CN116055033A - Method for generating session key, communication network system, storage medium and electronic device - Google Patents

Method for generating session key, communication network system, storage medium and electronic device Download PDF

Info

Publication number
CN116055033A
CN116055033A CN202211326376.2A CN202211326376A CN116055033A CN 116055033 A CN116055033 A CN 116055033A CN 202211326376 A CN202211326376 A CN 202211326376A CN 116055033 A CN116055033 A CN 116055033A
Authority
CN
China
Prior art keywords
authentication message
domain controller
electronic control
verified
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211326376.2A
Other languages
Chinese (zh)
Inventor
颜雪薇
王新华
夏冰冰
李向锋
王慧文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING CERTIFICATE AUTHORITY
Original Assignee
BEIJING CERTIFICATE AUTHORITY
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING CERTIFICATE AUTHORITY filed Critical BEIJING CERTIFICATE AUTHORITY
Priority to CN202211326376.2A priority Critical patent/CN116055033A/en
Publication of CN116055033A publication Critical patent/CN116055033A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

Some embodiments of the present application provide a method for generating a session key, a communication network system, a storage medium, and an electronic device, which are applied to a domain controller in the communication network system, where the communication network system further includes: the method comprises the steps of: sending a first authentication message to the gateway, wherein the first authentication message carries a domain controller device number and first encryption information, and the first encryption information is at least related to a first random number; receiving a second authentication message corresponding to the first authentication message and fed back by the gateway; and generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway. Some embodiments of the present application may ensure security of identity authentication and data transmission in a communication network system.

Description

Method for generating session key, communication network system, storage medium and electronic device
Technical Field
The present application relates to the technical field of the internet of things, and in particular, to a method for generating a session key, a communication network system, a storage medium, and an electronic device.
Background
Along with the development of the Internet of things and industrial automation, the traditional automobile industry starts the transition of digitalization and intellectualization, and gradually enters the intelligent automobile networking era. The intelligent network car is provided with advanced devices such as sensors and controllers, and introduces network information technologies such as the car networking, so that an intelligent management and control system is realized. The development of intelligent internet-connected automobiles brings much intelligent and comfortable experience for automobile driving, and simultaneously brings more security threats.
At present, a lot of malicious attacks are aimed at automobiles, and the purpose of the malicious attacks is to obtain permission to enter an internal communication bus of the automobile. In order to resist malicious attacks, the prior art adopts an asymmetric key system and a digital signature mode to ensure the safe communication of a communication bus, but the calculation amount and the storage amount of the asymmetric key system are larger, the storage and calculation burden of a control unit in communication can be certainly increased, the communication load on the communication bus can be increased, and the requirement of higher real-time communication in a vehicle can not be met.
Therefore, how to provide a technical solution for efficiently generating a session key is a technical problem to be solved.
Disclosure of Invention
An object of some embodiments of the present application is to provide a method for generating a session key, a communication network system, a storage medium, and an electronic device, by which the communication computation and the storage data of identity authentication in the communication network system can be reduced, and meanwhile, a corresponding session key is obtained in real time by adopting a random number generation manner, so that forward security of the session key is ensured.
In a first aspect, some embodiments of the present application provide a method for generating a session key, applied to a domain controller in a communication network system, the communication network system further comprising: gateway and electronic control end include: sending a first authentication message to the gateway, wherein the first authentication message carries a domain controller device number and first encryption information, and the first encryption information is at least related to a first random number; receiving a second authentication message corresponding to the first authentication message and fed back by the gateway, wherein the second authentication message is at least related to the domain controller equipment number and a second random number; and generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
According to the method and the device, the first authentication message is sent to the gateway, the second authentication message fed back by the gateway is received, so that identity authentication between the gateway and the domain controller is achieved, the first session key can be generated finally based on the second authentication message, the first session key is generated on the premise that the identity authentication passes, the communication calculated amount and the storage data amount of the identity authentication in the communication network system can be reduced, meanwhile, the first session key is obtained in real time in a random number generation mode, and the forward safety of the session key is ensured.
In some embodiments, before the sending the first authentication message to the gateway, the method further comprises: generating the first random number, and acquiring the gateway equipment number, a first preset key, a first encryption identifier and a first transmission counter value; and encrypting the gateway equipment number, the first random number, the first encryption identifier and the first transmission counter value by using the first preset key to generate the first encryption information.
According to the method and the device, the first encryption information is obtained by symmetrically encrypting the related information, so that the first authentication information is obtained, and the safety of data transmission and the confidentiality of the identity authentication information can be realized.
In some embodiments, the generating a first session key from the second authentication message includes: decrypting the second authentication message by using the first preset key to obtain second information to be verified, wherein the second information to be verified comprises: the method comprises the steps of verifying a domain controller equipment number to be verified, a first sending counter value to be verified and a gateway sending counter value to be verified; and if the second information to be verified meets the preset condition, generating the first session key.
In some embodiments of the present application, the first preset key may be used to decrypt the second authentication message to obtain the second information to be verified in a symmetric encryption manner, and the first session key is generated when the second information to be authenticated passes verification. The calculation amount and the storage amount of the data can be reduced by the symmetrical encryption method, and meanwhile, the first session key is generated under the condition that the identity authentication is passed, so that the safety of communication is ensured.
In some embodiments, the confirming that the second information to be verified meets a preset condition includes: and confirming that the domain controller equipment number to be verified is the same as the domain controller equipment number, confirming that the first sending counter value to be verified is the same as the first sending counter value, and confirming that the second information to be verified meets the preset condition when the gateway sending counter value to be verified is larger than the first receiving counter value.
According to the method and the device, the data in the second information to be verified are respectively compared with the preset conditions, the second information to be verified can be confirmed to pass verification when the preset conditions are met, the efficiency is high, meanwhile, replay attack can be effectively prevented by comparing the counter values, and the network environment safety is ensured.
In some embodiments, prior to the generating the first session key, the method further comprises: and sending verification passing information corresponding to the second information to be verified meeting preset conditions to the gateway and the electronic control terminal, so that the gateway generates the first session key, and the electronic control terminal can conveniently execute authentication operation with the domain controller.
According to the method and the device, information synchronization can be achieved by sending information passing verification to the gateway and the electronic control terminal.
In some embodiments, after the generating the first session key, the method further comprises: receiving a third authentication message sent by the electronic control terminal, wherein the third authentication message carries an equipment number of the electronic control terminal and third encryption information, and the third encryption information is at least related to the equipment number of the domain controller; verifying the third authentication message to obtain a verification result; and generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal under the condition that the verification result of the third authentication message is passed, so that the electronic control terminal can conveniently carry out identity authentication on the domain controller terminal.
After the first session key is generated, the embodiment of the application verifies the received third authentication message sent by the electronic control terminal, and after the verification is passed, the fourth authentication message can be sent to the electronic control terminal, so that identity authentication between the domain control terminal and the electronic control terminal can be realized through fewer communication times, and the efficiency is higher.
In some embodiments, the generating the fourth authentication message includes: acquiring a second preset key, a key parameter, a fourth encryption identifier, a sending counter value of an electronic control terminal, a second sending counter value and an equipment number of the electronic control terminal; and encrypting the key parameter, the fourth encryption identifier, the electronic control terminal sending counter value, the second sending counter value and the electronic control terminal equipment number by using the second preset key to obtain the fourth authentication message.
According to the method and the device for obtaining the fourth authentication information, the fourth authentication information is obtained through symmetric encryption of the related data between the domain controller and the electronic control terminal, and the safety of data transmission and the confidentiality of identity authentication information can be achieved.
In some embodiments, after the sending the fourth authentication message to the electronic control terminal, the method further includes: receiving a result of verification of the fourth authentication message sent by the electronic control terminal; and taking the key parameter as a second session key, wherein the key parameter is generated by the gateway, and the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
After the fourth authentication message passes verification, the embodiments of the present invention can ensure that the identity authentication between the domain controller and the electronic controller passes, and further can obtain the second session key, thereby ensuring the security of communication.
In some embodiments, verifying the third authentication message, to obtain a verification result, includes: acquiring the equipment number of the electronic control terminal carried by the third authentication message; searching the second preset key corresponding to the equipment number of the electronic control terminal, and decrypting the third encrypted information by using the second preset key to obtain third information to be verified, wherein the third information to be verified comprises: the method comprises the steps that a domain controller equipment number to be verified and an electronic control terminal to be verified send a counter value; and when the to-be-verified domain controller equipment number is confirmed to be the same as the domain controller equipment number, and the to-be-verified electronic control terminal sending counter value is larger than the second receiving counter value, the verification result of the third authentication message is passed.
According to the method and the device for verifying the third authentication information, the second preset key for decrypting the third authentication information can be obtained through the electronic control terminal device number, verification of the third authentication information is achieved, efficiency is high, and replay attack can be effectively prevented through comparison of the counter value.
In a second aspect, some embodiments of the present application provide a method for generating an in-vehicle session key, applied to a gateway in a communication network system, where the communication network system further includes: domain controller and electronic control end, include: receiving a first authentication message sent by the domain controller, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number; generating a second authentication message and sending the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification, wherein the second authentication message is at least related to the domain controller equipment number and a second random number; and receiving the information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
According to the method and the device for generating the first session key, the first authentication message sent by the domain controller is received and verified, the second authentication message is sent, the first session key is generated under the condition that the second authentication message passes is confirmed, the first session key is generated on the premise that identity authentication passes, the communication calculated amount and the storage data amount of the identity authentication in a communication network system can be reduced, meanwhile, the first session key is obtained in real time in a random number generation mode, and the forward safety of the session key is ensured.
In some embodiments, the generating the second authentication message includes: generating the second random number and key parameters, and acquiring the domain controller equipment number, a first preset key, a second encryption identifier, a gateway transmission counter value and a first transmission counter value; and encrypting the second random number, the domain controller equipment number, the key parameter, the second encryption identifier, the gateway sending counter value and the first sending counter value by using the first preset key to obtain the second authentication message.
According to the method and the device, the second random number is generated, and the information related to the gateway and the domain controller is symmetrically encrypted to obtain the second authentication information, so that the safety of data transmission and the confidentiality of identity authentication information can be ensured.
In some embodiments, the validating the first authentication message is verified, comprising: acquiring the domain controller equipment number carried by the first authentication message; searching the first preset key corresponding to the domain controller equipment number, and decrypting the first encrypted information by using the first preset key to obtain first information to be verified, wherein the first information to be verified comprises: a gateway device number to be verified and a first transmit counter value to be verified; and when the to-be-verified gateway equipment number is confirmed to be the same as the gateway equipment number, and the to-be-verified first sending counter value is confirmed to be larger than the gateway receiving counter value, the first authentication message passes verification.
According to the method and the device for verifying the first encryption information, the first encryption information is decrypted through searching the first preset key corresponding to the domain controller device number to obtain the first information to be verified, the first information to be verified can be verified, efficiency is high, and replay attack can be effectively prevented through comparing the counter value.
In some embodiments, the method further comprises: and sending the key parameter to the domain controller, wherein the key parameter is used as a second session key for encrypting communication data generated by the domain controller and the electronic control terminal.
Some embodiments of the present application may implement encrypted transmissions of subsequent communications by using the key parameter as the second session key.
In a third aspect, some embodiments of the present application provide a method for generating an in-vehicle session key, which is applied to an electronic control end in a communication network system, where the communication network system further includes: a gateway and domain controller comprising: sending a third authentication message to the domain controller, wherein the third authentication message carries an electronic control end equipment number and third encryption information, and the third encryption information is at least related to the domain controller equipment number; receiving a fourth authentication message corresponding to the third authentication message fed back by the domain controller, wherein the fourth authentication message is at least related to a key parameter; and when the fourth authentication message is confirmed to pass the verification, the key parameter is used as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
According to the method and the device, the identity authentication of the domain controller and the electronic control end can be achieved by sending the third authentication message to the domain controller and receiving the fourth authentication message fed back by the domain controller, so that the second session key is obtained, the communication calculated amount and the storage data amount of the identity authentication in the communication network system can be reduced, and guarantee is provided for encryption transmission of subsequent communication data.
In some embodiments, before the sending the third authentication message to the domain controller, the method further comprises: acquiring the domain controller equipment number, a second preset key, a third encryption identifier and an electronic control terminal sending counter value; and encrypting the domain controller equipment number, the third encryption identifier and the electronic control terminal sending counter value by using the second preset key to generate the third encryption information.
According to some embodiments of the application, the second preset key is used for encrypting the related data of the domain controller and the electronic control terminal to obtain third encrypted information, so that safe transmission of the identity authentication data can be realized.
In some embodiments, said validating said fourth authentication message comprises: decrypting the fourth authentication message by using the second preset key to obtain fourth information to be verified, wherein the fourth information to be verified comprises: the device number of the electronic control terminal to be verified, the sending counter value of the electronic control terminal to be verified, the second sending counter value to be verified and the key parameter; and confirming that the equipment number of the electronic control end to be verified is the same as the equipment number of the electronic control end, the sending counter value of the electronic control end to be verified is the same as the sending counter value of the electronic control end, the second sending counter value to be verified is larger than the receiving counter value of the electronic control end, and the fourth authentication message passes verification.
According to the method and the device for verifying the authentication information, the second preset key is used for decrypting the fourth authentication information and verifying the obtained fourth information to be verified, so that the accuracy of the authentication information can be ensured, and meanwhile, replay attack can be effectively prevented by comparing the counter values.
In some embodiments, after said taking the key parameter as the second session key, the method further comprises: and deriving the second session key through the signal matrix of the electronic control terminal to obtain at least one derived key corresponding to the signal matrix, wherein the at least one derived key is used for encrypting data corresponding to the signal matrix.
According to the method and the device, the second session key is derived through the signal matrix of the electronic control terminal, so that the safety of subsequent communication data transmission can be effectively ensured.
In a fourth aspect, some embodiments of the present application provide a communication network system, comprising: a gateway, configured to receive a first authentication message sent by a domain controller; generating a second authentication message and transmitting the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification; receiving information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway; the domain controller is configured to send a first authentication message to the gateway; receiving the second authentication message fed back by the gateway; generating a first session key according to the second authentication message; the domain controller is further configured to receive a third authentication message sent by the electronic control terminal; verifying the third authentication message to obtain a verification result; generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal under the condition that the verification result of the third authentication message is passed, so that the electronic control terminal can conveniently carry out identity authentication on the domain controller terminal; the electronic control terminal is used for sending a third authentication message to the domain controller; receiving the fourth authentication message fed back by the domain controller; and when the fourth authentication message is confirmed to pass the verification, the key parameter is used as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
In a fifth aspect, some embodiments of the present application provide a domain controller comprising: a first sending module, configured to send a first authentication message to the gateway, where the first authentication message carries a domain controller device number and first encryption information, where the first encryption information is at least related to a first random number; the first receiving module is used for receiving a second authentication message corresponding to the first authentication message and fed back by the gateway, wherein the second authentication message is at least related to the domain controller equipment number and a second random number; and the first generation module is used for generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
In a sixth aspect, some embodiments of the present application provide a gateway, comprising: the second receiving module is used for receiving a first authentication message sent by the domain controller, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number; a second generation module, configured to generate a second authentication message and send the second authentication message to the domain controller if the first authentication message is confirmed to pass verification, where the second authentication message is related to at least the domain controller device number and a second random number; and the third receiving module is used for receiving the verified information of the second authentication message sent by the domain controller and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
In a seventh aspect, some embodiments of the present application provide an electronic control terminal, including: the second sending module is used for sending a third authentication message to the domain controller, wherein the third authentication message carries an electronic control end equipment number and third encryption information, and the third encryption information is at least related to the domain controller equipment number; a fourth receiving module, configured to receive a fourth authentication message corresponding to the third authentication message, where the fourth authentication message is fed back by the domain controller, and the fourth authentication message is at least related to a key parameter; and the acquisition module is used for taking the key parameter as a second session key when the fourth authentication message passes verification, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
In an eighth aspect, some embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which when executed by a processor performs a method according to any of the embodiments of the first, second or third aspects.
In a ninth aspect, some embodiments of the present application provide an electronic device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor is capable of implementing the method according to any one of the embodiments of the first, second or third aspects when executing the program.
In a tenth aspect, some embodiments of the present application provide a computer program product comprising a computer program, wherein the computer program, when executed by a processor, is adapted to carry out the method according to any one of the embodiments of the first, second or third aspects.
Drawings
In order to more clearly illustrate the technical solutions of some embodiments of the present application, the drawings that are required to be used in some embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort to a person having ordinary skill in the art.
FIG. 1 is an architecture diagram of a communication network system within a smart car provided in some embodiments of the present application;
FIG. 2 is a diagram of a communication network system provided in some embodiments of the present application;
FIG. 3 is one of the flow charts of the method for generating an in-vehicle session key provided in some embodiments of the present application;
FIG. 4 is a second flowchart of a method for generating an in-vehicle session key according to some embodiments of the present application;
FIG. 5 is a third flowchart of a method for generating an in-vehicle session key according to some embodiments of the present application;
FIG. 6 is an interactive flow diagram for generating an in-vehicle session key provided by some embodiments of the present application;
FIG. 7 is a block diagram of a gateway component provided in some embodiments of the present application;
FIG. 8 is a block diagram of a domain controller according to some embodiments of the present application;
FIG. 9 is a block diagram of an electronic control terminal according to some embodiments of the present application;
fig. 10 is a schematic diagram of an electronic device according to some embodiments of the present application.
Detailed Description
The technical solutions in some embodiments of the present application will be described below with reference to the drawings in some embodiments of the present application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only to distinguish the description, and are not to be construed as indicating or implying relative importance.
In the related art, in order to obtain rights to access an internal communication bus of an automobile, malicious attacks against the automobile are numerous. Most of the current in-vehicle communication networks lack safety protection measures, and once an attacker enters the in-vehicle network, the attacker can smoothly send malicious instructions to control various electronic control units (Electronic Control Unit, ECU for short) of the vehicle, with unpredictable results. The intelligent driving automobile is mostly in a heterogeneous network mode, and a communication line mainly comprises CAN, CAN-FD, LIN, ethernet and the like. The communication load of the CAN bus is low and the computational and memory capabilities of the ECU are also very limited. Meanwhile, the communication in the vehicle has higher requirement on real-time performance, and if longer time delay occurs in the running process of the vehicle, the communication in the vehicle is highly likely to bring great risk to personal safety of personnel in the vehicle.
In order to resist malicious attacks, one way in the prior art is to use an asymmetric key system and a digital signature to guarantee secure communication of the CAN bus. However, the asymmetric cryptosystem has larger demands on the calculated amount and the memory amount, brings great memory and calculation load to the ECU, increases the communication load on the CAN bus, and hardly ensures the high real-time requirement of in-vehicle communication. Another way is a lightweight message authentication method for the CAN bus. However, this method only solves the authentication problem on the CAN bus, and is not applicable to heterogeneous network environments (heterogeneous networks are composed of computers, network devices and systems produced by different manufacturers). The method calculates a session key based on a counter and a preset key, wherein the preset key is a deterministic key, the safety of in-vehicle communication depends on the preset key stored for a long time, and the forward safety cannot be ensured (the forward safety refers to that the leakage of a master key used for a long time cannot lead to the leakage of a past session key). Meanwhile, mutual authentication and session key generation are needed between every two communicating ECUs, and the calculation load of the ECUs and the communication load on a CAN bus are increased. In the prior art, the identity authentication is realized based on a unified preset authentication key, and a session key generation mechanism is not considered. And the implementation of the scheme requires strong security assumptions, such as: it is necessary to assume that replay attacks do not exist in the execution environment, impersonation attacks do not exist in the group, and the like, and secure transmission of in-vehicle communication data cannot be effectively ensured in practical applications. The Replay Attacks (Replay Attacks) are also called Replay Attacks and Replay Attacks, and refer to that an attacker sends a packet received by a target host to achieve the purpose of spoofing a system, and are mainly used in an identity authentication process to destroy the authentication correctness.
In view of this, some embodiments of the present application provide a communication network system that includes a gateway, a domain controller, and an electronic control terminal. The system can encrypt the authentication information by a symmetrical encryption method, so as to realize the identity authentication between the gateway and the domain controller and between the domain controller and the electronic control terminal, and the counter can be used for recording the receiving and sending times of the information in the process of the identity authentication so as to prevent replay attack. After the identity authentication is passed, a first session key between the gateway and the domain controller and a second session key between the domain controller and the electronic control terminal can be generated, wherein the first session key is related to a random number in the authentication message, and the second session key is related to a randomly generated key parameter, so that the forward security of the first session key and the second session key can be ensured. And the communication network system adopts a symmetrical encryption method, so that the calculation burden and the storage burden between the terminals can be reduced. The method of dividing the communication system into two layers of gateway, domain controller and electronic control terminal for separate authentication can be suitable for the identity authentication of the ECU (i.e. the electronic control terminal) of the complex heterogeneous network in the vehicle, and has higher adaptability.
Referring to fig. 1, fig. 1 is a schematic diagram of an in-intelligent-vehicle communication network system according to some embodiments of the present application.
It should be noted that, generally, a communication architecture in an intelligent automobile is divided into different functional domains, where there is a domain controller and ECUs in some domains (as a specific example of an electronic controller) in each functional domain, and there is a central gateway (abbreviated as "gateway") between the functional domains. In the vehicle, the gateway has the strongest calculation and storage resources, has the capability of random number generation and self-checking, and has relatively weaker resources of the ECU in the vehicle. As shown in fig. 1, some embodiments of the present application provide an architecture diagram of a communication network system within a smart car. The architecture diagram comprises: a first domain composed of the first domain controller 110, the first ECU111 and the second ECU112, a second domain composed of the second domain controller 120 and the third ECU121, a third domain composed of the third domain controller 130 and the fourth ECU131, and a fourth domain composed of the fourth domain controller 140, the fifth ECU141 and the sixth ECU 142. The first functional domain, the second functional domain, the third functional domain and the fourth functional domain are all in communication connection with the gateway 100 through CAN, CAN-FD or ethernet. Wherein, each domain controller and the ECU CAN be in communication connection through a CAN bus or LIN. When the intelligent automobile needs to be started each time, each domain controller in the communication network system in the intelligent automobile needs to perform identity authentication and key negotiation with the gateway 100, and then each domain controller performs identity authentication and key negotiation with the ECU in the intelligent automobile. It should be appreciated that some embodiments of the present application divide the authentication and negotiation process of a communication network system into two layers: the first layer is authentication and key negotiation between the domain controller and the gateway, and the second layer is authentication and key negotiation between the domain controller and the electronic control terminal. Through the layering mode, the communication network system provided by the application can be suitable for any heterogeneous network environment, and the practicability is high.
It can be understood that the corresponding session key can be generated through key negotiation, and after the identity authentication and key negotiation are completed, the encrypted transmission of the communication data in the intelligent automobile can be realized subsequently, so that the safety of the data in the automobile is ensured.
It should be noted that, in some embodiments of the present application, when the smart car is started, the first, second, third and fourth functional domains in fig. 1 all perform identity authentication and key negotiation with the gateway 100. Since the principle of the method of identity authentication and key negotiation between each functional domain and the gateway 100 is the same, in some embodiments provided below, the implementation procedure of the method of generating a session key provided in some embodiments of the present application will be described by taking the second functional domain of fig. 2 as an example.
Referring to fig. 2, fig. 2 is a diagram of a communication network system according to some embodiments of the present application, where the system includes: gateway 100, second domain controller 120 (as a specific example of a domain controller), and third ECU (as a specific example of an electronic control terminal). The gateway 100 and the second domain controller 120 may perform bidirectional identity authentication and key negotiation, and the second domain controller 120 and the third ECU may perform bidirectional identity authentication and key negotiation, so as to ensure security of the communication network system.
The functions of the respective constituent units are exemplarily described below.
In some embodiments of the present application, the second domain controller 120 is configured to: sending a first authentication message to the gateway; receiving the second authentication message fed back by the gateway; generating a first session key according to the second authentication message; the method is also used for receiving a third authentication message sent by the electronic control terminal; verifying the third authentication message to obtain a verification result; and generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal under the condition that the verification result of the third authentication message is passed, so that the electronic control terminal can conveniently carry out identity authentication on the domain controller terminal.
In some embodiments of the present application, gateway 100 is used to: receiving a first authentication message sent by a domain controller; generating a second authentication message and transmitting the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification; and receiving the information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
In some embodiments of the present application, the third ECU121 is configured to: sending a third authentication message to the domain controller; receiving the fourth authentication message fed back by the domain controller; and when the fourth authentication message is confirmed to pass the verification, the key parameter is used as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
In addition, before the intelligent automobile leaves the factory, corresponding information can be respectively arranged in the gateway, the domain controller and the electronic control terminal in the intelligent automobile. One gateway may correspond to at least one domain controller, and one domain controller may correspond to at least one electronic control terminal. The gateway is provided with each domain controller equipment number corresponding to each domain controller, a preset key corresponding to each domain controller equipment number, a gateway sending counter, a gateway receiving counter and an encryption identifier. The domain controller is internally provided with a gateway equipment number, a preset key, each electronic control end equipment number in the electronic control ends under the domain controller, the preset key corresponding to each electronic control end equipment number, an encryption identifier, a first sending counter and a first receiving counter for recording the communication times with the gateway, and a second sending counter and a second receiving counter for recording the communication times with the electronic control ends. The electronic control terminal is internally provided with a domain controller equipment number, a preset secret key, an electronic control terminal sending counter, an electronic control terminal receiving counter and an encryption identifier.
The implementation of the generation of session keys performed by the second domain controller 120 in fig. 2 provided in some embodiments of the present application is described below by way of example in conjunction with fig. 3.
Referring to fig. 3, fig. 3 is a flowchart of a method for generating a session key according to some embodiments of the present application, where the method for generating a session key includes:
and S310, sending a first authentication message to the gateway, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number.
For example, in some embodiments of the present application, the second domain controller 120 may send a first authentication message Token to the gateway 100 at start-up of the smart car BA To initiate an authentication protocol between the second domain controller 120 and the gateway 100 this time.
In some embodiments of the present application, before performing S310, the method of generating a session key further includes: generating the first random number, and acquiring the gateway equipment number, a first preset key, a first encryption identifier and a first transmission counter value; and encrypting the gateway equipment number, the first random number, the first encryption identifier and the first transmission counter value by using the first preset key to generate the first encryption information.
For example, in some embodiments of the present application, the smart car has been provided with a gateway device number ID of the gateway 100, which the second domain controller 120 communicates with, inside the second domain controller 120 before leaving the factory A Second domain controller device number ID B A first preset key K AB First encryption identifier SID 1 1 First receiving counter N B And a first transmit counter TN B . It should be appreciated that before the smart car starts, N B And TN (TN) B The values of (2) are all 0. To ensure the forward security of the key, the embodiments of the present application may use a random number, that is, the second domain controller 120 may generate the first random number F B Thereafter, use K AB Encrypting other information to obtain first encrypted information, and further obtaining: token (Token) BA =e KAB (SID 1 1 ||TN B ||ID A ||F B )||ID B . As can be seen, token BA Carrying two parts of information, one part being encrypted e KAB (SID 1 1||TN B ||ID A ||F B ) I.e., the first encryption information, another part is the second domain controller device number of the second domain controller 120 (as a specific example of the domain controller device number). When the second domain controller 120 sends a Token to the gateway 100 BA TN when B Has a value of 1, N B =0. e is an encryption algorithm.
In other embodiments of the present application, the second domain controller device number ID is present in the communication protocol in which the second domain controller 120 communicates with the gateway 100 B At this time, the ID may not be used B Added to Token BA In, i.e. Token BA =e KAB (SID 1 1||TN B ||ID A ||F B ) Thereby the Token can be reduced BA And the occupied memory improves the transmission efficiency of the first authentication message.
In other embodiments of the present application, if the domain controller does not have the capability to generate random numbers, F B May be a default value set or may be null.
S320, receiving a second authentication message corresponding to the first authentication message, which is fed back by the gateway, wherein the second authentication message is at least related to the domain controller equipment number and a second random number.
For example, in some embodiments of the present application, gateway 100 is verifying Token BA Thereafter, a second authentication message Token is fed back to the second domain controller 120 AB
S330, generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
In some embodiments of the present application, S330 may include: decrypting the second authentication message by using the first preset key to obtain second information to be verified, wherein the second information to be verified comprises: the method comprises the steps of verifying a domain controller equipment number to be verified, a first sending counter value to be verified and a gateway sending counter value to be verified; and if the second information to be verified meets the preset condition, generating the first session key.
For example, in some embodiments of the present application, the second domain controller 120 may utilize K AB For Token BA Decrypting to obtain the ID to be verified B TN to be verified B Value and gateway to be verified send counter value TN A . If it is confirmed that all the three types of information meet the preset conditions, the identity authentication between the gateway 100 and the second domain controller 120 can be confirmed to pass, and then the key derivation function can be invoked to generate the first session key. For example, the first session key k=f (F A ,F B ,TN A ,TN B ,ID A ,ID B ,SID 1 1) Wherein F is A Is a second random number. Through F A And F B The first session key generated each time the car is started can be ensured to be different, so that the forward security of the key can be ensured.
In some embodiments of the present application, S330 may include: and confirming that the domain controller equipment number to be verified is the same as the domain controller equipment number, confirming that the first sending counter value to be verified is the same as the first sending counter value, and confirming that the second information to be verified meets the preset condition when the gateway sending counter value to be verified is larger than the first receiving counter value.
For example, in some embodiments of the present application, the ID to be verified B And a second domain controller 120Second domain controller device number ID of (2) B Same TN to be verified B A value of 1 and TN A =1>N B And=0, the second verification information is characterized as verified.
In some embodiments of the present application, S330 may further include: and sending verification passing information corresponding to the second information to be verified meeting preset conditions to the gateway and the electronic control terminal, so that the gateway generates the first session key, and the electronic control terminal can conveniently execute authentication operation with the domain controller.
For example, in some embodiments of the present application, the second domain controller 120 may send the corresponding authentication passing results to the gateway 100 and the third ECU121, so that the gateway 100 may synchronously generate the first session key K and proceed with the authentication and key negotiation between the second domain controller 120 and the third ECU 121.
In some embodiments of the present application, after performing S330, the method for generating a session key further includes (not shown in the figure):
s340, receiving a third authentication message sent by the electronic control terminal, wherein the third authentication message carries an equipment number of the electronic control terminal and third encryption information, and the third encryption information is at least related to the equipment number of the domain controller.
For example, in some embodiments of the present application, the third ECU121 sends a third authentication message Token to the second domain controller 120 CB An authentication protocol between the third ECU121 and the second domain controller 120 has been initiated. At this time, it can be inferred that the electronic control side counter value TN of the third ECU121 C The second receive counter value N of the second domain controller 120 =1 B =0。
S350, verifying the third authentication message to obtain a verification result.
In some embodiments of the present application, the electronic control end device number carried by the third authentication message is obtained; searching the second preset key corresponding to the equipment number of the electronic control terminal, and decrypting the third encrypted information by using the second preset key to obtain third information to be verified, wherein the third information to be verified comprises: the method comprises the steps that a domain controller equipment number to be verified and an electronic control terminal to be verified send a counter value; and when the to-be-verified domain controller equipment number is confirmed to be the same as the domain controller equipment number, and the to-be-verified electronic control terminal sending counter value is larger than the second receiving counter value, the verification result of the third authentication message is passed.
For example, in some embodiments of the present application, the second domain controller 120 may retrieve the second preset key K matching the device number of the third ECU121 through the device number of the third ECU121 carried in the third authentication message BC . Thereafter using K BC For Token CB And decrypting to obtain the device number of the domain controller to be verified and the counter value sent by the electronic control terminal to be verified. If the device number of the domain controller to be verified is ID B The electronic control terminal to be verified sends the counter value TN C =1>N B =0, the third authentication message can be confirmed to verify.
And S360, generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal so that the electronic control terminal can carry out identity authentication on the domain controller terminal when the verification result of the third authentication message is that the third authentication message passes.
For example, in some embodiments of the present application, the second domain controller 120 needs to generate and transmit a fourth authentication message Token after confirming that the third authentication message is transmitted by the third ECU121 BC To achieve identity authentication of the third ECU121 to the second domain controller 120.
In some embodiments of the present application, S360 may include: acquiring a second preset key, a key parameter, a fourth encryption identifier, a sending counter value of an electronic control terminal, a second sending counter value and an equipment number of the electronic control terminal; and encrypting the key parameter, the fourth encryption identifier, the electronic control terminal sending counter value, the second sending counter value and the electronic control terminal equipment number by using the second preset key to obtain the fourth authentication message.
For example, the number of the cells to be processed,in some embodiments of the present application, the second domain controller 120 obtains the second preset key K BC Key parameter K GB Fourth encryption identifier SID 2 2 The electronic control end sends the counter value TN C Second transmit counter value TN B Electronic control terminal device number ID C . Thereafter using K BC Encrypting other information to obtain a fourth authentication message:
Figure BDA0003912246610000151
in some embodiments of the present application, S360 may include: receiving a result of verification of the fourth authentication message sent by the electronic control terminal; and taking the key parameter as a second session key, wherein the key parameter is generated by the gateway, and the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
For example, in some embodiments of the present application, the third ECU121 needs to inform the second domain controller 120 after verifying the fourth authentication message, at which time the second domain controller 120 may use the key parameter as the second session key. Wherein the key parameter K GB Is an intra-group key randomly generated by gateway 100. Since the ECU does not have the capability of generating random numbers in the actual application scenario, the K generated by the gateway 100 can be used GB As the second session key, thereby ensuring forward security of generating the second session key.
The implementation of the generation of session keys performed by gateway 100 in fig. 2 provided in some embodiments of the present application is described below by way of example in conjunction with fig. 4.
Referring to fig. 4, fig. 4 is a flowchart of a method for generating a session key according to some embodiments of the present application, where the method includes:
s410, receiving a first authentication message sent by the domain controller, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number.
For example, in some embodiments of the present application, gateway 100 receives Token sent by second domain controller 120 BA To initiate identity authentication of the gateway 100 to the second domain controller 120. Wherein Token is BA The method provided by the above embodiments may be referred to specifically, and will not be described herein in detail.
And S420, generating a second authentication message and sending the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification, wherein the second authentication message is at least related to the domain controller equipment number and a second random number.
In some embodiments of the present application, S420 may include: acquiring the domain controller equipment number carried by the first authentication message; searching the first preset key corresponding to the domain controller equipment number, and decrypting the first encrypted information by using the first preset key to obtain first information to be verified, wherein the first information to be verified comprises: a gateway device number to be verified and a first transmit counter value to be verified; and when the to-be-verified gateway equipment number is confirmed to be the same as the gateway equipment number, and the to-be-verified first sending counter value is confirmed to be larger than the gateway receiving counter value, the first authentication message passes verification.
For example, in some embodiments of the present application, the gateway 100 may search for the first preset key K corresponding to the device number of the second domain controller 120 through the device number of the second domain controller 120 carried in the first authentication message AB Then utilize K AB Decrypting the first encrypted information to obtain the gateway equipment number ID to be verified A First transmit counter value TN to be verified B =1. By confirming the number of the gateway equipment to be verified as ID A The first transmit counter value TN to be verified B =1>Gateway receive counter value N A =0, then the first authentication message is confirmed to be verified. After passing the verification, N A The value of (2) is increased by 1, namely N A =1。
In some embodiments of the present application, S420 may include: generating the second random number and key parameters, and acquiring the domain controller equipment number, a first preset key, a second encryption identifier, a gateway transmission counter value and a first transmission counter value; and encrypting the second random number, the domain controller equipment number, the key parameter, the second encryption identifier, the gateway sending counter value and the first sending counter value by using the first preset key to obtain the second authentication message.
For example, in some embodiments of the present application, gateway 100 may generate second random number F using a random function B And K GB . Alternatively, gateway 100 may also randomly generate F using an internally-located cryptographic module B And K GB . Thereafter, a first preset key K set in the gateway 100 is acquired AB Second domain controller device number ID B Second encryption identifier SID 1 2 First transmit counter TN B And gateway transmit counter value TN A . By K AB Encrypting the information to obtain a second authentication message
Figure BDA0003912246610000171
S430, receiving the information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
For example, in some embodiments of the present application, the gateway 100 may confirm that authentication between the gateway 100 and the second domain controller 120 is completed when receiving the second authentication message sent by the second domain controller 120, and the gateway 100 may call the key derivation function to generate the first session key. For example, a first session key
Figure BDA0003912246610000172
In some embodiments of the present application, the method of generating a session key further comprises: and sending the key parameter to the domain controller, wherein the key parameter is used as a second session key for encrypting communication data generated by the domain controller and the electronic control terminal.
For example, in some embodiments of the present application, the key parameter K GB Is the intra-group key generated by gateway 100 for second domain controller 120. Since the ECU does not have the capability of generating random numbers in the actual application scenario, the K generated by the gateway 100 can be used GB As the second session key, thereby ensuring forward security of generating the second session key.
In other embodiments of the present application, the gateway 100 may not separately send the key parameter to the second domain controller 120. The second domain controller 120 may obtain the key parameter by decrypting the second authentication message. The present application is not specifically limited herein.
The implementation of the generation of the session key performed by the third ECU121 in fig. 2 provided in some embodiments of the present application is exemplarily described below with reference to fig. 5.
Referring to fig. 5, fig. 5 is a flowchart of a method for generating a session key according to some embodiments of the present application, where the method includes:
s510, a third authentication message is sent to the domain controller, wherein the third authentication message carries an electronic control end equipment number and third encryption information, and the third encryption information is at least related to the domain controller equipment number.
For example, in some embodiments of the present application, it may be appreciated that after the second domain controller 120 and the gateway 100 complete the authentication and key agreement, the third ECU121 may send a third authentication message to the second domain controller 120, starting the authentication between the third ECU121 and the second domain controller 120.
In some embodiments of the present application, S510 may include: acquiring the domain controller equipment number, a second preset key, a third encryption identifier and an electronic control terminal sending counter value; and encrypting the domain controller equipment number, the third encryption identifier and the electronic control terminal sending counter value by using the second preset key to generate the third encryption information.
For example, in some embodiments of the present application, the third ECU121 first acquires the device number ID of the own third ECU121 set in the interior C Second domain controller device number ID of second domain controller 120 B A second preset key K BC A third encrypted identifier SID 2 1 And the electronic control terminal sends a counter value tnc=1. By K BC Encrypting the information to obtain third encrypted information, and further obtaining a third authentication message:
Figure BDA0003912246610000181
as can be seen, token CB Carrying two parts of information, one part being encrypted
Figure BDA0003912246610000182
That is, the third encryption information, and the other part is the device number of the third ECU121 (as a specific example of the electronic control side device number). When the third ECU121 sends Token to the second domain controller 120 CB TN when C The value of (1) is 1, and the electronic control terminal receives the counter value N C =0. e is an encryption algorithm.
In other embodiments of the present application, the device number ID of the third ECU121 exists in the communication protocol in which the third ECU121 communicates with the second domain controller 120 C At this time, the ID may not be used C Added to Token CB In, i.e
Figure BDA0003912246610000183
Thereby the Token can be reduced CB And the occupied memory improves the transmission efficiency of the third authentication message.
And S520, receiving a fourth authentication message corresponding to the third authentication message and fed back by the domain controller, wherein the fourth authentication message is at least related to a key parameter.
For example, in some embodiments of the present application, the second domain controller 120 is verifying Token CB After that, the second authentication message T is fed back to the third ECU121oken BC To perform authentication of the identity of the second domain controller 120 by the third ECU 121. Wherein,,
Figure BDA0003912246610000191
the specific acquisition method can refer to the above embodiments, and is not described herein.
And S530, when the fourth authentication message is confirmed to pass verification, the key parameter is used as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
For example, in some embodiments of the present application, after verifying the fourth authentication message, the third ECU121 may determine that the identity authentication between the third ECU121 and the second domain controller 120 is passed, and may encrypt communication data between the two with the key parameter as the second session key.
In some embodiments of the present application, S530 may include: decrypting the fourth authentication message by using the second preset key to obtain fourth information to be verified, wherein the fourth information to be verified comprises: the device number of the electronic control terminal to be verified, the sending counter value of the electronic control terminal to be verified, the second sending counter value to be verified and the key parameter; and confirming that the equipment number of the electronic control end to be verified is the same as the equipment number of the electronic control end, the sending counter value of the electronic control end to be verified is the same as the sending counter value of the electronic control end, the second sending counter value to be verified is larger than the receiving counter value of the electronic control end, and the fourth authentication message passes verification.
For example, in some embodiments of the present application, the third ECU121 utilizes the second preset key K BC Decrypting the fourth authentication message to obtain the equipment number of the electronic control terminal to be verified, the sending counter value of the electronic control terminal to be verified, the second sending counter value to be verified and the key parameter K GB . If the equipment number of the electronic control terminal to be verified is ID C The electronic control terminal to be verified sends the counter value TN C =1 as in the third authentication message, the second burst to be verifiedSend counter value TN B =1>N C =0, the fourth authentication message can be confirmed to verify.
In some embodiments of the present application, after S530, the method of generating a session key further includes: and deriving the second session key through the signal matrix of the electronic control terminal to obtain at least one derived key corresponding to the signal matrix, wherein the at least one derived key is used for encrypting data corresponding to the signal matrix.
For example, in some embodiments of the present application, the ECU may receive a different signal ID (Identity document, identification) and store it in the signal matrix in actual use. That is, the signal matrix contains a plurality of different signal IDs (or message IDs), so that in order to realize encrypted transmission of data corresponding to the different signal IDs, derivative keys corresponding to the signal IDs can be obtained by deriving or dispersing key parameters, so that encrypted transmission of the data is realized, and communication safety is ensured. For example, a derivative key is used to encrypt data in a signal ID to facilitate encrypted transmission of the data.
The interaction process of generating session keys, which is performed by the gateway, the domain controller and the electronic control terminal according to some embodiments of the present application, is exemplarily described below with reference to fig. 6.
Referring to fig. 6, fig. 6 is a flowchart illustrating interactions performed by the gateway 100, the domain controller 200, and the electronic control terminal 300 to generate a session key according to some embodiments of the present application. It should be noted that, before the following interaction procedure is performed, the smart car is already provided with preset information in the above embodiment.
The above interaction is illustrated in the following by way of example when a smart car fires.
S610, the domain controller 200 sends Token to the gateway 100 BA Wherein Token is BA Is encrypted by a first preset key.
S620, gateway 100 according to Token BA The domain controller equipment number carried in the key pair is used for searching a corresponding first preset key and utilizing the first preset key to the Token BA The decryption is performed and the decryption is performed,obtaining the gateway equipment number to be verified and TN to be verified B
S621, the gateway 100 confirms the gateway device number to be verified and the TN to be verified B Token then BA And passing the verification.
S622, gateway 100 sends Token to domain controller 200 AB Wherein Token is AB Is encrypted by a first preset key.
S630, the domain controller 200 uses the first preset key pair Token AB Decrypting to obtain the device number of the domain controller to be verified and the TN to be verified B And TN to be verified A
S631, the domain controller 200 verifies the domain controller device number to be verified, TN to be verified B And TN to be verified A And passing the verification.
S640, the gateway 100 and the domain controller 200 generate a first session key K.
S650, the electronic control terminal 300 sends Token to the domain controller 200 CB Wherein Token is CB Is encrypted by a second preset key.
S660, domain controller 200 according to Token CB The electronic control terminal equipment number carried in the key pair retrieves a corresponding second preset key, and the second preset key pair Token is utilized CB Decrypting to obtain the device number of the domain controller to be verified and the TN to be verified C
S661, the domain controller 200 verifies the domain controller device number to be verified and the TN to be verified C And passing the verification.
S662, the domain controller 200 sends Token to the electronic control terminal 300 BC Wherein Token is BC Is encrypted by a second preset key.
S670, the electronic control terminal 300 uses the second preset key pair Token BC Decrypting to obtain the equipment number of the electronic control terminal to be verified and the TN to be verified C And TN to be verified B And key parameter K GB
S680, the electronic control terminal 300 verifies the device number of the electronic control terminal to be verified and TN to be verified C And TN to be verified B And passing the verification.
S690, the electronic control terminal 300 and the domain controller 200 will K GB As a second session key.
The embodiment is a specific process of identity authentication and session key negotiation in the intelligent automobile when the intelligent automobile is ignited. The generated session key may be used for subsequent encrypted communications and verification of message integrity. If the authentication between the gateway 100 and the domain controller 200 or between the domain controller 200 and the gateway 100 is not passed, the session key cannot be generated correctly, and further, the subsequent encrypted communication cannot be performed.
It should be noted that, the specific implementation process involved in each step in fig. 6 may refer to the method embodiments provided in fig. 3, fig. 4 and fig. 5, and are not repeated here for avoiding repetition.
Further, in the above-provided embodiment, if the verification result of one verification link is not passed in a certain verification link, the communication network system of the intelligent automobile is likely to receive the third party attack, and at this time, the alarm information may be sent to the related personnel, or the identity authentication and key negotiation may be terminated and the related personnel may be notified.
As can be seen from the above embodiments of the present application, the embodiments of the present application implement one-to-many (the gateway and the domain controller may be one-to-many, and the domain controller and the electronic control terminal may be one-to-many) identity authentication by using the gateway as the center, and reduce the communication burden compared with the authentication between the conventional two-to-two ECUs (i.e., the electronic control terminal). The random number generation capability of the gateway is utilized in the authentication and negotiation process, the capability of the domain controller and the intra-domain ECU is not strongly assumed, and the method is more in line with the actual situation. The embodiment of the application realizes identity authentication by using the symmetric encryption algorithm, and compared with a digital signature mode, the method reduces the calculation burden and the storage burden of the ECU. And the authentication mode divided into layers (one layer is a gateway and a domain controller, and the other layer is a domain controller and an electronic control terminal) is adopted, so that the identity authentication of the ECU of the complex heterogeneous network in the vehicle is easy to realize. The embodiment adopts random numbers to generate the session key, thereby ensuring the forward security. The identity authentication and the key negotiation in the scheme are applicable to heterogeneous networks in the vehicle, and are not only aimed at CAN networks. Session key negotiations within the same functional domain generate an intra-group key (as an example of a key parameter) that reduces the storage burden of the ECU. If different keys are required to be generated according to different message types, the key derivation or dispersion can be carried out by using the key in the group in the ECU, so that the communication times in the key negotiation process can be reduced. While using a counter to prevent replay attacks in the execution environment.
In addition, some embodiments of the application consider that most ECUs have no random number generation capability in the cryptology sense, and the storage burden of the ECUs is effectively reduced by using a gateway-centric authentication mode with stronger resources to distribute random numbers (as an example of key parameters) or group internal keys to the lower domain controllers and the intra-domain ECUs. If the key is to be expanded according to the message type, the communication times among the ECUs are not required to be increased, and the key is derived internally according to the group key and the message ID stored in the ECU.
Referring to fig. 7, fig. 7 illustrates a block diagram of the domain controller provided by some embodiments of the present application. It should be understood that the domain controller corresponds to the above-described method embodiment of fig. 3, and is capable of performing the steps involved in the above-described method embodiment, and specific functions of the domain controller may be referred to the above description, and detailed descriptions thereof are omitted herein as appropriate to avoid redundancy.
The domain controller of fig. 7 includes at least one software functional module that can be stored in a memory in the form of software or firmware or cured in the domain controller, the domain controller comprising: a first sending module 710, configured to send a first authentication message to the gateway, where the first authentication message carries a domain controller device number and first encryption information, where the first encryption information is related to at least a first random number; a first receiving module 720, configured to receive a second authentication message corresponding to the first authentication message, where the second authentication message is at least related to the domain controller device number and a second random number; a first generation module 730, configured to generate a first session key according to the second authentication message, where the first session key is related to the first random number and the second random number, and the first session key is used to encrypt communication data generated by the domain controller and the gateway.
Referring to fig. 8, fig. 8 illustrates a block diagram of a gateway provided by some embodiments of the present application. It should be understood that the gateway corresponds to the method embodiment of fig. 4 and is capable of performing the steps involved in the method embodiment, and the specific function of the gateway may be referred to in the foregoing description, and detailed description is omitted herein for avoiding repetition.
The gateway of fig. 8 includes at least one software functional module that can be stored in memory in the form of software or firmware or cured in the gateway, the gateway comprising: a second receiving module 810, configured to receive a first authentication message sent by the domain controller, where the first authentication message carries a domain controller device number and first encryption information, and the first encryption information is at least related to a first random number; a second generation module 820, configured to generate a second authentication message and send the second authentication message to the domain controller if the first authentication message is confirmed to pass verification, where the second authentication message is related to at least the domain controller device number and a second random number; and a third receiving module 830, configured to receive the verified information of the second authentication message sent by the domain controller, and generate a first session key, where the first session key is related to the first random number and the second random number, and the first session key is used to encrypt communication data generated by the domain controller and the gateway.
Referring to fig. 9, fig. 9 is a block diagram illustrating an electronic control terminal according to some embodiments of the present application. It should be understood that the electronic control unit corresponds to the above embodiment of the method of fig. 5, and is capable of executing the steps involved in the above embodiment of the method, and specific functions of the electronic control unit may be referred to in the above description, and detailed descriptions thereof are omitted herein as appropriate to avoid redundancy.
The electronic control terminal of fig. 9 includes at least one software functional module that can be stored in a memory in the form of software or firmware or solidified in the electronic control terminal, and includes: a second sending module 910, configured to send a third authentication message to the domain controller, where the third authentication message carries an electronic control end device number and third encryption information, and the third encryption information is at least related to the domain controller device number; a fourth receiving module 920, configured to receive a fourth authentication message corresponding to the third authentication message, where the fourth authentication message is at least related to a key parameter; and an obtaining module 930, configured to take the key parameter as a second session key when the fourth authentication message passes verification, where the second session key is used to encrypt communication data generated by the domain controller and the electronic control terminal.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working processes of the domain controller, gateway and electronic control terminal described above may refer to corresponding processes in the foregoing method, and will not be described in detail herein.
Some embodiments of the present application also provide a computer readable storage medium having stored thereon a computer program, which when executed by a processor, may implement operations of the method corresponding to any of the above-described methods provided by the above-described embodiments.
Some embodiments of the present application further provide a computer program product, where the computer program product includes a computer program, where the computer program when executed by a processor may implement operations of a method corresponding to any of the foregoing methods provided by the foregoing embodiments.
As shown in fig. 10, some embodiments of the present application provide an electronic device 1000, the electronic device 1000 comprising: memory 1010, processor 1020, and a computer program stored on memory 1010 and executable on processor 1020, wherein processor 1020 reads the program from memory 1010 via bus 1030 and executes the program to implement the method of any of the embodiments described above.
The processor 1020 may process digital signals and may include various computing structures. Such as a complex instruction set computer architecture, a reduced instruction set computer architecture, or an architecture that implements a combination of instruction sets. In some examples, the processor 1020 may be a microprocessor.
Memory 1010 may be used for storing instructions to be executed by processor 1020 or data related to execution of the instructions. Such instructions and/or data may include code to implement some or all of the functions of one or more modules described in embodiments of the present application. The processor 1020 of the disclosed embodiments may be configured to execute instructions in the memory 1010 to implement the methods shown above. Memory 1010 includes dynamic random access memory, static random access memory, flash memory, optical memory, or other memory known to those skilled in the art.
The foregoing is merely exemplary embodiments of the present application and is not intended to limit the scope of the present application, and various modifications and variations may be suggested to one skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Claims (23)

1. A method of generating a session key for use in a domain controller in a communication network system, the communication network system further comprising: the method comprises the steps of:
sending a first authentication message to the gateway, wherein the first authentication message carries a domain controller device number and first encryption information, and the first encryption information is at least related to a first random number;
receiving a second authentication message corresponding to the first authentication message and fed back by the gateway, wherein the second authentication message is at least related to the domain controller equipment number and a second random number;
and generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
2. The method of claim 1, wherein prior to the sending the first authentication message to the gateway, the method further comprises:
generating the first random number, and acquiring a gateway equipment number, a first preset key, a first encryption identifier and a first transmission counter value;
And encrypting the gateway equipment number, the first random number, the first encryption identifier and the first transmission counter value by using the first preset key to generate the first encryption information.
3. The method of claim 2, wherein the generating the first session key from the second authentication message comprises:
decrypting the second authentication message by using the first preset key to obtain second information to be verified, wherein the second information to be verified comprises: the method comprises the steps of verifying a domain controller equipment number to be verified, a first sending counter value to be verified and a gateway sending counter value to be verified;
and if the second information to be verified meets the preset condition, generating the first session key.
4. The method of claim 3, wherein the confirming that the second information to be verified meets a preset condition comprises:
and confirming that the domain controller equipment number to be verified is the same as the domain controller equipment number, confirming that the first sending counter value to be verified is the same as the first sending counter value, and confirming that the second information to be verified meets the preset condition when the gateway sending counter value to be verified is larger than the first receiving counter value.
5. The method of claim 3 or 4, wherein prior to the generating the first session key, the method further comprises:
and sending verification passing information corresponding to the second information to be verified meeting preset conditions to the gateway and the electronic control terminal, so that the gateway generates the first session key, and the electronic control terminal can conveniently execute authentication operation with the domain controller.
6. The method of claim 5, wherein after the generating the first session key, the method further comprises:
receiving a third authentication message sent by the electronic control terminal, wherein the third authentication message carries an equipment number of the electronic control terminal and third encryption information, and the third encryption information is at least related to the equipment number of the domain controller;
verifying the third authentication message to obtain a verification result;
and generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal under the condition that the verification result of the third authentication message is passed, so that the electronic control terminal can conveniently carry out identity authentication on the domain controller terminal.
7. The method of claim 6, wherein the generating a fourth authentication message comprises:
Acquiring a second preset key, a key parameter, a fourth encryption identifier, a sending counter value of an electronic control terminal, a second sending counter value and an equipment number of the electronic control terminal;
and encrypting the key parameter, the fourth encryption identifier, the electronic control terminal sending counter value, the second sending counter value and the electronic control terminal equipment number by using the second preset key to obtain the fourth authentication message.
8. The method of claim 7, wherein after said sending a fourth authentication message to said electronic control terminal, said method further comprises:
receiving a result of verification of the fourth authentication message sent by the electronic control terminal;
and taking the key parameter as a second session key, wherein the key parameter is generated by the gateway, and the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
9. The method according to claim 7 or 8, wherein verifying the third authentication message, and obtaining a verification result, includes:
acquiring the equipment number of the electronic control terminal carried by the third authentication message;
Searching the second preset key corresponding to the equipment number of the electronic control terminal, and decrypting the third encrypted information by using the second preset key to obtain third information to be verified, wherein the third information to be verified comprises: the method comprises the steps that a domain controller equipment number to be verified and an electronic control terminal to be verified send a counter value;
and when the to-be-verified domain controller equipment number is confirmed to be the same as the domain controller equipment number, and the to-be-verified electronic control terminal sending counter value is larger than the second receiving counter value, the verification result of the third authentication message is passed.
10. A method of generating an in-vehicle session key, for use with a gateway in a communication network system, the communication network system further comprising: the method comprises the steps of:
receiving a first authentication message sent by the domain controller, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number;
generating a second authentication message and sending the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification, wherein the second authentication message is at least related to the domain controller equipment number and a second random number;
And receiving the information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
11. The method of claim 10, wherein the generating the second authentication message comprises:
generating the second random number and key parameters, and acquiring the domain controller equipment number, a first preset key, a second encryption identifier, a gateway transmission counter value and a first transmission counter value;
and encrypting the second random number, the domain controller equipment number, the key parameter, the second encryption identifier, the gateway sending counter value and the first sending counter value by using the first preset key to obtain the second authentication message.
12. The method of claim 11, wherein the validating the first authentication message is verified, comprising:
acquiring the domain controller equipment number carried by the first authentication message;
Searching the first preset key corresponding to the domain controller equipment number, and decrypting the first encrypted information by using the first preset key to obtain first information to be verified, wherein the first information to be verified comprises: a gateway device number to be verified and a first transmit counter value to be verified;
and when the to-be-verified gateway equipment number is confirmed to be the same as the gateway equipment number, and the to-be-verified first sending counter value is confirmed to be larger than the gateway receiving counter value, the first authentication message passes verification.
13. The method of claim 11 or 12, wherein the method further comprises:
and sending the key parameter to the domain controller, wherein the key parameter is used as a second session key for encrypting communication data generated by the domain controller and the electronic control terminal.
14. A method for generating an in-vehicle session key, the method being applied to an electronic control terminal in a communication network system, the communication network system further comprising: a gateway and a domain controller, the method comprising:
sending a third authentication message to the domain controller, wherein the third authentication message carries an electronic control end equipment number and third encryption information, and the third encryption information is at least related to the domain controller equipment number;
Receiving a fourth authentication message corresponding to the third authentication message fed back by the domain controller, wherein the fourth authentication message is at least related to a key parameter;
and when the fourth authentication message is confirmed to pass the verification, the key parameter is used as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
15. The method of claim 14, wherein prior to the sending the third authentication message to the domain controller, the method further comprises:
acquiring the domain controller equipment number, a second preset key, a third encryption identifier and an electronic control terminal sending counter value;
and encrypting the domain controller equipment number, the third encryption identifier and the electronic control terminal sending counter value by using the second preset key to generate the third encryption information.
16. The method of claim 15, wherein said validating the fourth authentication message is verified, comprising:
decrypting the fourth authentication message by using the second preset key to obtain fourth information to be verified, wherein the fourth information to be verified comprises: the device number of the electronic control terminal to be verified, the sending counter value of the electronic control terminal to be verified, the second sending counter value to be verified and the key parameter;
And confirming that the equipment number of the electronic control end to be verified is the same as the equipment number of the electronic control end, the sending counter value of the electronic control end to be verified is the same as the sending counter value of the electronic control end, the second sending counter value to be verified is larger than the receiving counter value of the electronic control end, and the fourth authentication message passes verification.
17. The method of claim 16, wherein after said taking the key parameter as a second session key, the method further comprises:
and deriving the second session key through the signal matrix of the electronic control terminal to obtain at least one derived key corresponding to the signal matrix, wherein the at least one derived key is used for encrypting data corresponding to the signal matrix.
18. A communication network system, comprising:
a gateway, configured to receive a first authentication message sent by a domain controller; generating a second authentication message and transmitting the second authentication message to the domain controller under the condition that the first authentication message is confirmed to pass verification; receiving the information that the second authentication message sent by the domain controller passes verification, and generating a first session key, wherein the first session key is related to a first random number and a second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway;
The domain controller is configured to send a first authentication message to the gateway; receiving the second authentication message fed back by the gateway; generating a first session key according to the second authentication message;
the domain controller is further configured to receive a third authentication message sent by the electronic control terminal; verifying the third authentication message to obtain a verification result; generating a fourth authentication message and sending the fourth authentication message to the electronic control terminal under the condition that the verification result of the third authentication message is passed, so that the electronic control terminal can conveniently carry out identity authentication on the domain controller terminal;
the electronic control terminal is used for sending a third authentication message to the domain controller; receiving the fourth authentication message fed back by the domain controller; and when the fourth authentication message passes verification, taking a key parameter in the fourth authentication message as a second session key, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
19. A domain controller, comprising:
a first sending module, configured to send a first authentication message to a gateway, where the first authentication message carries a domain controller device number and first encryption information, where the first encryption information is at least related to a first random number;
The first receiving module is used for receiving a second authentication message corresponding to the first authentication message and fed back by the gateway, wherein the second authentication message is at least related to the domain controller equipment number and a second random number;
and the first generation module is used for generating a first session key according to the second authentication message, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
20. A gateway, comprising:
the second receiving module is used for receiving a first authentication message sent by the domain controller, wherein the first authentication message carries a domain controller equipment number and first encryption information, and the first encryption information is at least related to a first random number;
a second generation module, configured to generate a second authentication message and send the second authentication message to the domain controller if the first authentication message is confirmed to pass verification, where the second authentication message is related to at least the domain controller device number and a second random number;
and the third receiving module is used for receiving the verified information of the second authentication message sent by the domain controller and generating a first session key, wherein the first session key is related to the first random number and the second random number, and the first session key is used for encrypting communication data generated by the domain controller and the gateway.
21. An electronic control terminal, comprising:
the second sending module is used for sending a third authentication message to the domain controller, wherein the third authentication message carries an electronic control end equipment number and third encryption information, and the third encryption information is at least related to the domain controller equipment number;
a fourth receiving module, configured to receive a fourth authentication message corresponding to the third authentication message, where the fourth authentication message is fed back by the domain controller, and the fourth authentication message is at least related to a key parameter;
and the acquisition module is used for taking the key parameter as a second session key when the fourth authentication message passes verification, wherein the second session key is used for encrypting communication data generated by the domain controller and the electronic control terminal.
22. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program, wherein the computer program when run by a processor performs the method according to any of claims 1-17.
23. An electronic device comprising a memory, a processor, and a computer program stored on the memory and running on the processor, wherein the computer program when run by the processor performs the method of any one of claims 1-17.
CN202211326376.2A 2022-10-27 2022-10-27 Method for generating session key, communication network system, storage medium and electronic device Pending CN116055033A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211326376.2A CN116055033A (en) 2022-10-27 2022-10-27 Method for generating session key, communication network system, storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211326376.2A CN116055033A (en) 2022-10-27 2022-10-27 Method for generating session key, communication network system, storage medium and electronic device

Publications (1)

Publication Number Publication Date
CN116055033A true CN116055033A (en) 2023-05-02

Family

ID=86130113

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211326376.2A Pending CN116055033A (en) 2022-10-27 2022-10-27 Method for generating session key, communication network system, storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN116055033A (en)

Similar Documents

Publication Publication Date Title
Shahidinejad et al. Light-edge: A lightweight authentication protocol for IoT devices in an edge-cloud environment
CN109600350B (en) System and method for secure communication between controllers in a vehicle network
CN110336774B (en) Mixed encryption and decryption method, equipment and system
Woo et al. Can id shuffling technique (cist): Moving target defense strategy for protecting in-vehicle can
Wang et al. NOTSA: Novel OBU with three-level security architecture for internet of vehicles
US9641340B2 (en) Certificateless multi-proxy signature method and apparatus
WO2022021193A1 (en) Key negotiation method and apparatus
Mueller et al. Plug-and-secure communication for CAN
CN112448941B (en) Authentication system and method for authenticating a microcontroller
CN113079132B (en) Mass Internet of things equipment authentication method, storage medium and information data processing terminal
CN112636923B (en) Engineering machinery CAN equipment identity authentication method and system
EP3808025A1 (en) Decentralised authentication
Carvajal-Roca et al. A semi-centralized dynamic key management framework for in-vehicle networks
CN113901432A (en) Block chain identity authentication method, equipment, storage medium and computer program product
US11240661B2 (en) Secure simultaneous authentication of equals anti-clogging mechanism
Sun et al. ECQV-GDH-Based Group Key Exchange Protocol for CAN Bus
Cui et al. A Multilevel Electronic Control Unit Re-Encryption Scheme for Autonomous Vehicles
CN112995140B (en) Safety management system and method
CN112055071B (en) Industrial control safety communication system and method based on 5G
CN112468983B (en) Low-power-consumption access authentication method for intelligent equipment of power internet of things and auxiliary device thereof
CN116055033A (en) Method for generating session key, communication network system, storage medium and electronic device
CN112104701B (en) Method, device, network node and storage medium for cross-link communication
Shannon et al. Blockchain based distributed key provisioning and secure communication over CAN FD
CN116033415A (en) Reference station data transmission method and device, reference station, server and medium
EP3200388B1 (en) User permission check system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination