CN115665138A - Automobile OTA (over the air) upgrading system and method - Google Patents
Automobile OTA (over the air) upgrading system and method Download PDFInfo
- Publication number
- CN115665138A CN115665138A CN202211422104.2A CN202211422104A CN115665138A CN 115665138 A CN115665138 A CN 115665138A CN 202211422104 A CN202211422104 A CN 202211422104A CN 115665138 A CN115665138 A CN 115665138A
- Authority
- CN
- China
- Prior art keywords
- encrypted
- key
- service
- vehicle
- symmetric key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of automobile software upgrading, and discloses an automobile OTA upgrading system and method, wherein the system comprises: the OTA management module is arranged at the vehicle end and used for receiving the service upgrading request, searching a vehicle end public and private key pair corresponding to the service and sending a vehicle end public key and the service upgrading request to the cloud end; the OTA service module is arranged at the cloud end and used for receiving the service upgrading request, searching a software upgrading package corresponding to the service and a service end symmetric key; encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet; encrypting the symmetric key by adopting a vehicle public key to obtain an encrypted symmetric key; and sending the encrypted software upgrade package and the encrypted symmetric key to a vehicle end. The invention ensures the safety of the software upgrading package in the downloading and transmitting process by configuring different keys for different services at the vehicle end and the server end and adopting a mode of combining asymmetric encryption and symmetric encryption.
Description
Technical Field
The invention belongs to the technical field of automobile software upgrading, and particularly relates to an automobile OTA upgrading system and method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
The Over-the-Air Technology (Over-the-Air Technology) is a Technology for remotely managing mobile terminal equipment and SIM card data through an Air interface of mobile communication. The method is applied to the field of automobiles to realize online updating and upgrading of the system. However, in both the data transmission link and the software updating link, the functions of the automobile, the personal privacy and even the personal safety may be damaged.
At present, aiming at the aspect of information security of OTA (over the air) upgrading of an automobile, the following improvement strategies are mainly adopted: and encrypting the software upgrade package by adopting a hash value verification and a digital signature algorithm or an encryption algorithm. The method adopts Hash value verification or digital signature algorithm verification, and whether the software package is sent and tampered at the cloud end cannot be guaranteed; the software upgrade package is encrypted by an encryption algorithm, a corresponding secret key is usually required to be stored at a vehicle end, and the safety protection of the secret key is also an important problem to be solved.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides the OTA upgrading system and the OTA upgrading method for the automobile.
In order to achieve the above object, one or more embodiments of the present invention provide the following technical solutions:
an automotive OTA upgrade system comprising:
the OTA management module is arranged at the vehicle end and used for receiving the service upgrading request, searching a vehicle end public and private key pair corresponding to the service and sending a vehicle end public key and the service upgrading request to the cloud end;
the OTA service module is arranged at the cloud and used for receiving the service upgrading request, searching a software upgrading package corresponding to the service and a server symmetric key; encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet; encrypting the symmetric key by adopting a vehicle public key to obtain an encrypted symmetric key; and sending the encrypted software upgrading packet and the encrypted symmetric key to a vehicle end.
Further, the OTA management module receives an encrypted software upgrade package and an encrypted symmetric key sent by a cloud end, and decrypts the encrypted symmetric key based on a vehicle-end private key to obtain a symmetric key; and decrypting the encrypted software upgrading packet based on the symmetric key to obtain the software upgrading packet.
Further, the OTA service module also searches a server public key digital certificate and a server private key corresponding to the service;
before the software upgrading package is encrypted by the symmetric key, performing hash operation on the software upgrading package to obtain a cloud abstract value of the software upgrading package, and encrypting the cloud abstract value by a server private key to obtain a digital signature; and sending the digital signature and the server public key digital certificate together with the encrypted software upgrade package and the encrypted symmetric key to the vehicle end.
Further, the OTA management module acquires a server public key through a server public key digital certificate, and decrypts a digital signature based on the server public key to obtain a cloud abstract value of the software upgrade package;
and after the software upgrading package is obtained through decryption, carrying out Hash operation to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
Further, encrypting the software upgrading package by adopting the symmetric key based on an SM4 encryption algorithm; and encrypting the symmetric key by adopting a vehicle public key based on an SM2 encryption algorithm.
Further, the OTA management module mounts at least one flash memory for storing the decrypted software upgrade package.
One or more embodiments provide an automobile OTA upgrading method, which is applied to a cloud end and comprises the following steps:
receiving a service upgrading request and a vehicle public key sent by a vehicle end;
searching a corresponding software upgrading package and acquiring a server-side symmetric key;
encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet;
encrypting the symmetric key by adopting a vehicle end public key to obtain an encrypted symmetric key;
and sending the encrypted software upgrading packet and the encrypted symmetric key to a vehicle end.
Further, after receiving a service upgrading request, searching a server public key digital certificate and a server private key corresponding to the service; before the software upgrading package is encrypted by the symmetric key, firstly carrying out Hash operation on the software upgrading package to obtain an abstract value, and encrypting the abstract value by a server private key to obtain a digital signature; and sending the digital signature and the server public key digital certificate together with the encrypted software upgrade package and the encrypted symmetric key to the vehicle end.
One or more embodiments provide an OTA upgrading method for an automobile, which is applied to an automobile end, wherein the automobile end is connected with the cloud end, and the OTA upgrading method comprises the following steps:
receiving a service upgrading request, searching a vehicle-end public and private key pair corresponding to the service, and sending a vehicle-end public key and the service upgrading request to a cloud end;
receiving an encrypted software upgrade package and an encrypted symmetric key sent by a cloud, and decrypting the encrypted symmetric key based on a vehicle-end private key to obtain a symmetric key; and decrypting the encrypted software upgrading packet based on the symmetric key to obtain the software upgrading packet.
Further, a digital signature and a server public key digital certificate sent by a cloud are obtained;
acquiring a server public key through a server public key digital certificate, and decrypting a digital signature based on the server public key to obtain a cloud abstract value of the software upgrade package;
and after the software upgrading package is obtained through decryption, performing hash operation to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
The above one or more technical solutions have the following beneficial effects:
different keys are configured for different services at the vehicle end and the server end, and a mode of combining asymmetric encryption and symmetric encryption is adopted, so that the safety of the software upgrade package in the downloading and transmission process is ensured, and the OTA upgrade safety of the whole vehicle is improved; even if the key corresponding to a certain service is cracked, the service is only affected, and other services cannot be affected.
The cloud end calculates a digital signature for the software upgrading package, then multi-level encryption is carried out, symmetrical encryption is carried out on the software upgrading package in sequence, and a secret key used for encryption is asymmetrically encrypted; the vehicle end obtains the software upgrading packet after multi-level decryption, then executes digital signature verification, and not only guarantees the safety in the data transmission process, but also guarantees the authenticity and the integrity of the file through the combination of file encryption and digital signature verification.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
Fig. 1 is a framework diagram of the car OTA upgrading system in the first embodiment of the present invention;
fig. 2 is a schematic diagram of an upgrading principle of the car OTA upgrading system in the first to third embodiments of the present invention.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments of the present invention may be combined with each other without conflict.
Example one
The purpose of this embodiment is to realize the process of downloading the software upgrade package from the cloud server to the designated ECU by the vehicle, and on one hand, to ensure that the downloaded and transmitted software upgrade package is the latest software upgrade package matched with the service, and on the other hand, to ensure the security of the transmission process and the software upgrade package itself. Based on this, this embodiment provides an automobile OTA upgrading system, the system relates to vehicle end and high in the clouds, and the vehicle end passes through the telematics control unit and establishes being connected with the high in the clouds, the connection can adopt current communication technologies such as 3G/4G/5G mobile network, does not limit here. The concrete description is as follows.
The vehicle end comprises an OTA management module (OTA Manager) and a vehicle remote information Control Unit (TCU), wherein the OTA management module is responsible for managing the upgrading process of all ECUs or APPs of the vehicle, informing an ECU upgrading strategy and feeding back confirmation information to the cloud end after the upgrading is finished; in this embodiment, the OTA management module is further configured to manage a car-end public and private key pair corresponding to different service types. The vehicle remote information control unit is used as a junction for communication between the vehicle and the cloud end and used for sending an upgrading request to the cloud end and acquiring a software upgrading package from the cloud end.
The cloud is configured to include an OTA service module and a KMS service module (Key Management System), wherein the OTA service module is a modular service set for different service sets, includes software upgrade packages for different services, is provided with software version Management, and is configured with different upgrade policies and Key Management systems called by different service sets, i.e., service interface functions of the KMS service module, corresponding to different software upgrade package types, such as full packages and differential packages. The KMS service module mainly provides digital timestamp service, symmetric key generation service (one-time pad), asymmetric key generation service and certificate management service (CA) which correspond to different services required by a cloud end in the OTA of the automobile. The KMS service module is used to provide a comprehensive set of key related services for the OTA service module.
The KMS service module manages the key use requirement and the application scene of each service module in the OTA service. Static key management may be employed, as well as dynamic key management. And static key management, namely, the KMS service module generates a symmetric key and a server public and private key for different service types in advance, applies for a digital certificate for associated storage, and updates the symmetric key periodically. It is understood that a table structure is used to store the physical storage locations of the different service types and corresponding keys. The dynamic key management is that after the KMS service module receives a service upgrading request each time, a new symmetric key is generated for the service, and the last symmetric key is covered to realize one-time pad. The one-time pad strategy is adopted for the symmetric keys of the software upgrading packages with different service types, so that the cracking and tampering difficulty of the software upgrading packages is increased.
Specifically, the OTA upgrade system for the vehicle comprises:
the OTA management module is arranged at the vehicle end, and the OTA service module and the KMS service module are arranged at the cloud end. The specific description is as follows:
the OTA management module is arranged at the vehicle end and used for receiving the service upgrading request, searching a vehicle end public and private key pair corresponding to the service and sending a vehicle end public key and the service upgrading request to the cloud end;
and receiving an encrypted software upgrade package, an encrypted symmetric key, a digital signature and a server public key digital certificate sent by the cloud, and executing the following steps:
(1) Decrypting the encrypted symmetric key based on a vehicle-end private key to obtain a symmetric key;
(2) Decrypting the encrypted software upgrade package based on the symmetric key to obtain a software upgrade package;
(3) Acquiring a server public key through a server public key digital certificate, and decrypting a digital signature based on the server public key to obtain a cloud abstract value of the software upgrade package; and carrying out Hash operation on the software upgrading packet obtained by decryption to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
The OTA management module is also provided with at least one flash memory for storing software upgrade packages and/or ECUs for backup so as to be convenient for rollback recovery after ECU upgrade failure.
The OTA service module is arranged at the cloud end and used for receiving the service upgrading request, searching a software upgrading package corresponding to the service, and acquiring a server public key digital certificate, a server private key and a server symmetric key corresponding to the service from the KMS service module; the following steps are then performed:
(1) Carrying out Hash operation on the software upgrading package to obtain a cloud abstract value of the software upgrading package, and encrypting the cloud abstract value by adopting a server private key to obtain a digital signature;
(2) Encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet;
(3) Encrypting the symmetric key by adopting a vehicle end public key to obtain an encrypted symmetric key; and sending the encrypted software upgrade package, the encrypted symmetric key, the digital signature and the server public key digital certificate to the vehicle end.
The vehicle end or the cloud end adopts a symmetric encryption and decryption mode for the software upgrading packet, and is based on an SM4 encryption algorithm; the symmetric key is encrypted by adopting a vehicle public key, the digital signature is encrypted by adopting a server private key, and the corresponding decryption process adopts an SM2 encryption algorithm.
The SM4 encryption algorithm is a block encryption algorithm, and the block length and the key length are both 128 bits. The SM4 encryption algorithm uses a 32-round non-linear iterative structure. After the last round of nonlinear iteration, SM4 adds a reverse order transformation, so that the decryption algorithm of SM4 can be consistent with the encryption algorithm as long as the decryption key is the reverse order of the encryption key. The body operation of SM4 is an unbalanced Feistel network. The whole logic structure is shown in fig. 1, and plaintext is transformed into ciphertext through 32 rounds of transformation. In this embodiment, the cryptographic SM4 and SM2 encryption technologies are used to perform steps such as digital signature, signature verification, and digital certificate verification on the software upgrade package in the car OTA upgrade, so that encrypted transmission of the software upgrade package is realized, the tamper-resistant function of the software upgrade package is realized, and the information security of the car-end application software upgrade package is ensured. The SM2 encryption technology (also called public key digital signature) is a digital string which can be generated only by the sender of the information and cannot be forged by others, and the digital string is also a valid proof of the authenticity of the information sent by the sender of the information. It is a method for authenticating digital information that is similar to a normal physical signature written on paper, but implemented using techniques in the field of public key cryptography. A set of digital signatures typically defines two complementary operations, one for signing and the other for verification. The digital signature is an application of asymmetric key encryption technology and digital digest technology. The SM4 encryption algorithm is a commercial cipher standard in China, and the predecessor of the SM4 encryption algorithm is an SMS4 algorithm.
To more clearly illustrate the operation of the above system, the following is made:
step 1: the OTA management module at the vehicle end receives a service upgrading request which is triggered by a user and aims at certain service upgrading, such as a rest mode of mode upgrading, and sends the service to OTA at the vehicle end; the service upgrading request includes identification information of a service to be upgraded, where the identification information may be a service name, and may also be an identification of another service, for example, a unique number is assigned to each type of service.
Step 2: the vehicle-end OTA management module searches a vehicle-end public and private key pair (HPublicKey and HPrivateKey) corresponding to the service to be upgraded, and sends a vehicle-end public key (HPublicKey) and the service upgrading request to a cloud end through a remote information control unit;
and step 3: the cloud OTA service module receives the service upgrading request and the vehicle public key, searches a corresponding software upgrading packet according to the identification information of the service to be upgraded and records the software upgrading packet as A; acquiring a server private key (ServerPrivateKey) and a server public key digital certificate (containing a server public key and a server symmetric key (K) inside) required by a service to be upgraded from a KMS service module;
and 4, step 4: performing hash calculation on the software upgrading packet to obtain an abstract value (Z), and encrypting the abstract value (Z) by adopting a server private key (ServerPrivateKey) based on an SM2 encryption algorithm to obtain a digital signature (Z);
and 5: encrypting the software upgrading packet by adopting a symmetric key (K) as a key based on an SM4 encryption algorithm to obtain an encrypted software upgrading packet, and marking the encrypted software upgrading packet as A; packing the symmetric key (K) by using a vehicle public key (HPublicKey) and using an SM2 encryption algorithm to obtain an encrypted symmetric key (K); feeding back the encrypted software upgrading packet (A), the encrypted symmetric key (K), the digital signature (Z) and the server public key digital certificate to the vehicle-end remote information control unit through the mobile network;
and 6: the vehicle-end OTA management module receives an encrypted software upgrading packet (A), an encrypted symmetric key (K), a digital signature (Z) and a server public key digital certificate which are sent by a cloud end through the remote information control unit;
and 7: decrypting the encrypted symmetric key (K) by adopting a vehicle-end private key (HPrivateKey) based on an SM2 encryption algorithm to obtain a service-end symmetric key (K); decrypting the software upgrading packet (A) by using the symmetric key (K) to obtain a plaintext of the software upgrading packet (A);
and 8: obtaining a server public key ServerPublicKey through a server public key digital certificate, and unlocking a digital signature (Z) by using an SM2 encryption algorithm to obtain a digest value (Z) (called a digest value Z1);
and step 9: using the same hash calculation as the sender to create a digest value (called digest Z2) for the decrypted software upgrade package (A); and comparing the abstract value Z1 with the abstract value Z2, if the abstract values are different, indicating that the information is tampered, discarding the software upgrading packet, and sending the warning information to the cloud server on the original way. If the two are the same, the software upgrading package is not tampered and comes from the trusted cloud service, and the step 10 is executed;
step 10: and the vehicle-end OTA management module updates and distributes the software upgrading packet to an ECU (electronic control unit) or a part of operating system related to the service to be upgraded (mode updating-nap mode), and informs the upgrading strategy information corresponding to the service to be upgraded. And after the upgrading process is finished, sending confirmation information to the server.
In the embodiment, different keys are configured for different services at the vehicle end and the server end, and a mode of combining asymmetric encryption and symmetric encryption is adopted, so that the security of the software upgrade package in the downloading and transmission process is ensured, and the OTA upgrade security of the whole vehicle is improved; even if the key corresponding to a certain service is cracked, the service is only influenced, and other services cannot be influenced. In addition, as the public and private key pair at the vehicle end is necessary to be matched with the cloud end to complete the whole encryption and decryption, even if the public and private key pair is cracked or stolen, the software upgrading package cannot be intercepted.
Example two
The embodiment discloses an automobile OTA upgrading method, which is applied to a cloud terminal and comprises the following steps:
step 1: receiving a service upgrading request and a vehicle public key sent by a vehicle end;
step 2: searching a corresponding software upgrading package and acquiring a server-side symmetric key;
and step 3: encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet;
and 4, step 4: encrypting the symmetric key by adopting a vehicle end public key to obtain an encrypted symmetric key;
and 5: and sending the encrypted software upgrading packet and the encrypted symmetric key to a vehicle end.
In step 2, the server public key digital certificate and the server private key corresponding to the service are also searched. Before executing the step 3, firstly carrying out Hash operation on the software upgrading packet to obtain an abstract value, and encrypting the abstract value by adopting a server private key to obtain a digital signature; and sending the digital signature and the server public key digital certificate together with the encrypted software upgrade package and the encrypted symmetric key to the vehicle end.
And in the step 4, the symmetric key is encrypted by a vehicle public key by adopting an SM2 encryption algorithm.
And in the step 3, the software upgrading packet is encrypted by adopting the symmetric key and adopting an SM4 encryption algorithm.
EXAMPLE III
The embodiment discloses an automobile OTA upgrading method, which is applied to an automobile end and comprises the following steps:
receiving a service upgrading request, searching a vehicle public and private key pair corresponding to the service, and sending the vehicle public key and the service upgrading request to a cloud terminal;
receiving an encrypted software upgrade package and an encrypted symmetric key sent by a cloud, and decrypting the encrypted symmetric key based on a vehicle-end private key to obtain a symmetric key; and decrypting the encrypted software upgrading packet based on the symmetric key to obtain the software upgrading packet.
More specifically, a digital signature and a server public key digital certificate sent by a cloud are also obtained; acquiring a server public key through a server public key digital certificate, and decrypting a digital signature based on the server public key to obtain a cloud abstract value of the software upgrade package; and after the software upgrading package is obtained through decryption, carrying out Hash operation to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
The steps related to the second and third embodiments correspond to the first embodiment of the method, and the detailed description can be found in the related description of the first embodiment.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.
Claims (10)
1. An automotive OTA upgrade system, comprising:
the OTA management module is arranged at the vehicle end and used for receiving the service upgrading request, searching a vehicle end public and private key pair corresponding to the service and sending the vehicle end public key and the service upgrading request to the cloud end;
the OTA service module is arranged at the cloud and used for receiving the service upgrading request, searching a software upgrading package corresponding to the service and a server symmetric key; encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet; encrypting the symmetric key by adopting a vehicle public key to obtain an encrypted symmetric key; and sending the encrypted software upgrading packet and the encrypted symmetric key to a vehicle end.
2. The OTA upgrade system for a vehicle according to claim 1, wherein the OTA management module further receives an encrypted software upgrade package and an encrypted symmetric key sent by a cloud, and decrypts the encrypted symmetric key based on a vehicle private key to obtain a symmetric key; and decrypting the encrypted software upgrading packet based on the symmetric key to obtain the software upgrading packet.
3. The OTA system for automotive upgrade as claimed in claim 1, wherein the OTA service module further finds a server public key digital certificate and a server private key corresponding to the service;
before the software upgrading package is encrypted by the symmetric key, firstly carrying out Hash operation on the software upgrading package to obtain a cloud abstract value of the software upgrading package, and encrypting the cloud abstract value by a server private key to obtain a digital signature; and sending the digital signature and the server public key digital certificate together with the encrypted software upgrade package and the encrypted symmetric key to the vehicle end.
4. The OTA upgrading system for vehicles according to claim 3, wherein the OTA management module obtains a server public key through a server public key digital certificate, decrypts a digital signature based on the server public key to obtain a cloud digest value of the software upgrade package;
and after the software upgrading package is obtained through decryption, carrying out Hash operation to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
5. The automotive OTA upgrade system according to any one of claims 1-4, wherein the software upgrade package is encrypted with the symmetric key based on an SM4 encryption algorithm; and encrypting the symmetric key by adopting a vehicle public key based on an SM2 encryption algorithm.
6. The system for automotive OTA upgrade method according to claim 1, wherein the OTA management module mounts at least one flash memory for storing the decrypted software upgrade package.
7. An OTA (over the air) upgrading method for an automobile is applied to a cloud end and is characterized by comprising the following steps:
receiving a service upgrading request and a vehicle public key sent by a vehicle end;
searching a corresponding software upgrading package and acquiring a server-side symmetric key;
encrypting the software upgrading packet by adopting the symmetric key to obtain an encrypted software upgrading packet;
encrypting the symmetric key by adopting a vehicle end public key to obtain an encrypted symmetric key;
and sending the encrypted software upgrading packet and the encrypted symmetric key to a vehicle end.
8. The OTA upgrading method of claim 7, wherein after receiving a service upgrade request, the OTA upgrading method further searches for a server public key digital certificate and a server private key corresponding to the service; before the software upgrading package is encrypted by the symmetric key, firstly carrying out Hash operation on the software upgrading package to obtain an abstract value, and encrypting the abstract value by a server private key to obtain a digital signature; and sending the digital signature and the server public key digital certificate together with the encrypted software upgrade package and the encrypted symmetric key to the vehicle end.
9. An OTA (over the air) upgrading method for an automobile, which is applied to an automobile end connected with the cloud end of claim 7 or 8, and is characterized by comprising the following steps:
receiving a service upgrading request, searching a vehicle-end public and private key pair corresponding to the service, and sending a vehicle-end public key and the service upgrading request to a cloud end;
receiving an encrypted software upgrade package and an encrypted symmetric key sent by a cloud, and decrypting the encrypted symmetric key based on a vehicle-end private key to obtain a symmetric key; and decrypting the encrypted software upgrading packet based on the symmetric key to obtain the software upgrading packet.
10. The OTA upgrade method for a vehicle of claim 9,
acquiring a digital signature and a server public key digital certificate sent by a cloud terminal;
acquiring a server public key through a server public key digital certificate, and decrypting a digital signature based on the server public key to obtain a cloud abstract value of the software upgrade package;
and after the software upgrading package is obtained through decryption, performing hash operation to obtain a vehicle end abstract value, and judging whether the vehicle end abstract value is the same as the cloud end abstract value or not.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211422104.2A CN115665138A (en) | 2022-11-14 | 2022-11-14 | Automobile OTA (over the air) upgrading system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211422104.2A CN115665138A (en) | 2022-11-14 | 2022-11-14 | Automobile OTA (over the air) upgrading system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115665138A true CN115665138A (en) | 2023-01-31 |
Family
ID=85020748
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211422104.2A Pending CN115665138A (en) | 2022-11-14 | 2022-11-14 | Automobile OTA (over the air) upgrading system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115665138A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116056045A (en) * | 2023-03-31 | 2023-05-02 | 江铃汽车股份有限公司 | AB point customer parking remote upgrading method and system |
| CN116232766A (en) * | 2023-05-06 | 2023-06-06 | 中国第一汽车股份有限公司 | OTA-based data encryption system and method |
| CN117097462A (en) * | 2023-07-06 | 2023-11-21 | 南京中科齐信科技有限公司 | Vehicle-mounted intelligent software upgrading encryption system based on quantum key system |
| CN117909987A (en) * | 2023-12-29 | 2024-04-19 | 零束科技有限公司 | Security refreshing method and system for application software of electronic control unit and readable storage medium |
-
2022
- 2022-11-14 CN CN202211422104.2A patent/CN115665138A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116056045A (en) * | 2023-03-31 | 2023-05-02 | 江铃汽车股份有限公司 | AB point customer parking remote upgrading method and system |
| CN116232766A (en) * | 2023-05-06 | 2023-06-06 | 中国第一汽车股份有限公司 | OTA-based data encryption system and method |
| CN116232766B (en) * | 2023-05-06 | 2023-07-18 | 中国第一汽车股份有限公司 | OTA-based data encryption system and method |
| CN117097462A (en) * | 2023-07-06 | 2023-11-21 | 南京中科齐信科技有限公司 | Vehicle-mounted intelligent software upgrading encryption system based on quantum key system |
| CN117097462B (en) * | 2023-07-06 | 2024-05-24 | 南京中科齐信科技有限公司 | Vehicle-mounted intelligent software upgrading encryption system based on quantum key system |
| CN117909987A (en) * | 2023-12-29 | 2024-04-19 | 零束科技有限公司 | Security refreshing method and system for application software of electronic control unit and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112671798B (en) | Service request method, device and system in Internet of vehicles | |
| CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
| CN115665138A (en) | Automobile OTA (over the air) upgrading system and method | |
| CN106572106B (en) | Method for transmitting message between TBOX terminal and TSP platform | |
| KR102450811B1 (en) | System for key control for in-vehicle network | |
| CN110650478B (en) | OTA method, system, device, SE module, program server and medium | |
| CN115396121B (en) | Security authentication method for security chip OTA data packet and security chip device | |
| CN110855616B (en) | Digital key generation system | |
| CN114327532A (en) | Automobile OTA (over the air) upgrade information security implementation method based on digital signature and encryption | |
| CN113239363A (en) | Firmware updating method, device, equipment, readable storage medium and memory system | |
| CN113392401A (en) | Authentication system | |
| CN113572795B (en) | Vehicle safety communication method, system and vehicle-mounted terminal | |
| CN117097462A (en) | Vehicle-mounted intelligent software upgrading encryption system based on quantum key system | |
| CN112543439B (en) | Internet of vehicles location information encryption cloud platform, terminal, system and method | |
| CN113556235A (en) | Digital key authorization method | |
| CN116419217B (en) | OTA data upgrading method, system, equipment and storage medium | |
| CN110830243B (en) | Symmetric key distribution method, device, vehicle and storage medium | |
| CN114143198B (en) | Firmware upgrading method | |
| Wu et al. | Security design of OTA upgrade for intelligent connected vehicle | |
| CN112217797B (en) | Intelligent gateway Internet of things control system and method applying block chain technology | |
| CN117597688A (en) | Key verification method and related device | |
| CN118018215B (en) | OP-TEE-based vehicle-mounted certificate book management system and method | |
| Wei et al. | Authenticated can communications using standardized cryptographic techniques | |
| CN111641618B (en) | Link value acquisition method and system based on digital certificate | |
| CN115883174A (en) | Guomcipher hybrid encryption algorithm, device and storage medium suitable for OTA (over the air) upgrading of automobile ECU (electronic control Unit) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |