02-05 | Kddi株式会社 | Information of vehicles collection system, car-mounted computer, information of vehicles collection device, information of vehicles collection method and computer program |
CN106647723A (en) * | 2017-02-08 | 2017-05-10 | 宝沃汽车(中国)有限公司 | Vehicle condition monitoring method based on Internet of vehicles, vehicle condition monitoring system based on Internet of vehicles, and vehicle |
CN107104791A (en) * | 2017-03-29 | 2017-08-29 | 江苏大学 | A kind of in-vehicle network one-time pad communication means hidden based on ECU identity |
CN114599028A (en) * | 2022-03-21 | 2022-06-07 | 南通大学 | Vehicle networking pseudonym management method based on homomorphic encryption mechanism |
Non-Patent Citations (2)
Title |
---|
万爱兰;韩牟;马世典;王运文;华蕾;冯晓林;: "基于一次性密码本的车内网身份认证协议", 计算机工程, no. 06, 15 June 2018 (2018-06-15) * |
郭志刚;潘俊家;韩光省;郝晶晶;牛宏宇;: "基于车载CAN总线的安全通信机制研究", 中国汽车, no. 07, 22 July 2020 (2020-07-22) * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
JP6260066B2 (en) | In-vehicle computer system and vehicle | |
US9577997B2 (en) | Authentication system and authentication method | |
CN102546155B (en) | On-demand safe key generates method and system | |
CN106685653B (en) | Vehicle remote firmware updating method and device based on information security technology | |
CN112543927B (en) | Equipment upgrading method and related equipment | |
CN105187376A (en) | Safe communication method of internal automobile network in Telematics | |
CN104118392A (en) | Engine anti-theft authentication method and device of engine anti-theft system | |
CN113613214B (en) | In-vehicle message authentication key management method and readable storage medium | |
CN111049803A (en) | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system | |
CN112840683B (en) | Vehicle key management method, device and system | |
US20170111332A1 (en) | Method and system for asymmetric key derivation | |
CN115665138A (en) | Automobile OTA (over the air) upgrading system and method | |
CN113114699A (en) | Vehicle terminal identity certificate application method | |
CN112087419B (en) | Vehicle-mounted terminal data transmission safety protection method and device | |
CN112953939A (en) | Key management method | |
CN108377184B (en) | Distributed authentication encryption method for internal network of intelligent automobile | |
CN113411294A (en) | Vehicle-mounted secure communication method, system and device based on secure cloud public key protection | |
CN114629636A (en) | Certificate list updating method and device | |
CN116094833A (en) | Key management method and system for whole vehicle key distribution | |
CN111194033B (en) | In-vehicle secure communication method, system and computer storage medium | |
CN115296815B (en) | Identity authentication method for vehicle-mounted controller | |
CN114785557B (en) | Whole vehicle symmetric key distribution system, method and storage medium | |
CN115296815A (en) | Identity authentication method for vehicle-mounted controller | |
CN115174083A (en) | Internet of vehicles information encryption method and device and Internet of vehicles system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |