CN115865350A - Car cloud service system based on quantum safety - Google Patents

Abstract

The invention discloses a quantum security-based vehicle cloud service system, which relates to the technical field of communication security of Internet of vehicles, and comprises: each vehicle end, each manufacturer end and a cloud end; establishing communication connections between vehicles, between vehicles and affiliated manufacturers and between manufacturers by using a cloud dispatching platform; the vehicle terminal quantum key generated by the vehicle terminal is used as a session key of the vehicle and is used for encrypting interaction information in communication connection between the vehicles and affiliated manufacturers; the quantum key generated by the manufacturer end is used as a charging quantum key of the vehicle, and the charging quantum key is pre-charged in the corresponding vehicle and synchronously stored in the manufacturer end and the cloud end, and is used for encrypting the vehicle end quantum key in communication connection between the vehicle and the manufacturer and between the vehicle and the vehicle. The invention aims to ensure the safety and integrity of interactive information in a vehicle cloud service system in a vehicle networking environment.

Description

A quantum security-based vehicle cloud service system

technical field

The invention relates to the technical field of communication security of the Internet of Vehicles, in particular to a quantum security-based vehicle cloud service system.

Background technique

The car cloud service system is mainly composed of the car end service platform of each vehicle, the cloud dispatching platform, and the manufacturer cloud service platform of each manufacturer, and is used to provide car networking services for vehicles.

With the rapid development of computer technology, Internet technology, wireless communication technology and other technologies, the automobile industry is also developing towards the direction of intelligent networked vehicles. Vehicles are not only a means of transportation, but also an intelligent terminal. During the driving process of the vehicle, a large amount of data will be generated, and the vehicle will also perform a large amount of information interaction with manufacturers and other vehicles. In the process of information interaction, if the exchange information is not encrypted and protected, the information will be transmitted in the form of plain text. Once a third party monitors on the wireless channel, the plain text content will be seen at a glance, which will not only leak private information, but also may Hijacking and tampering with information will cause greater traffic safety hazards. Therefore, it is necessary to encrypt the interactive information in the car cloud service system to ensure the confidentiality, availability and integrity of the information.

The requirement for information encryption in the car cloud service system requires not only the security of the exchanged information, but also the encryption and decryption speed and the length of the ciphertext, so as to ensure that the information exchange can adapt to the high-speed driving scene of the vehicle. At present, the common information encryption algorithms include RSA encryption algorithm, elliptic curve encryption algorithm, etc., but there are some problems in these algorithms: the RSA algorithm has a large length of encrypted information, slow calculation speed, low efficiency, and high communication overhead. Its security is not very high and it is easy to be attacked. The elliptic curve algorithm is more secure, but it still has the problems of long encryption and decryption time, large length of encrypted information, and large communication overhead. In addition, with the development of quantum computing technology, computing power will usher in rapid development. In the face of powerful computing power, the existing RSA encryption algorithm and elliptic curve encryption algorithm have the risk of brute force cracking. The emergence of quantum keys provides the possibility of resisting quantum attacks.

Therefore, in the entire car cloud service system, how to use the quantum key and how to ensure that the interactive information can be encrypted and protected by the quantum key need to be designed and considered.

Contents of the invention

In order to overcome the above-mentioned defects in the prior art, the present invention provides a quantum security-based car cloud service system, which ensures the security and integrity of the interactive information in the car cloud service system in the Internet of Vehicles environment.

To achieve the above object, the present invention adopts the following technical solutions, including:

A quantum security-based vehicle cloud service system, including: vehicle-side service platforms for each vehicle, manufacturer cloud service platforms for various manufacturers, and cloud-based cloud scheduling platforms;

The vehicle-side service platform is set on the vehicle, including: a vehicle-side quantum random number generator for generating quantum keys, an intelligent terminal for obtaining vehicle information, and a vehicle-side quantum communication unit for encrypting and decrypting information; The vehicle-end quantum communication unit is respectively connected with the vehicle-end quantum random number generator and the intelligent terminal; the vehicle-end quantum communication unit also communicates with the cloud dispatching platform;

The manufacturer's cloud service platform includes: a manufacturer's quantum random number generator for generating quantum keys, a manufacturer's quantum key management module for managing quantum keys, and an Internet of Vehicles service for providing Internet of Vehicles services and generating application service information. The application server is a quantum secret service engine for encrypting and decrypting information; the quantum secret service engine is respectively connected to the manufacturer's quantum random number generator, the manufacturer's quantum key management module, and the Internet of Vehicles application server; the quantum secret service The engine also communicates with the cloud scheduling platform;

The cloud scheduling platform includes: a cloud quantum key management module for managing quantum keys, a quantum key distribution engine for encrypting and decrypting information; the quantum key distribution engine communicates with the cloud quantum key management module Connect; the quantum key distribution engine also communicates with the vehicle-end quantum communication unit and the quantum secret service engine respectively;

The cloud scheduling platform is used to establish communication connections between vehicles, between vehicles and their manufacturers, and between manufacturers.

Preferably, the quantum key generated by the vehicle-side quantum random number generator of the vehicle, that is, the vehicle-side quantum key is used as the vehicle's session key for encryption in the communication connection between the vehicle and the vehicle and the manufacturer. interactive information.

Preferably, the quantum key generated by the manufacturer's quantum random number generator is used as the filling quantum key of the vehicle, and the filling quantum key is pre-filled in the vehicle-side service platform of the corresponding vehicle, and is stored synchronously in the manufacturer's In the quantum key management module and the cloud quantum key management module of the cloud scheduling platform; the filling quantum key is used to encrypt the quantum key at the vehicle end in the communication connection between the vehicle and its manufacturer and between the vehicle and the vehicle .

Preferably, the specific process of establishing a communication connection between the vehicle and its manufacturer is as follows:

S1, when vehicle c leaves the factory, the manufacturer’s quantum random number generator of manufacturer a generates the corresponding quantum key for vehicle c, that is, fills the quantum key Ke, and fills the filled quantum key Ke at the end of vehicle c In the quantum communication unit; at the same time, the filling quantum key Ke of vehicle c is stored in the manufacturer’s quantum key management module; and the filling quantum key Ke of vehicle c is sent to the cloud scheduling platform through the quantum secret service engine, After the key distribution engine receives the filling quantum key Ke of vehicle c, it stores the filling quantum key Ke of vehicle c in the cloud quantum key management module;

S2, using the cloud dispatching platform to establish a communication connection between the vehicle c and the manufacturer a, as follows:

S21, the vehicle-side quantum random number generator of vehicle c generates the vehicle-side quantum key Kc, and sends the vehicle-side quantum key Kc to the vehicle-side quantum communication unit; the vehicle-side quantum communication unit uses the filling quantum key of vehicle c Ke encrypts the quantum key Kc at the vehicle end, and the encrypted information is Ke[Kc];

S22, the vehicle-side quantum communication unit sends the encrypted information Ke[Kc] to the cloud dispatching platform, and the quantum key distribution engine of the cloud dispatching platform forwards the encrypted information Ke[Kc] to the manufacturer a;

S23, after the quantum secret service engine of manufacturer a receives the encrypted information Ke[Kc], it uses the charged quantum key Ke of vehicle c stored in the manufacturer's quantum key management module to decrypt, and obtains the decrypted information, that is, the vehicle c’s vehicle-side quantum key Kc, and correspondingly store the vehicle-side quantum key Kc of vehicle c in the manufacturer’s quantum key management module;

S24, information exchange between vehicle c and its manufacturer a based on the vehicle-end quantum key Kc of vehicle c, including:

The quantum secret service engine of manufacturer a encrypts the application service information Ma generated by the Internet of Vehicles application server using the vehicle-end quantum key Kc of vehicle c, and sends the encrypted information Kc[Ma] to the cloud scheduling platform; cloud scheduling The quantum key distribution engine of the platform forwards the encrypted information Kc[Ma] to the corresponding vehicle c; the vehicle-side quantum communication unit of vehicle c receives the encrypted information Kc[Ma], and uses the vehicle-side quantum key Kc Decrypt to obtain the decrypted information, that is, the application service information Ma issued by the Internet of Vehicles application server;

The vehicle-side quantum communication unit uses the vehicle-side quantum key Kc to encrypt the vehicle information Mc, and sends the encrypted information Kc[Mc] to the cloud dispatching platform; the quantum key distribution engine of the cloud dispatching platform sends the encrypted The information Kc[Mc] is forwarded to the manufacturer a; after the quantum secret service engine of the manufacturer a receives the encrypted information Kc[Mc], it uses the vehicle-side quantum key Kc of the vehicle c to decrypt it, and obtains the decrypted information, that is, the vehicle Information Mc.

Preferably, the vehicle c1 and the vehicle c2 belong to different manufacturers, wherein, the vehicle c1 belongs to the manufacturer a1, and the vehicle c1 has established a communication connection with the manufacturer a1; the vehicle c2 belongs to the manufacturer a2, and the vehicle c2 has established communication with the manufacturer a2 connect;

Utilize the cloud scheduling platform to establish a communication connection between the vehicle c1 and the vehicle c2, specifically as follows:

S31, the vehicle c1 sends a request to access the vehicle c2 to the cloud dispatching platform; after receiving the request, the quantum key distribution engine of the cloud dispatching platform forwards the request to the manufacturer a2 of the vehicle c2;

S32, the manufacturer's quantum key management module of manufacturer a2 has stored the charged quantum key Ke2 of vehicle c2 and the vehicle-end quantum key Kc2; after the quantum secret service engine of manufacturer a2 receives the request, the quantum secret service engine uses the vehicle The filling quantum key Ke2 of c2 encrypts the quantum key Kc2 of the vehicle c2, obtains the encrypted information Ke2[Kc2], and sends the encrypted information Ke2[Kc2] to the cloud dispatching platform;

S33, the cloud quantum key management module of the cloud dispatching platform has stored the charged quantum key Ke2 of the vehicle c2 and the charged quantum key Ke1 of the vehicle c1; the quantum key distribution engine of the cloud dispatching platform receives the encrypted After the information Ke2[Kc2], the encrypted information Ke2[Kc2] is first decrypted by using the charged quantum key Ke2 of the vehicle c2 to obtain the vehicle-side quantum key Kc2 of the vehicle c2; the quantum key distribution engine then uses the vehicle c1 The charged quantum key Ke1 encrypts the quantum key Kc2 of the vehicle c2, obtains the encrypted information Ke1[Kc2], and sends the encrypted information Ke1[Kc2] to the vehicle c1;

S34. After receiving the encrypted information Ke1[Kc2], the vehicle-end quantum communication unit of vehicle c1 uses the charged quantum key Ke1 of vehicle c1 to decrypt the encrypted information Ke1[Kc2], and obtains the decrypted information as The quantum key Kc2 of the vehicle c2;

S35, information exchange between the vehicle c1 and the vehicle c2 based on the vehicle-end quantum key Kc2 of the vehicle c2, including:

The vehicle-side quantum communication unit of vehicle c1 uses the vehicle-side quantum key Kc2 of vehicle c2 to encrypt the information Mc1 of vehicle c1, and sends the encrypted information Kc2[Mc1] to the cloud dispatching platform; the cloud dispatching platform’s quantum key The key distribution engine forwards the encrypted information Kc2[Mc1] to vehicle c2; after the vehicle-side quantum communication unit of vehicle c2 receives the encrypted information Kc2[Mc1], it uses the vehicle-side quantum key Kc2 of vehicle c2 to encrypt The information Kc2[Mc1] of the vehicle is decrypted, and the decrypted information is the information Mc1 of the vehicle c1;

The vehicle-side quantum communication unit of vehicle c2 uses the vehicle-side quantum key Kc2 of vehicle c2 to encrypt the information Mc2 of vehicle c2, and sends the encrypted information Kc2[Mc2] to the cloud dispatching platform; the cloud dispatching platform’s quantum key The key distribution engine forwards the encrypted information Kc2[Mc2] to vehicle c1; after the vehicle-side quantum communication unit of vehicle c1 receives the encrypted information Kc2[Mc2], it uses the vehicle-side quantum key Kc2 of vehicle c2 to encrypt The information Kc2[Mc2] of the vehicle is decrypted to obtain the decrypted information, that is, the information Mc2 of the vehicle c2.

Preferably, a certain amount of charged quantum keys is filled in the vehicle-end service platform of the corresponding vehicle, and stored synchronously in the manufacturer's quantum key management module of the manufacturer and the cloud quantum key management module of the cloud dispatching platform;

Under the setting conditions, the filling quantum key in the vehicle-side service platform, manufacturer's quantum key management module, and cloud quantum key management module is regularly updated synchronously.

Preferably, the quantum secret service engine of the manufacturer and the quantum key distribution engine of the cloud scheduling platform are connected through a dedicated line.

Preferably, the quantum secret service engine of the manufacturer and the quantum key distribution engine of the cloud scheduling platform communicate using the BB84 protocol, and the two use the BB84 protocol to negotiate and generate the manufacturer's quantum key as the manufacturer's session key , which is used to encrypt the exchanged information in the communication connection between manufacturers.

Preferably, the communication connection between the manufacturer a1 and the manufacturer a2 is established using the cloud scheduling platform, specifically as follows:

S41, the manufacturer a1 sends a request to the cloud scheduling platform to access the manufacturer a2; after receiving the request, the quantum key distribution engine of the cloud scheduling platform forwards the request to the manufacturer a2;

S42, the quantum secret service engine of the manufacturer a2 and the quantum key distribution engine of the cloud scheduling platform negotiate to generate the manufacturer's quantum key Ka2 of the manufacturer a2 through the BB84 protocol; the manufacturer a2 stores the manufacturer's quantum key Ka2 in the manufacturer's quantum key In the key management module, the cloud scheduling platform stores the manufacturer's quantum key Ka2 of the manufacturer a2 in the cloud quantum key management module;

S43, the quantum key distribution engine of the cloud scheduling platform forwards the manufacturer quantum key Ka2 of the manufacturer a2 to the manufacturer a1;

S44, after the quantum secret service engine of manufacturer a1 receives the manufacturer quantum key Ka2 of manufacturer a2, it stores the manufacturer quantum key Ka2 of manufacturer a2 in the manufacturer quantum key management module of manufacturer a1;

S45, information exchange between the manufacturer a1 and the manufacturer a2 based on the manufacturer quantum key Ka2 of the manufacturer a2, including:

The IoV application server of manufacturer a1 generates application service information Ma1, and the quantum secret service engine of manufacturer a1 encrypts the application service information Ma1 with the manufacturer quantum key Ka2 of manufacturer a2, and sends the encrypted information Ka2[Ma1] to Cloud scheduling platform; the quantum key distribution engine of the cloud scheduling platform forwards the encrypted information Ka2[Ma1] to the manufacturer a2; after receiving the encrypted information Ka2[Ma1], the quantum secret service engine of the manufacturer a2 uses the The manufacturer’s quantum key Ka2 decrypts the encrypted information Ka2[Ma1], and the decrypted information is the application service information Ma1 issued by the IoV application server of the manufacturer a1;

The IoV application server of manufacturer a2 generates application service information Ma2, and the quantum secret service engine of manufacturer a2 encrypts the application service information Ma2 with the manufacturer quantum key Ka2 of manufacturer a2, and sends the encrypted information Ka2[Ma2] to Cloud scheduling platform; the quantum key distribution engine of the cloud scheduling platform forwards the encrypted information Ka2[Ma2] to the manufacturer a1; after receiving the encrypted information Ka2[Ma2], the quantum secret service engine of the manufacturer a1 uses the The manufacturer's quantum key Ka2 decrypts the encrypted information Ka2[Ma2] to obtain the decrypted information, which is the application service information Ma2 issued by the IoV application server of the manufacturer a2.

Preferably, the vehicle-side service platform further includes an electronic control unit for controlling the vehicle; the electronic control unit is communicatively connected with the smart terminal;

The intelligent terminal includes a communication module, a main control module, and a CAN controller that are sequentially connected by communication;

Wherein, the communication module is used to communicate with the quantum communication unit at the vehicle end; the CAN controller is used to transmit data on the CAN bus; the main control module controls the CAN controller to obtain vehicle information through the CAN bus, and The information of the vehicle is sent to the quantum communication unit at the vehicle end through the communication module; the main control module also receives the decrypted information from the quantum communication unit at the vehicle end through the communication module, and generates a control command according to the decrypted information, and then passes the CAN controller Send the control instruction to the electronic control unit; the electronic control unit performs corresponding control on the vehicle according to the control instruction.

The advantages of the present invention are:

(1) The purpose of the present invention is to ensure the security and integrity of the interactive information in the car cloud service system in the Internet of Vehicles environment. In the car cloud service system of the present invention, quantum key technology is introduced, and a more secure quantum key is generated by using a true random number based on quantum physics principles or quantum effects, which can resist quantum attacks. In the vehicle cloud service system of the present invention, the cloud dispatching platform ensures secure encrypted communication between different vehicles and different manufacturers.

(2) In the car cloud service system of the present invention, the session key used for vehicle communication is the vehicle-end quantum key generated inside the vehicle. This method can ensure that the generation rate of the vehicle session key is sufficient for vehicle communication. At the same time, the manufacturer The manufacturer's cloud service platform only needs to store the session keys of different vehicles, which also reduces the pressure and overhead of the manufacturer's cloud service platform to generate quantum keys. If the session keys used in vehicle communication are all produced by the manufacturer's cloud service platform or cloud scheduling platform, when the number of connected vehicles is large, and due to the current limitation on the generation rate of quantum keys, the manufacturer's cloud service platform will Or the quantum key generation pressure of the cloud scheduling platform is high. Therefore, in the face of a large number of access vehicles or the need to quickly update the session key (for example, to ensure security, the session key uses a one-time pad update strategy), the present invention uses the vehicle-side quantum key generated inside the vehicle As a session key for vehicle communication, it is guaranteed that the session key of the vehicle can be self-sufficient and its generation rate can be guaranteed.

(3) In the car cloud service system of the present invention, the quantum key generated by the manufacturer’s quantum random number generator is used as the filling quantum key of the vehicle, which is pre-charged in the corresponding vehicle and stored synchronously on the manufacturer’s and cloud scheduling platforms In the process, the vehicle’s session key is encrypted in the communication connection between the vehicle and its manufacturer and between the vehicle and the vehicle by using the vehicle’s filling quantum key, so that all interaction processes involving data security are protected by the quantum key. Encryption protection ensures that all interaction processes in the Internet of Vehicles environment can be encrypted and protected by quantum keys, further ensuring the security of information interaction.

(4) The car cloud service system of the present invention proposes a process including the generation, management and use of quantum keys, which ensures that all interactive information in the Internet of Vehicles environment can be encrypted and protected by quantum keys, ensuring the integrity of information interaction. safety.

(5) In the car cloud service system of the present invention, the cloud scheduling platform can ensure that different vehicles of the same manufacturer can communicate with each other, so that the vehicle can obtain the Internet of Vehicles application service provided by the manufacturer, and the manufacturer can also obtain the information of the corresponding vehicle. Information; the cloud dispatching platform can also ensure that different manufacturers and different vehicles of different manufacturers can also communicate, so that vehicles can also obtain Internet of Vehicles application services provided by other manufacturers, and manufacturers can also obtain information about other vehicles; thus ensuring In the Internet of Vehicles environment, each participant can conduct secure information exchange.

(6) In the entire Internet of Vehicles environment, each traffic participant can safely and fully obtain road traffic information, which ensures efficient traffic management, improves traffic efficiency, and reduces the hidden dangers of traffic congestion and traffic accidents.

(7) In the car cloud service system of the present invention, a certain amount of quantum keys are filled in the vehicle and stored synchronously in the manufacturer and cloud scheduling platform, and the vehicle, manufacturer, and cloud are regularly updated synchronously under corresponding circumstances. The filling quantum key in the scheduling platform ensures the security of the system and further ensures the security of information interaction.

(8) In the car cloud service system of the present invention, the manufacturer and the cloud scheduling platform are connected through a dedicated line (such as optical fiber), and a set of quantum key distribution system based on the BB84 protocol is set up to negotiate and generate the manufacturer's quantum key. Key and encrypted transmission of interactive information between manufacturers. The use of the BB84 protocol is to ensure wired connections such as optical fibers, and to negotiate and generate keys by transmitting photon information. The advantage of using the BB84 protocol is that the two parties can negotiate in real time to generate manufacturer quantum secrets. Key, both parties can directly calculate, generate and obtain the manufacturer’s quantum key, without the need for one party to generate the manufacturer’s quantum key, and then transmit it to the other party. Without the transmission process of the manufacturer’s quantum key, the manufacturer’s quantum key will be more efficient Safety.

(9) The present invention adopts the BB84 agreement established between the manufacturer and the cloud scheduling platform, rather than the BB84 agreement established between manufacturers, which is for the convenience of management. If the BB84 protocol is established for wired connections between manufacturers, if a new manufacturer is added to the entire system, then all manufacturers must construct a wired line to connect to the server of the new manufacturer, which is troublesome. Due to the existence of the cloud scheduling platform and the wired connection between the cloud scheduling platform and the manufacturer, the present invention only needs to establish a wired connection between the new manufacturer and the cloud scheduling platform, thereby facilitating management.

Description of drawings

FIG. 1 is an architecture diagram of a quantum security-based vehicle cloud service system of the present invention.

Fig. 2 is a structure diagram of the intelligent terminal on the vehicle in the system of the present invention, that is, T-BOX.

FIG. 3 is a flowchart of a processing method of a quantum security-based vehicle cloud service system according to the present invention.

Fig. 4 is a schematic diagram of data transmission of the car cloud service system of the present invention.

FIG. 5 is a flowchart of a method for establishing a communication connection between a vehicle and its manufacturer.

Fig. 6 is a flowchart of a method for establishing a communication connection between vehicles.

Figure 7 is the architecture diagram of the quantum key distribution system based on the BB84 protocol between the manufacturer and the cloud scheduling platform.

Fig. 8 is a flowchart of a method for establishing a communication connection between manufacturers.

Explanation of reference signs:

1-vehicle service platform; 11-vehicle quantum random number generator; 12-electronic control unit; 13-intelligent terminal; 14-vehicle quantum communication unit; 131-communication module; 132-main control module; 133-CAN controller 133;

2-Cloud scheduling platform; 21-Cloud quantum key management module; 22-Quantum key distribution engine; 221-Optical quantum receiver; 222-Key receiving management machine;

3-Manufacturer cloud service platform; 31-Manufacturer quantum random number generator; 32-Manufacturer quantum key management module; 33-Quantum secret service engine; 34-IoV application server; 331-Optical quantum transmitter; 332-Key emission management machine.

Detailed ways

The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

As shown in Figures 1, 2, and 4, a quantum security-based vehicle cloud service system is mainly composed of a vehicle-end service platform 1 for each vehicle, a cloud scheduling platform 2, and a manufacturer cloud service platform 3 for each manufacturer.

The car-side service platform 1 is mainly composed of a car-side quantum random number generator 11 , an ECU or an electronic control unit 12 , a T-BOX or an intelligent terminal 13 , and a car-side quantum communication unit 14 .

The vehicle-side quantum random number generator 11 generates true random numbers based on quantum physics principles or quantum effects, further generates quantum keys through the generated true random numbers, and sends the quantum keys to the vehicle-side quantum communication unit 14 .

The ECU, namely the electronic control unit 12, is used to control the electronic systems of the vehicle. As the on-board computer on the vehicle, the ECU is mainly used to receive and store sensor parameters, calculate instructions according to vehicle conditions, output control signals, and count system failures. There are many electronic systems on the vehicle, for example, the engine management system, which mainly controls the operation of the engine; the electronic stability system of the vehicle body, which mainly controls the stability of the vehicle body; the battery management system, which mainly manages the vehicle power battery; the electric power steering, which mainly assists driving The steering is performed by the driver; the transmission control unit, which mainly controls the shifting of gears; in addition, there are many systems with ECUs.

The intelligent terminal 13 obtains the information of the vehicle through the CAN bus, and sends the information of the vehicle to the quantum communication unit 14 at the vehicle end for information encryption; the intelligent terminal 13 communicates with the electronic control unit 12; the intelligent terminal 13 also communicates with the electronic control unit 12 through the CAN bus Sending control instructions, the electronic control unit 12 executes corresponding tasks according to the control instructions, that is, correspondingly controlling the electronic systems of the vehicle, for example, controlling acceleration and deceleration, braking, steering, etc. of the vehicle.

The vehicle-side quantum communication unit 14 is used to encrypt and decrypt information, and the vehicle-side quantum communication unit 14 is connected to the vehicle-side quantum random number generator 11 and the intelligent terminal 13 respectively; communication. Among them, the vehicle-side quantum communication unit 14 encrypts the information of the vehicle with a quantum key, and sends the encrypted information to the cloud dispatching platform 2 . The vehicle-side quantum communication unit 14 also receives the encrypted information sent by the cloud dispatching platform 2, and the vehicle-side quantum communication unit 14 decrypts the encrypted information through the quantum key to obtain the decrypted information. The vehicle quantum communication unit 14 sends the decrypted information to the smart terminal 13 . The smart terminal 13 generates a control instruction according to the decrypted information, and sends the control instruction to the electronic control unit 12 through the CAN bus.

As shown in FIG. 2 , the smart terminal 13 is mainly composed of a communication module 131 , a main control module 132 , and a CAN controller 133 which are sequentially connected by communication. Wherein, the main control module 132 controls the CAN controller 133 to obtain vehicle information through the CAN bus, and sends the vehicle information to the vehicle-end quantum communication unit 14 through the communication module 131 . The main control module 132 also receives the decrypted information from the vehicle quantum communication unit 14 through the communication module 131 , generates a control instruction according to the decrypted information, and then sends the control instruction to the electronic control unit 12 through the CAN controller 133 . The CAN controller 133 is responsible for information exchange on the CAN bus. The communication module 131 is responsible for communicating with the quantum communication unit 14 at the vehicle end.

The manufacturer's cloud service platform 3 is composed of a manufacturer's quantum random number generator 31 , a manufacturer's quantum key management module 32 , a quantum secret service engine 33 , and a car networking application server 34 .

The manufacturer’s quantum random number generator 31 generates true random numbers based on quantum physics principles or quantum effects, and further generates quantum keys through the generated true random numbers; the manufacturer’s quantum key management module 32 is used to manage quantum keys; quantum secret service engine 33 It is used for encrypting and decrypting information; the Internet of Vehicles application server 34 is used for providing Internet of Vehicles services and generating application service information. The quantum secret service engine 33 communicates with the manufacturer's quantum random number generator 31, the manufacturer's quantum key management module 32, and the Internet of Vehicles application server 34; communication. Among them, the quantum secret service engine 33 receives the encrypted information sent by the cloud scheduling platform 2, the quantum secret service engine 33 decrypts the encrypted information through the quantum key, obtains the decrypted information, and sends the decrypted information to Internet of Vehicles application server 34. The Internet of Vehicles application server 34 generates relevant application service information and sends it to the quantum secret service engine 33. The quantum secret service engine 33 encrypts the application service information with a quantum key, and sends the encrypted information to the cloud dispatching platform 2.

The cloud scheduling platform 2 is composed of a cloud quantum key management module 21 and a quantum key distribution engine 22. Quantum key management module 21 is used for managing quantum key; Quantum key distribution engine 22 is used for encrypting and decrypting information; Quantum key distribution engine 22 is connected with quantum key management module 21 communication; Quantum key distribution engine 22 also Communicate with the quantum communication unit 14 at the vehicle end and the quantum secret service engine 33. As shown in Figure 4, the cloud dispatching platform 2 is used in the information interaction scenario, between the vehicle-end service platform 1 of the vehicle and the manufacturer's cloud service platform 3 of the manufacturer, between the cloud service platforms 3 of different manufacturers, and between different vehicles. Communication connections are established between the vehicle-end service platforms 1, including the distribution of quantum keys and information interaction, to ensure the security and smoothness of information interaction.

The quantum key generated by the vehicle-side quantum random number generator 11, that is, the vehicle-side quantum key, is used as the vehicle’s session key to encrypt mutual information in the communication connection between vehicles and between vehicles and their manufacturers. .

The quantum key generated by the manufacturer’s quantum random number generator 31 is used as the filling quantum key of the vehicle, and the filling quantum key is pre-filled in the vehicle-side service platform 1 of the corresponding vehicle, and is stored synchronously in the manufacturer’s quantum key. In the key management module 32 and the cloud quantum key management module 21 of the cloud dispatching platform 2; the described filling quantum key is used for encrypting the vehicle end quantum in the communication connection between the vehicle and the manufacturer and between the vehicle and the vehicle. key.

As shown in FIG. 3, a processing method of a quantum-safe car cloud service system based on the present invention is specifically as follows:

S1, when vehicle c is produced and leaves the factory, the quantum random number generator 31 of the manufacturer a of vehicle c generates a corresponding quantum key for vehicle c, that is, fills the quantum key Ke, and fills the quantum key Ke with That is, it is pre-stored in the vehicle-side quantum communication unit 14 of the vehicle c. At the same time, the filling quantum key Ke of vehicle c is stored in the manufacturer's quantum key management module 32; and the filling quantum key Ke of vehicle c is sent to the cloud scheduling platform 2 through the quantum secret service engine 33, and the cloud scheduling platform After receiving the charged quantum key Ke of vehicle c, the quantum key distribution engine 22 of 2 stores the charged quantum key Ke of vehicle c in the cloud quantum key management module 21.

Among them, a certain amount of charged quantum keys Ke is stored in the vehicle-side quantum communication unit 14 of the corresponding vehicle, and stored in the quantum key management module 32 of the manufacturer and the cloud quantum key management module of the cloud dispatching platform 2 synchronously. In the module 21: in the case of setting, regularly update the filling quantum key Ke in the quantum communication unit 14 at the vehicle end, the manufacturer quantum key management module 32, and the cloud quantum key management module 21.

In the present invention, during the production process of the vehicle on the production line, a certain amount of charged quantum keys Ke can be charged into the vehicle quantum communication unit 14 through a wired connection on the production line, and the cloud scheduling platform 2 and the manufacturer cloud The service platform 3 will record the filling information. Or, when the charged quantum key Ke is about to be used up, go to the designated maintenance place to charge, and charge a certain amount of charged quantum key Ke into the vehicle at one time, similar to refueling a vehicle, for example, When the vehicle is being maintained, by estimating the amount of quantum key usage required for the vehicle for a period of time, the amount of use for one year, several months, or several years is charged at one time.

S2, as shown in Figure 5, after the vehicle c leaves the factory and goes on the road, a communication connection is established between the vehicle c and the manufacturer a to which it belongs, and the specific method is as follows:

S21, the vehicle-side quantum random number generator 11 of vehicle c generates the vehicle-side quantum key Kc, which is the session key, and sends the vehicle-side quantum key Kc to the vehicle-side quantum communication unit 14; the vehicle-side quantum communication unit 14 uses the vehicle-side quantum key The quantum key Ke filled with c encrypts the quantum key Kc at the car end, and the encrypted information is Ke[Kc].

S22, the vehicle quantum communication unit 14 sends the encrypted information Ke[Kc] to the cloud dispatching platform 2, and the quantum key distribution engine 22 of the cloud dispatching platform 2 forwards the encrypted information Ke[Kc] to the manufacturer a.

S23, after the quantum secret service engine 33 of manufacturer a receives the encrypted information Ke[Kc], it uses the charged quantum key Ke of vehicle c stored in the manufacturer's quantum key management module 32 to decrypt, and obtains the decrypted information That is, the vehicle-end quantum key Kc of vehicle c, and correspondingly store the vehicle-end quantum key Kc of vehicle c in the manufacturer's quantum key management module 32 .

S24, information exchange between vehicle c and its manufacturer a based on the vehicle-end quantum key Kc of the vehicle c, including:

The Internet of Vehicles application server 34 of manufacturer a generates relevant application service information Ma, and the quantum secret service engine 33 encrypts the application service information Ma generated by the Internet of Vehicles application server 34 using the vehicle-end quantum key Kc of vehicle c, and encrypts The final information Kc[Ma] is sent to the cloud dispatching platform 2; the quantum key distribution engine 22 of the cloud dispatching platform 2 forwards the encrypted information Kc[Ma] to the corresponding vehicle c; the quantum communication unit of the vehicle c 14 After receiving the encrypted information Kc[Ma], use the vehicle-side quantum key Kc to decrypt, obtain the decrypted information, that is, the application service information Ma issued by the Internet of Vehicles application server 34, and send the application service information Ma to The smart terminal 13, the smart terminal 13 generates relevant control instructions according to the application service information Ma, and sends the control instructions to the electronic control unit 12 through the CAN bus, and the electronic control unit 12 performs corresponding tasks according to the control instructions;

The intelligent terminal 13 of the vehicle c obtains the information Mc of the vehicle through the CAN bus, and sends the information Mc of the vehicle to the quantum communication unit 14 at the vehicle end; the quantum communication unit 14 at the vehicle end encrypts the information Mc of the vehicle using the quantum key Kc at the vehicle end , and send the encrypted information Kc[Mc] to the cloud scheduling platform 2; the quantum key distribution engine 22 of the cloud scheduling platform 2 forwards the encrypted information Kc[Mc] to the affiliated manufacturer a; the quantum key of the manufacturer a After the server engine 33 receives the encrypted information Kc[Mc], it decrypts the encrypted information Kc[Mc] with the vehicle-end quantum key Kc of the vehicle c, obtains the decrypted information, that is, the information Mc of the vehicle, and sends The information Mc of the vehicle is sent to the Internet of Vehicles application server 34 .

Among them, for household vehicles, after obtaining the speed and location information of the vehicle, the Internet of Vehicles application server 34 can issue some application service information related to driving safety such as speeding warnings and reverse traffic warnings, and can also issue some vehicle status checks and road rescue services. , navigation and other application service information related to life services. For commercial vehicles, the Internet of Vehicles application server 34 can deliver some application service information related to vehicle operation, such as vehicle scheduling and vehicle status monitoring. The invention can encrypt and protect the Internet of Vehicles service that needs to upload and send information. In addition, the quantum key of the vehicle can be updated as a session key, and the update method can adopt a one-time pad update strategy, that is, the session key is updated every time the vehicle communicates with the manufacturer.

S3, as shown in FIG. 6, a communication connection is established between the vehicle c1 and the vehicle c2, and the specific method is as follows:

Vehicle c1 and vehicle c2 belong to different manufacturers respectively. Vehicle c1 belongs to manufacturer a1, and vehicle c1 has established a communication connection with its own manufacturer a1; vehicle c2 belongs to manufacturer a2, and vehicle c2 has established a communication connection with its own manufacturer a2.

S31, the vehicle c1 sends a request for accessing the vehicle c2 to the cloud dispatching platform 2; after receiving the request, the quantum key distribution engine 22 of the cloud dispatching platform 2 forwards the request to the manufacturer a2 of the vehicle c2.

S32, the manufacturer's quantum key management module 32 of the manufacturer a2 has already stored the charged quantum key Ke2 of the vehicle c2 and the vehicle-end quantum key Kc2; after the quantum secret service engine 33 of the manufacturer a2 receives the request, the quantum secret service engine 33 Use the charged quantum key Ke2 of vehicle c2 to encrypt the quantum key Kc2 of vehicle c2 to obtain the encrypted information Ke2[Kc2], and send the encrypted information Ke2[Kc2] to the cloud dispatching platform 2;

Wherein, the vehicle-side quantum key Kc2 of the vehicle c2 is stored in the manufacturer quantum key management module 32 of the manufacturer a2 when the communication connection is established between the vehicle c2 and the manufacturer a2, that is, when step S23 is performed. Moreover, the vehicle-end quantum key Kc2 of vehicle c2 can be updated as a session key, and the update method can adopt a one-time pad update strategy, that is, the session key is updated once every time the vehicle communicates with its manufacturer.

S33, the cloud quantum key management module 21 of the cloud dispatching platform 2 has stored the filling quantum key Ke2 of the vehicle c2 and the filling quantum key Ke1 of the vehicle c1; the quantum key distribution engine 22 of the cloud dispatching platform 2 receives After receiving the encrypted information Ke2[Kc2], the encrypted information Ke2[Kc2] is first decrypted by using the charged quantum key Ke2 of the vehicle c2 to obtain the vehicle-end quantum key Kc2 of the vehicle c2; the quantum key distribution engine 22 Use the charged quantum key Ke1 of vehicle c1 to encrypt the quantum key Kc2 of vehicle c2 to obtain the encrypted information Ke1[Kc2], and send the encrypted information Ke1[Kc2] to vehicle c1 .

At the same time, the quantum key distribution engine 22 correspondingly stores the quantum key Kc2 of the vehicle c2 in the cloud quantum key management module 21, so that when other vehicles also request access to the vehicle c2 in the same time period, they can quickly issue The vehicle-end quantum key Kc2 of vehicle c2.

S34, after receiving the encrypted information Ke1[Kc2], the quantum communication unit 14 of the vehicle c1 decrypts the encrypted information Ke1[Kc2] by using the charged quantum key Ke1 of the vehicle c1 to obtain the decrypted information That is, the vehicle-end quantum key Kc2 of vehicle c2.

S35, information exchange between the vehicle c1 and the vehicle c2 based on the vehicle-end quantum key Kc2 of the vehicle c2, including:

The intelligent terminal 13 of the vehicle c1 obtains the information Mc1 of the vehicle c1 through the CAN bus, and sends it to the vehicle-side quantum communication unit 14 of the vehicle c1; the vehicle-side quantum communication unit 14 of the vehicle c1 uses the vehicle-side quantum key Kc2 of the vehicle c2 to communicate with the vehicle The information Mc1 of c1 is encrypted, and the encrypted information Kc2[Mc1] is sent to the cloud dispatching platform 2; the quantum key distribution engine 22 of the cloud dispatching platform 2 forwards the encrypted information Kc2[Mc1] to the vehicle c2; After receiving the encrypted information Kc2[Mc1], the vehicle-side quantum communication unit 14 of vehicle c2 uses the vehicle-side quantum key Kc2 of vehicle c2 to decrypt the encrypted information Kc2[Mc1] to obtain the decrypted information, that is, vehicle Information Mc1 of c1;

The intelligent terminal 13 of the vehicle c2 obtains the information Mc2 of the vehicle c2 through the CAN bus, and sends it to the vehicle-side quantum communication unit 14 of the vehicle c2; the vehicle-side quantum communication unit 14 of the vehicle c2 uses the vehicle-side quantum key Kc2 of the vehicle c2 to communicate with the vehicle The information Mc2 of c2 is encrypted, and the encrypted information Kc2[Mc2] is sent to the cloud dispatching platform 2; the quantum key distribution engine 22 of the cloud dispatching platform 2 forwards the encrypted information Kc2[Mc2] to the vehicle c1; After receiving the encrypted information Kc2[Mc2], the vehicle-side quantum communication unit 14 of vehicle c1 uses the vehicle-side quantum key Kc2 of vehicle c2 to decrypt the encrypted information Kc2[Mc2], and obtains the decrypted information, that is, vehicle Information Mc2 of c2.

Since the vehicle c1 makes an access request to the vehicle c2, only the quantum key Kc2 of the vehicle c2 is used as the session key for information exchange between the vehicle c1 and the vehicle c2.

In the present invention, the quantum secret service engine 33 of the manufacturer's cloud service platform 3 and the quantum key distribution engine 22 of the cloud scheduling platform 2 are connected by a dedicated line (such as an optical fiber), and a set of BB84-based The quantum key distribution system of the protocol uses the existing BB84 protocol for communication, and its main function is to negotiate and generate the manufacturer's quantum key of the manufacturer, and encrypt and transmit the interactive information between manufacturers.

As shown in Figure 7, the quantum key distribution system based on the BB84 protocol includes: the sender is the optical quantum transmitter 331 and the key transmission management machine 332 in the quantum secret service engine 33, and the receiver is the quantum key distribution engine 22 The optical quantum receiver 221 and the key receiving management machine 222.

Among them, the optical quantum transmitter 331 of the sender is used to prepare the optical quantum with the polarization state, generate the corresponding key sequence according to the polarization information of the optical quantum and send it to the key transmission management unit 332, and at the same time pass the optical quantum through the quantum channel, that is, Fiber optic launch to receiver. The optical quantum receiver 221 on the receiving side receives the optical quantum through the quantum channel and uses different polarizers. Similarly, the optical quantum receiver 221 generates a corresponding key sequence according to the polarization information of the optical quantum and sends it to the key reception management machine 222. The receiving party's key reception management machine 222 sends the polarizer used by the optical quantum receiver 221 and the generated partial key to the sender through a classical channel such as a network channel (even if the information transmitted in the classical channel is intercepted, it cannot be known. key information). The key transmission manager 332 of the sender judges whether the polarizer used is correct according to the polarization information of the photon, and calculates the bit error rate of the key sequence, and sends the judgment result and calculation result to the receiver through the classical channel. Both the sender and the receiver discard the measurement results of the wrong polarizer and keep the measurement results of the correct polarizer. By repeating the above process many times, a key sequence consistent with both parties can be generated.

After the key sequence agreed by both parties is generated, the sender publicly sends a part of the key to the receiver through the classic channel for comparison (the process of comparing the polarizer and part of the key between the two parties is a negotiation process), if the key error If the rate is within the allowable range of error, it is considered safe, and the two parties retain the remaining key for encrypted communication, and the remaining key is the manufacturer's quantum key generated through negotiation. If the bit error rate is too high, it indicates that there is a change in the polarization information caused by third-party eavesdropping, and both parties discard the key sequence and issue an eavesdropping alarm.

The use of the BB84 protocol is to ensure a wired connection in the form of optical fiber, and to negotiate and generate a key by transmitting photon information. Although the manufacturer and the cloud scheduling platform have a wired connection, both parties are servers and will not move at will. A wired connection between them will not be inconvenient. Shuangfa can directly calculate, generate and obtain the manufacturer’s quantum key. It does not require one party to generate the manufacturer’s quantum key and then transmit it to the other party. Without the key transmission process, the manufacturer’s quantum key is more secure.

The role of the BB84 protocol is only to generate a session key for the communication between manufacturers. Using the BB84 protocol can be used for encrypted transmission of information between manufacturers and between manufacturers and cloud scheduling platforms. However, once it involves encrypted communication with the vehicle, the BB84 protocol cannot be used. This is because the vehicle cannot establish a wired connection with the manufacturer or the cloud scheduling platform during driving, so the session key used for vehicle communication is the vehicle-side quantum key. It can only be generated inside the vehicle, and cannot be generated using the BB84 protocol. The vehicle transmits the quantum key at the vehicle end to the cloud or the manufacturer, and the quantum key is filled to ensure the security of the quantum key transmission at the vehicle end. The information encrypted and transmitted using the BB84 protocol can be the filling quantum key of the vehicle or the quantum key of the vehicle end, or it can be the interactive information between manufacturers, manufacturers and the cloud. After the congestion, the manufacturer encrypts and transmits the information of the traffic jam section to other manufacturers.

The present invention adopts the BB84 agreement established between the manufacturer and the cloud dispatching platform, rather than the BB84 agreement established between manufacturers, which is for the convenience of management. If the BB84 protocol is established for wired connections between manufacturers, if a new manufacturer is added to the entire system, then all manufacturers must construct a wired line to connect to the server of the new manufacturer, which is troublesome. Due to the existence of the cloud scheduling platform and the wired connection between the cloud scheduling platform and the manufacturer, the present invention only needs to establish a wired connection between the new manufacturer and the cloud scheduling platform, thereby facilitating management.

As shown in Figure 8, a communication connection is established between manufacturer a1 and manufacturer a2, and the specific method is as follows:

S41, the vendor a1 sends a request to the cloud scheduling platform 2 to access the vendor a2; the quantum key distribution engine 22 of the cloud scheduling platform 2 forwards the request to the vendor a2 after receiving the request.

S42, the quantum secret service engine 33 of the manufacturer a2 and the quantum key distribution engine 22 of the cloud scheduling platform 2 negotiate through the BB84 protocol to generate the manufacturer's quantum key Ka2 of the manufacturer a2; the manufacturer a2 stores the manufacturer's quantum key Ka2 in the manufacturer's quantum In the key management module 32 , the cloud scheduling platform 2 stores the vendor quantum key Ka2 of the vendor a2 in the cloud quantum key management module 21 .

Among them, the manufacturer's quantum key is used as a session key for communication between manufacturers.

S43, the quantum key distribution engine 22 of the cloud scheduling platform 2 forwards the vendor quantum key Ka2 of the vendor a2 to the vendor a1.

S44, after receiving the vendor quantum key Ka2 of the vendor a2, the quantum secret service engine 33 of the vendor a1 stores the vendor quantum key Ka2 of the vendor a2 in the vendor quantum key management module 32 of the vendor a1.

S45, information exchange between the manufacturer a1 and the manufacturer a2 based on the manufacturer quantum key Ka2 of the manufacturer a2, including:

The Internet of Vehicles application server 34 of the manufacturer a1 generates relevant application service information Ma1, and the quantum secret service engine 33 of the manufacturer a1 encrypts the application service information Ma1 with the manufacturer quantum key Ka2 of the manufacturer a2, and encrypts the encrypted information Ka2[ Ma1] sent to the cloud scheduling platform 2; the quantum key distribution engine 22 of the cloud scheduling platform 2 forwards the encrypted information Ka2[Ma1] to the manufacturer a2; the quantum secret service engine 33 of the manufacturer a2 receives the encrypted information Ka2[ After Ma1], use the manufacturer quantum key Ka2 of manufacturer a2 to decrypt the encrypted information Ka2[Ma1], obtain the decrypted information, that is, the application service information Ma1 issued by the Internet of Vehicles application server 34 of manufacturer a1, and apply the The service information Ma1 is sent to the Internet of Vehicles application server 34 of the manufacturer a2;

The Internet of Vehicles application server 34 of the manufacturer a2 generates relevant application service information Ma2, and the quantum secret service engine 33 of the manufacturer a2 encrypts the application service information Ma2 using the manufacturer quantum key Ka2 of the manufacturer a2, and encrypts the encrypted information Ka2[ Ma2] sent to the cloud scheduling platform 2; the quantum key distribution engine 22 of the cloud scheduling platform 2 forwards the encrypted information Ka2[Ma2] to the manufacturer a1; the quantum secret service engine 33 of the manufacturer a1 receives the encrypted information Ka2[ After Ma2], the encrypted information Ka2[Ma2] is decrypted by using the quantum key Ka2 of the manufacturer a2, and the decrypted information is obtained, that is, the application service information Ma2 issued by the Internet of Vehicles application server 34 of the manufacturer a2, and the application The service information Ma2 is sent to the IoV application server 34 of the manufacturer a1.

Since the vendor a1 makes the access request to the vendor a2, the vendor a1 and the vendor a2 only use the vendor quantum key Ka2 of the vendor a2 as the session key for information exchange. Moreover, the vendor quantum key Ka2 of vendor a2 is renewable as a session key, and the update method can adopt a one-time pad update strategy, that is, the session key is updated every time a communication connection is made between vendors.

In this embodiment, a specific scene is taken as an example to illustrate the specific processing process and functions of the car cloud service system of the present invention.

scene one,

Assumption: Vehicle c1 and vehicle c2 belong to different manufacturers respectively, that is, they belong to manufacturer a1 and manufacturer a2 respectively, and both vehicles c1 and vehicle c2 are driving on the road respectively, and the generation and distribution of quantum keys at the vehicle end have been completed between each of them and their respective manufacturers The stages are steps S21-S23, each of which realizes the encrypted communication with the manufacturer based on the quantum key at the vehicle end, that is, step S24. At the same time, the quantum key management module 32 of the manufacturer a1 has stored the quantum key Ke1 of the vehicle c1 and the quantum key Kc1 of the vehicle, and the quantum key management module 32 of the manufacturer a2 has stored the quantum key Kc1 of the vehicle c2. Fill the quantum key Ke2 and the quantum key Kc2 at the vehicle end, the cloud quantum key management module 21 of the cloud dispatching platform 2 has already stored the quantum key Ke1 filled with the vehicle c1 and the quantum key Ke2 filled with the vehicle c2 .

If vehicle c1 has a traffic accident and causes road traffic congestion, and vehicle c2 is about to enter the accident road section of vehicle c1 at this time, since the V2X communication in the vehicle-road coordination has a mode of broadcast communication, vehicles can perceive each other through V2X communication. The existence of the other party, when vehicle c2 enters the communication range of vehicle c1, vehicle c1 needs to inform vehicle c2 that there is a traffic accident on this road section, and remind vehicle c2 to pay attention to avoiding.

In this case, the processing procedure of the car cloud service system of the present invention is:

Vehicle c1 initiates a request to the cloud dispatching platform 2 to request access to the vehicle c2, that is, to request to establish a communication connection with the vehicle c2; after receiving the request, the quantum key distribution engine 22 of the cloud dispatching platform 2 sends the request to the manufacturer a1 of the vehicle c1 and the vehicle c2 respectively. The vendor a2 of the company sends this request.

The quantum secret service engine 33 of the manufacturer a1 encrypts the vehicle-end quantum key Kc1 of the vehicle c1 with the quantum key Ke1 filled with the vehicle c1; the quantum secret service engine 33 of the manufacturer a2 uses the quantum key Ke2 filled with the vehicle c2 to encrypt The vehicle-side quantum key Kc2 of vehicle c2 is encrypted; the quantum secret service engine 33 of manufacturer a1 and the quantum secret service engine 33 of manufacturer a2 respectively send their encrypted information, namely Ke1[Kc1] and Ke2[Kc2] to the cloud Scheduling platform 2.

After the quantum key distribution engine 22 of the cloud scheduling platform 2 receives the encrypted information Ke1[Kc1] and Ke2[Kc2], it uses the quantum key Ke1 and the vehicle c1 stored in the cloud quantum key management module 21 to fill the quantum key Ke1 and the vehicle The charged quantum key Ke2 of c2 respectively decrypts the encrypted information Ke1[Kc1] and Ke2[Kc2] to obtain the vehicle-side quantum key Kc1 of vehicle c1 and the vehicle-side quantum key Kc2 of vehicle c2 respectively, and The vehicle-end quantum key Kc1 of the vehicle c1 and the vehicle-end quantum key Kc2 of the vehicle c2 are correspondingly stored in the cloud quantum key management module 21 .

Since it is the vehicle c1 that requests access to the vehicle c2, the quantum key distribution engine 22 of the cloud dispatching platform 2 uses the vehicle-side quantum key Kc1 of the vehicle c1 to encrypt the vehicle-side quantum key Kc2 of the vehicle c2, and the encrypted information is Kc1[Kc2], and send the encrypted information Kc1[Kc2] to vehicle c1.

After receiving the encrypted information Kc1[Kc2], the vehicle-side quantum communication unit 14 of vehicle c1 uses its own vehicle-side quantum key Kc1 to decrypt the encrypted information Kc1[Kc2] to obtain the vehicle-side quantum key of vehicle c2. Key Kc2.

Vehicle c1 performs information interaction with vehicle c2 through the vehicle-end quantum key Kc2 of vehicle c2. The way of information interaction between vehicles is shown in step S35. Vehicle c1 informs vehicle c2 that it is about to enter the accident road section to remind vehicle c2 to pay attention to avoiding.

At the same time, vehicle c1 will also exchange information with its manufacturer a1 through its own vehicle-end quantum key Kc1. The way of information exchange between the vehicle and its manufacturer is shown in step S24. Vehicle c1 informs its manufacturer a1 of the accident Road section, after manufacturer a1 learns about the accident road section, manufacturer a1 will inform other vehicles near the accident road section of the accident road section to remind other vehicles near the accident road section to try to avoid the accident road section in advance to avoid accidents. Secondary traffic accident and traffic jam.

In addition, manufacturer a1 also initiates a request to the cloud scheduling platform 2 to request access to other manufacturers, that is, to request to establish communication connections with other manufacturers. The specific method of establishing communication connections between different manufacturers is shown in step S4. Manufacturer a1 exchanges information with other manufacturers , manufacturer a1 informs other manufacturers of the accident road section, and after other manufacturers learn about the accident road section, other manufacturers will inform other vehicles near the accident road section of the accident road section to remind other vehicles near the accident road section as early as possible Bypass the accident section to avoid secondary traffic accidents and traffic jams.

scene two

Assumption: a special vehicle c3 (such as an ambulance, a fire engine, etc.) needs to perform an emergency task, and the special vehicle c3 hopes that there will be no road traffic jams on the driving route to the destination.

In this case, the processing procedure of the car cloud service system of the present invention is:

The special vehicle c3 establishes a communication connection with its manufacturer a3 before departure. The specific way of establishing a communication connection between the vehicle and its manufacturer is shown in step S2. The special vehicle c3 exchanges information with its manufacturer a3, and the special vehicle c3 communicates with its manufacturer a3. The departure place, the destination and the driving route are sent to the manufacturer a3 to which it belongs.

After the manufacturer a3 knows the origin, destination and driving route of the special vehicle c3, the manufacturer a3 will inform other vehicles located near the driving route of the special vehicle c3 about the relevant situation of the special vehicle c3, so as to remind those who are located in the driving route Other vehicles near the route should drive carefully, give way in advance or try to bypass as early as possible.

At the same time, manufacturer a3 also initiates a request to the cloud scheduling platform 2, requesting to visit other manufacturers means to establish a communication connection with other manufacturers. The specific method of establishing communication connections between different manufacturers is shown in step S4. Manufacturer a3 exchanges information with other manufacturers , manufacturer a3 informs other manufacturers of the origin, destination and driving route of the special vehicle c3, and other manufacturers will inform other vehicles located near the driving route of the special vehicle after other manufacturers know about the special vehicle c3 c3, so as to remind other vehicles located near the driving route to drive carefully, to avoid in advance or to bypass as early as possible.

In the car cloud service system of the present invention, the cloud scheduling platform can ensure that different vehicles of the same manufacturer can communicate with each other, so that the vehicle can obtain the car networking application service provided by the manufacturer, and the manufacturer can also obtain the information of the corresponding vehicle; The dispatching platform can also ensure that different manufacturers and different vehicles of different manufacturers can also communicate with each other, so that vehicles can also obtain Internet of Vehicles application services provided by other manufacturers, and manufacturers can also obtain information about other vehicles; thus ensuring the Internet of Vehicles In the environment, each participant can conduct secure information exchange. In the entire Internet of Vehicles environment, each traffic participant can safely and fully obtain road traffic information, which ensures efficient traffic management, improves traffic efficiency, and reduces the hidden dangers of traffic congestion and traffic accidents.

The above are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention shall be included in the present invention. within the scope of protection.

Claims (10)

1. A car cloud service system based on quantum security, comprising: the system comprises a vehicle end service platform (1) of each vehicle, a manufacturer cloud service platform (3) of each manufacturer and a cloud dispatching platform (2) of a cloud end;

vehicle end service platform (1) sets up on the vehicle, includes: the system comprises a vehicle-end quantum random number generator (11) for generating a quantum key, an intelligent terminal (13) for acquiring vehicle information, and a vehicle-end quantum communication unit (14) for encrypting and decrypting the information; the vehicle-end quantum communication unit (14) is in communication connection with the vehicle-end quantum random number generator (11) and the intelligent terminal (13) respectively; the vehicle-end quantum communication unit (14) is also communicated with the cloud dispatching platform (2);

the vendor cloud service platform (3) comprises: the system comprises a manufacturer quantum random number generator (31) for generating a quantum key, a manufacturer quantum key management module (32) for managing the quantum key, a vehicle networking application server (34) for providing vehicle networking services and generating application service information, and a quantum cryptography engine (33) for encrypting and decrypting the information; the quantum key server management system comprises a quantum key server (33), a manufacturer quantum random number generator (31), a manufacturer quantum key management module (32) and an Internet of vehicles application server (34), wherein the quantum key server (33) is in communication connection with the manufacturer quantum random number generator (31), the manufacturer quantum key management module and the Internet of vehicles application server (34) respectively; the quantum secret service engine (33) is also communicated with the cloud scheduling platform (2);

the cloud scheduling platform (2) comprises: the system comprises a cloud quantum key management module (21) used for managing quantum keys, and a quantum key distribution engine (22) used for encrypting and decrypting information; the quantum key distribution engine (22) is in communication connection with the cloud quantum key management module (21); the quantum key distribution engine (22) is also communicated with a vehicle-end quantum communication unit (14) and a quantum secret server engine (33) respectively;

and establishing communication connection between vehicles, between the vehicles and affiliated manufacturers and between the manufacturers by utilizing the cloud dispatching platform (2).

2. The vehicle cloud service system based on quantum security as claimed in claim 1, wherein a quantum key (vehicle-end quantum key) generated by a vehicle-end quantum random number generator (11) of the vehicle is used as a session key of the vehicle for encrypting interaction information in communication connections between vehicles and manufacturers.

3. The vehicle cloud service system based on quantum security according to claim 2, wherein a quantum key generated by a manufacturer quantum random number generator (31) of a manufacturer is used as a charging quantum key of a vehicle, the charging quantum key is pre-charged in a vehicle-end service platform (1) of the corresponding vehicle, and is synchronously stored in a manufacturer quantum key management module (32) of the manufacturer and a cloud quantum key management module (21) of a cloud scheduling platform (2); the charging quantum key is used for encrypting the vehicle-end quantum key in communication connection between the vehicle and the manufacturer and between the vehicle and the vehicle.

4. The vehicle cloud service system based on quantum security of claim 3, wherein the specific process of establishing communication connection between the vehicle and the manufacturer is as follows:

s1, when a vehicle c leaves a factory, a manufacturer quantum random number generator (31) of a manufacturer a generates a corresponding quantum key, namely a charging quantum key Ke, for the vehicle c, and the charging quantum key Ke is charged in a vehicle-end quantum communication unit (14) of the vehicle c; while storing the charge quantum key Ke for the vehicle c in the vendor quantum key management module (32); the charging quantum key Ke of the vehicle c is sent to the cloud scheduling platform (2) through the quantum key issuing engine (33), and after the charging quantum key Ke of the vehicle c is received by the quantum key issuing engine (22), the charging quantum key Ke of the vehicle c is stored in the cloud quantum key management module (21);

s2, establishing communication connection between the vehicle c and the manufacturer a by using the cloud dispatching platform (2), wherein the communication connection is as follows:

s21, a vehicle-end quantum random number generator (11) of the vehicle c generates a vehicle-end quantum key Kc and sends the vehicle-end quantum key Kc to a vehicle-end quantum communication unit (14); the vehicle-end quantum communication unit (14) encrypts a vehicle-end quantum key Kc by using a charge quantum key Ke of the vehicle c to obtain encrypted information Ke [ Kc ];

s22, the vehicle-end quantum communication unit (14) sends the encrypted information Ke [ Kc ] to the cloud dispatching platform (2), and a quantum key distribution engine (22) of the cloud dispatching platform (2) forwards the encrypted information Ke [ Kc ] to the manufacturer a to which the information Ke [ Kc ] belongs;

s23, after receiving the encrypted information Ke [ Kc ], the quantum key server engine (33) of the manufacturer a decrypts the encrypted information Ke [ Kc ] by using the charging quantum key Ke of the vehicle c stored in the manufacturer quantum key management module (32) to obtain decrypted information, namely, a vehicle-end quantum key Kc of the vehicle c, and correspondingly stores the vehicle-end quantum key Kc of the vehicle c in the manufacturer quantum key management module (32);

s24, information interaction is carried out between the vehicle c and the affiliated manufacturer a based on the vehicle end quantum key Kc of the vehicle c, and the information interaction comprises the following steps:

a quantum cryptography engine (33) of a manufacturer a encrypts application service information Ma generated by an Internet of vehicles application server (34) by using a vehicle-end quantum key Kc of a vehicle c, and sends the encrypted information, namely Kc [ Ma ], to a cloud dispatching platform (2); a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Kc [ Ma ] to a corresponding vehicle c; after receiving the encrypted information Kc [ Ma ], a vehicle end quantum communication unit (14) of the vehicle c decrypts by using a vehicle end quantum key Kc to obtain decrypted information, namely application service information Ma sent by a vehicle networking application server (34);

the vehicle-end quantum communication unit (14) encrypts the information Mc of the vehicle by using the vehicle-end quantum key Kc and sends the encrypted information Kc [ Mc ] to the cloud dispatching platform (2); a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Kc [ Mc ] to the manufacturer a; after receiving the encrypted information Kc [ Mc ], the quantum cryptography engine (33) of the manufacturer a decrypts the information by using the vehicle-end quantum key Kc of the vehicle c to obtain the decrypted information, i.e., the vehicle information Mc.

5. The vehicle cloud service system based on quantum security according to claim 4, wherein the vehicle c1 and the vehicle c2 belong to different manufacturers respectively, wherein the vehicle c1 belongs to the manufacturer a1, and the vehicle c1 and the manufacturer a1 have established communication connection; the vehicle c2 belongs to the manufacturer a2, and the vehicle c2 and the manufacturer a2 establish communication connection;

the cloud dispatching platform (2) is utilized to establish communication connection between the vehicle c1 and the vehicle c2, and the communication connection is as follows:

s31, the vehicle c1 sends a request for accessing the vehicle c2 to the cloud dispatching platform (2); after receiving the request, a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the request to a manufacturer a2 to which the vehicle c2 belongs;

s32, a manufacturer quantum key management module (32) of the manufacturer a2 stores a charging quantum key Ke2 and a vehicle end quantum key Kc2 of the vehicle c2; after the quantum cryptography engine (33) of the manufacturer a2 receives the request, the quantum cryptography engine (33) encrypts the vehicle-end quantum key Kc2 of the vehicle c2 by using the charge quantum key Ke2 of the vehicle c2 to obtain encrypted information Ke2[ Kc2], and sends the encrypted information Ke2[ Kc2] to the cloud scheduling platform (2);

s33, a charging quantum key Ke2 of the vehicle c2 and a charging quantum key Ke1 of the vehicle c1 are already stored in a cloud quantum key management module (21) of the cloud scheduling platform (2); after receiving the encrypted information Ke2[ Kc2], a quantum key distribution engine (22) of the cloud scheduling platform (2) decrypts the encrypted information Ke2[ Kc2] by using a charge quantum key Ke2 of the vehicle c2 to obtain a vehicle-end quantum key Kc2 of the vehicle c2; the quantum key distribution engine (22) encrypts a vehicle end quantum key Kc2 of the vehicle c2 by using a charging quantum key Ke1 of the vehicle c1 to obtain encrypted information Ke1[ Kc2], and sends the encrypted information Ke1[ Kc2] to the vehicle c1;

s34, after the vehicle-end quantum communication unit (14) of the vehicle c1 receives the encrypted information Ke1[ Kc2], decrypting the encrypted information Ke1[ Kc2] by using the charging quantum key Ke1 of the vehicle c1 to obtain decrypted information, namely the vehicle-end quantum key Kc2 of the vehicle c2;

s35, performing information interaction between the vehicle c1 and the vehicle c2 based on the vehicle end quantum key Kc2 of the vehicle c2, including:

a vehicle end quantum communication unit (14) of the vehicle c1 encrypts information Mc1 of the vehicle c1 by using a vehicle end quantum key Kc2 of the vehicle c2, and sends the encrypted information Kc2[ Mc1] to a cloud dispatching platform (2); a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Kc2[ Mc1] to the vehicle c2; after receiving the encrypted information Kc2[ Mc1], a vehicle-end quantum communication unit (14) of the vehicle c2 decrypts the encrypted information Kc2[ Mc1] by using a vehicle-end quantum key Kc2 of the vehicle c2 to obtain decrypted information, namely the information Mc1 of the vehicle c1;

a vehicle end quantum communication unit (14) of the vehicle c2 encrypts information Mc2 of the vehicle c2 by using a vehicle end quantum key Kc2 of the vehicle c2, and sends the encrypted information Kc2[ Mc2] to a cloud dispatching platform (2); the quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Kc2[ Mc2] to the vehicle c1; after receiving the encrypted information Kc2[ Mc2], the vehicle-end quantum communication unit (14) of the vehicle c1 decrypts the encrypted information Kc2[ Mc2] by using the vehicle-end quantum key Kc2 of the vehicle c2, and obtains the information Mc2 of the vehicle c2, which is the decrypted information.

6. The vehicle cloud service system based on quantum security as claimed in any one of claims 3-5, wherein a certain number of charge quantum keys are charged in the vehicle-side service platform (1) of the corresponding vehicle, and are synchronously stored in the manufacturer quantum key management module (32) of the manufacturer and the cloud quantum key management module (21) of the cloud scheduling platform (2);

under the set condition, the charging quantum keys in the vehicle-side service platform (1), the manufacturer quantum key management module (32) and the cloud quantum key management module (21) are periodically and synchronously updated.

7. The vehicle cloud service system based on quantum security of any one of claims 1-5, wherein the quantum secret service engine (33) of the manufacturer and the quantum key distribution engine (22) of the cloud scheduling platform (2) are connected through a dedicated line.

8. The vehicle cloud service system based on quantum security of claim 7, wherein a quantum cryptography engine (33) of a manufacturer and a quantum key distribution engine (22) of a cloud scheduling platform (2) communicate with each other using a BB84 protocol, and the two negotiate with the BB84 protocol to generate a manufacturer quantum key as a manufacturer session key for encrypting interaction information in communication connection between the manufacturer and the manufacturer.

9. The vehicle cloud service system based on quantum security of claim 8, wherein the cloud scheduling platform (2) is used to establish a communication connection between a manufacturer a1 and a manufacturer a2, and the communication connection is as follows:

s41, the manufacturer a1 sends a request for accessing the manufacturer a2 to the cloud scheduling platform (2); after receiving the request, a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the request to a manufacturer a2;

s42, a quantum secret key Ka2 of the manufacturer a2 is generated through negotiation between a quantum secret server engine (33) of the manufacturer a2 and a quantum secret key distribution engine (22) of the cloud scheduling platform (2) through a BB84 protocol; the manufacturer a2 stores the manufacturer quantum key Ka2 in a manufacturer quantum key management module (32), and the cloud dispatching platform (2) stores the manufacturer quantum key Ka2 of the manufacturer a2 in a cloud quantum key management module (21);

s43, the quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the manufacturer quantum key Ka2 of the manufacturer a2 to the manufacturer a1;

s44, after the quantum cryptography engine (33) of the manufacturer a1 receives the manufacturer quantum key Ka2 of the manufacturer a2, the manufacturer quantum key Ka2 of the manufacturer a2 is stored in the manufacturer quantum key management module (32) of the manufacturer a1;

s45, information interaction is carried out between the manufacturer a1 and the manufacturer a2 based on the manufacturer quantum key Ka2 of the manufacturer a2, and the information interaction comprises the following steps:

the method comprises the steps that an Internet of vehicles application server (34) of a manufacturer a1 generates application service information Ma1, a quantum cryptography engine (33) of the manufacturer a1 encrypts the application service information Ma1 by using a manufacturer quantum key Ka2 of the manufacturer a2, and sends the encrypted information Ka2[ Ma1] to a cloud dispatching platform (2); a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Ka2[ Ma1] to a manufacturer a2; after receiving the encrypted information Ka2[ Ma1], the quantum cryptography engine (33) of the manufacturer a2 decrypts the encrypted information Ka2[ Ma1] by using the manufacturer quantum key Ka2 of the manufacturer a2 to obtain decrypted information, namely application service information Ma1 sent by the Internet of vehicles application server (34) of the manufacturer a1;

the method comprises the steps that an Internet of vehicles application server (34) of a manufacturer a2 generates application service information Ma2, a quantum cryptography engine (33) of the manufacturer a2 encrypts the application service information Ma2 by using a manufacturer quantum key Ka2 of the manufacturer a2, and sends the encrypted information Ka2[ Ma2] to a cloud dispatching platform (2); a quantum key distribution engine (22) of the cloud scheduling platform (2) forwards the encrypted information Ka2[ Ma2] to the manufacturer a1; after receiving the encrypted information Ka2[ Ma2], the quantum cryptography engine (33) of the manufacturer a1 decrypts the encrypted information Ka2[ Ma2] by using the manufacturer quantum key Ka2 of the manufacturer a2 to obtain decrypted information, namely application service information Ma2 sent by the internet-of-vehicles application server (34) of the manufacturer a2.

10. The quantum security-based vehicle cloud service system according to claim 1, wherein the vehicle-end service platform (1) further comprises an electronic control unit (12) for controlling a vehicle; the electronic control unit (12) is in communication connection with the intelligent terminal (13);

the intelligent terminal (13) comprises a communication module (131), a main control module (132) and a CAN controller (133) which are in communication connection in sequence;

the communication module (131) is used for communicating with a vehicle-end quantum communication unit (14); the CAN controller (133) is used for data transmission on a CAN bus; the main control module (132) controls the CAN controller (133) to acquire the information of the vehicle through the CAN bus and sends the information of the vehicle to the vehicle-end quantum communication unit (14) through the communication module (131); the main control module (132) receives the decrypted information from the vehicle-end quantum communication unit (14) through the communication module (131), generates a control instruction according to the decrypted information, and then sends the control instruction to the electronic control unit (12) through the CAN controller (133); and the electronic control unit (12) correspondingly controls the vehicle according to the control instruction.

Images