CN116192416A - Vehicle identity verification method, device, equipment and storage medium - Google Patents

Vehicle identity verification method, device, equipment and storage medium Download PDF

Info

Publication number
CN116192416A
CN116192416A CN202211065606.4A CN202211065606A CN116192416A CN 116192416 A CN116192416 A CN 116192416A CN 202211065606 A CN202211065606 A CN 202211065606A CN 116192416 A CN116192416 A CN 116192416A
Authority
CN
China
Prior art keywords
evin
certificate
vin
target vehicle
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211065606.4A
Other languages
Chinese (zh)
Inventor
孙宁
陈瀚
谢勃毅
辛克铎
吴志明
杨广渊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guoqi Beijing Intelligent Network Association Automotive Research Institute Co ltd
Beijing Chewang Technology Development Co ltd
Original Assignee
Guoqi Beijing Intelligent Network Association Automotive Research Institute Co ltd
Beijing Chewang Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guoqi Beijing Intelligent Network Association Automotive Research Institute Co ltd, Beijing Chewang Technology Development Co ltd filed Critical Guoqi Beijing Intelligent Network Association Automotive Research Institute Co ltd
Priority to CN202211065606.4A priority Critical patent/CN116192416A/en
Publication of CN116192416A publication Critical patent/CN116192416A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Abstract

The embodiment of the application discloses a vehicle identity verification method, device, equipment and storage medium. The method comprises the following steps: receiving a verification request sent by a target vehicle through an electronic vehicle identification (eVIN) application end and an eVIN service end, wherein the verification request comprises an eVIN certificate of the target vehicle, first verification data and a signature value, the eVIN certificate is generated by the eVIN issuing end according to an eVIN code of the target vehicle, the eVIN is generated by the eVIN issuing end according to a vehicle identification VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by adopting a private key corresponding to the eVIN certificate for the target vehicle; and decrypting the signature value according to the public key of the eVIN certificate to obtain second verification data, and comparing the first verification data with the second verification data to obtain an identity verification result of the target vehicle. According to the method and the device, the eVIN certificate is used for replacing VIN, so that the identity of the vehicle is identified on line on the premise that the privacy information of the vehicle is not revealed, and the safety of the identity information of the vehicle is improved.

Description

Vehicle identity verification method, device, equipment and storage medium
Technical Field
The application belongs to the technical field of internet of vehicles, and particularly relates to a vehicle identity verification method, device, equipment and storage medium.
Background
Along with the development of communication technology, the internet of vehicles is built more and more intelligently, and is a huge interaction network composed of information such as vehicle identity, position, speed and route, and confidentiality, authenticity, integrity and non-repudiation of data communication in the internet of vehicles need to be ensured.
Currently, an identity authentication mechanism of a vehicle in a vehicle network generally uses a vehicle identification code (Vehicle Identification Number) VIN code of the vehicle as vehicle identity information, and the VIN code is associated with vehicle classification attribute information to complete data communication in the vehicle network.
The VIN code needs to be transmitted in the VIN code-based identity authentication mechanism, and VIN is easy to intercept in the transmission process, so that data leakage of vehicles is caused, and the safety is poor.
Disclosure of Invention
The embodiment of the application provides a vehicle identity verification method, device, equipment and storage medium, which can improve the safety of vehicle identity information.
In a first aspect, an embodiment of the present application provides a vehicle identity verification method applied to an electronic vehicle identification (Electric Vehicle Identification Number) vin signing end, the method including:
Receiving a verification request sent by a target vehicle through an eVIN application end and an eVIN server end, wherein the verification request comprises an eVIN certificate of the target vehicle, first verification data and a signature value, the eVIN certificate is generated by an eVIN issuing end according to a vehicle identification eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by using a private key corresponding to the eVIN certificate for the target vehicle;
decrypting the signature value by adopting the public key in the eVIN certificate to obtain second verification data;
and comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
In one possible implementation, the verification request further includes a target vehicle encrypted VIN code, and the VIN certificate includes the VIN code; the method further comprises the steps of:
and when the first verification result is verification passing, comparing the corresponding relation between the eVIN codes and the VIN codes with the target corresponding relation between the eVIN codes of the target automobile to obtain a second identity verification result of the target automobile.
In one possible implementation, the VIN certificate includes an VIN code, the VIN code is generated by an VIN issuing end according to the VIN code and the first random number, and the method further includes:
According to the corresponding relation between the eVIN codes and the VIN codes, determining the VIN codes corresponding to the eVIN codes;
generating an identity information index value according to the VIN code;
and sending the identity information index value to the eVIN application end so as to be used for determining the client class of the target vehicle according to the identity information index value by the eVIN application end.
In one possible implementation, the identity information index value includes an identification of an application program in the VIN application terminal, a VIN code, and a second random number for encrypting the identification of the target application program, the VIN code.
In one possible implementation manner, before receiving the verification request sent by the target vehicle through the vin application terminal and the vin server terminal, the method further includes:
receiving an eVIN application request sent by an eVIN registration issuing end, wherein the eVIN application request is generated according to the digital identity application request and the VIN code of a target vehicle under the condition that the eVIN registration issuing end receives the digital identity application request sent by the target vehicle, and the eVIN application request comprises the VIN code;
generating an eVIN code according to the VIN code and the first random number;
generating an eVIN certificate according to the eVIN code, wherein the eVIN certificate comprises the eVIN code;
and transmitting the eVIN certificate to the target vehicle through the eVIN registration issuing end.
In one possible implementation, the method further includes:
And generating a target corresponding relation between the VIN code and the eVIN code.
In a second aspect, an embodiment of the present application provides a vehicle identity verification method, applied to a target vehicle, including:
encrypting the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value;
generating a verification request according to the eVIN certificate, the first verification information and the signature value, wherein the verification request comprises the eVIN certificate of the target vehicle, the first verification data and the signature value, the eVIN certificate is generated by an eVIN issuing end according to the eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle;
and sending a verification request to the eVIN issuing end through the eVIN application end and the eVIN service end so as to be used for decrypting the signature value by the eVIN issuing end by adopting a public key in an eVIN certificate to obtain second verification data, and comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
In one possible implementation, before generating the verification request according to the vin certificate, the first verification information, and the signature value, the method further includes:
and receiving the eVIN certificate sent by the eVIN signing and issuing end through the eVIN registration and issuing end.
In a third aspect, an embodiment of the present application provides a vehicle identity verification system, including:
The target vehicle is used for encrypting the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value; the method comprises the steps that a target vehicle is provided with a first verification information and a signature value, and the first verification information is used for generating a verification request according to the first verification information and the signature value; the method is also used for sending a verification request to an eVIN issuing end through an eVIN application end and an eVIN service end;
the eVIN issuing end is used for receiving the verification request; the method is also used for decrypting the signature value by adopting the public key in the eVIN certificate to obtain second verification data; and the first authentication data and the second authentication data are compared to obtain a first identity authentication result of the target vehicle.
In one possible implementation, the system further includes an vin registration issuer; the target vehicle is also used for sending a digital identity application request to the eVIN registration issuing end;
the eVIN registration issuing end is used for receiving a digital identity application request sent by the target vehicle; the method also comprises the steps of generating an eVIN application request according to the digital identity application and the VIN code of the target vehicle, wherein the eVIN application request comprises the VIN code; the method is also used for sending an eVIN application request to an eVIN issuing end;
The eVIN issuing end is further used for receiving an eVIN application request and generating an eVIN code according to the VIN code and the first random number; the method also comprises generating an eVIN certificate according to the eVIN code, wherein the eVIN certificate comprises the eVIN code; the method is also used for sending the eVIN certificate to the target vehicle through the eVIN registration issuing end;
the target vehicle is also configured to receive an eVIN certificate.
In a fourth aspect, an embodiment of the present application provides a vehicle identity verification device, applied to an vin signing end, the device includes:
the receiving module is used for receiving a verification request sent by the target vehicle through the eVIN application end and the eVIN server end, wherein the verification request comprises an eVIN certificate of the target vehicle, first verification data and a signature value, the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by adopting a private key corresponding to the eVIN certificate for the target vehicle;
the decryption module is used for decrypting the signature value by adopting the public key in the eVIN certificate to obtain second verification data;
and the comparison module is used for comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
In a fifth aspect, an embodiment of the present application provides a vehicle identity verification apparatus, applied to a target vehicle, where the apparatus includes:
The encryption module is used for encrypting the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value;
the generation module is used for generating a verification request according to the eVIN certificate, the first verification information and the signature value, wherein the verification request comprises the eVIN certificate of the target vehicle, the first verification data and the signature value, the eVIN certificate is generated by an eVIN issuing end according to the eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle;
the transmission module is used for transmitting a verification request to the eVIN issuing end through the eVIN application end and the eVIN service end, so that the eVIN issuing end can decrypt the signature value by adopting the public key in the eVIN certificate to obtain second verification data, and the first verification data and the second verification data are compared to obtain a first identity verification result of the target vehicle.
In a sixth aspect, embodiments of the present application provide an electronic device, including: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements the method as in the first aspect, any possible implementation manner of the first aspect, the second aspect, or any possible implementation manner of the second aspect.
In a seventh aspect, embodiments of the present application provide a computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement a method as in the first aspect, any possible implementation manner of the first aspect, the second aspect, or any possible implementation manner of the second aspect.
In an eighth aspect, embodiments of the present application provide a computer program product, the instructions in which, when executed by a processor of an electronic device, cause the electronic device to perform a method as in the first aspect, any possible implementation manner of the first aspect, the second aspect, or any possible implementation manner of the second aspect.
When the identity of the target vehicle needs to be verified, the eVIN issuing end receives a verification request sent by the target vehicle through the eVIN application end and the eVIN server end, wherein the verification request comprises an eVIN certificate, first verification data and a signature value of the target vehicle; then, the eVIN issuing end decrypts the signature value by adopting a public key in an eVIN certificate to obtain second verification data; finally, the eVIN issuing end compares the first verification data with the second verification data to obtain a first identity verification result of the target vehicle; the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle, and the eVIN certificate is transmitted in the authentication process to replace the VIN code which directly transmits the identity information of the vehicle, so that the VIN code is prevented from being intercepted, the identity of the vehicle is identified on line on the premise of not revealing the privacy information of the vehicle, and the safety of the identity information of the vehicle is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
Fig. 1 is a schematic diagram of a vehicle authentication system according to an embodiment of the present application;
FIG. 2 is a schematic diagram of another vehicle authentication system provided in an embodiment of the present application;
fig. 3 is a schematic flow chart of a vehicle identity verification method provided in the embodiment of the present application;
FIG. 4 is a schematic flow chart of another vehicle authentication method according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a vehicle identity authentication device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a vehicle identity authentication device according to an embodiment of the present application;
fig. 7 is a schematic hardware structure of an electronic device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application are described in detail below to make the objects, technical solutions and advantages of the present application more apparent, and to further describe the present application in conjunction with the accompanying drawings and the detailed embodiments. It should be understood that the specific embodiments described herein are merely configured to explain the present application and are not configured to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by showing examples of the present application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
Along with the development of communication technology, the internet of vehicles is built more and more intelligently, and is a huge interaction network composed of information such as vehicle identity, position, speed and route, and confidentiality, authenticity, integrity and non-repudiation of data communication in the internet of vehicles need to be ensured. Currently, an identity authentication mechanism of a vehicle in a vehicle network generally takes a vehicle VIN code as vehicle identity information, and the VIN code is associated with vehicle classification attribute information to complete data communication in the vehicle network. The VIN code needs to be transmitted in the VIN code-based identity authentication mechanism, and VIN is easy to intercept in the transmission process, so that data leakage of vehicles is caused, and the safety is poor.
When the identity of the target vehicle needs to be verified, the eVIN issuing end receives a verification request sent by the target vehicle through the eVIN application end and the eVIN server end, wherein the verification request comprises an eVIN certificate, first verification data and a signature value of the target vehicle; then, the eVIN issuing end decrypts the signature value by adopting a public key in an eVIN certificate to obtain second verification data; finally, the eVIN issuing end compares the first verification data with the second verification data to obtain a first identity verification result of the target vehicle; the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, and is transmitted in the authentication process to replace the VIN code which directly transmits the vehicle identity information, so that the VIN code is prevented from being intercepted, the identity of the vehicle is identified on line on the premise of not revealing the vehicle privacy information, and the safety of the vehicle identity information is improved.
For ease of understanding, the terms designed for the embodiments of this application are explained first.
The VIN code refers to a vehicle identification code, namely an identity card number of an automobile, and is determined according to national vehicle management standards and comprises information such as a manufacturer, a year, a vehicle type, a vehicle body type, a code, an engine code, an assembly site and the like of the vehicle.
The eVIN is based on the cryptographic technology and is issued to the electronic identity of the vehicle.
An eVIN issuing end is responsible for issuing terminals of an eVIN mechanism to the internet-connected automobile; mainly refers to the terminals of the authoritative VIN code management institutions.
The eVIN registration issuing end is responsible for checking the identity of the internet-connected automobile, and issuing an eVIN certificate to the internet-connected automobile after the authentication is passed; mainly referring to the terminals of the original equipment manufacturer (Original Equipment Manufacturer, OME) train rabbet.
The eVIN application end refers to a terminal of an organization for providing various applications of eVIN, such as charging pile application, ETC charging and the like.
The eVIN server is connected with the eVIN issuing end and provides vehicle identity verification service for each eVIN application end.
Asymmetric key algorithm: comprising two keys: public and private keys. The public key and the private key are a pair, and if the public key is used for encrypting the data, the data can be decrypted only by the corresponding private key; if the data is encrypted with a private key, it can only be decrypted with the corresponding public key.
Digital signature: the data is encrypted using the private key of the asymmetric key algorithm.
Digital certificate: a trusted digitized document digitally signed by a third party certificate authority having authority, trustworthiness and fairness is approved by the country. The content of the digital certificate includes: certificate serial number, certificate holder name, certificate issuer name, certificate validity period, public key, digital signature of the certificate issuer.
eVIN certificate: the certificate holder name is set to a digital certificate of the eVIN.
As shown in fig. 1, the system 100 may include a target vehicle, an vin application terminal, an vin server terminal, and an vin issuing terminal. The target vehicle stores an eVIN certificate representing own identity information, the eVIN certificate is generated by an eVIN issuing end according to an eVIN code of the target vehicle, when the identity of the target vehicle needs to be verified, the target vehicle encrypts first verification information by adopting a private key corresponding to the prestored eVIN certificate to obtain a signature value, a verification request is generated according to the eVIN certificate, the first verification information and the signature value, the verification request is sent to an eVIN application end, after the verification request is received by the eVIN application end, the verification request is sent to an eVIN server end, after the verification request is received by the eVIN server end, the verification request is sent to the eVIN issuing end, the signature value is decrypted by adopting a public key in the eVIN certificate to obtain second verification data, and the first identity verification result of the target vehicle is obtained by comparing the first verification data with the second verification data.
In the vehicle identity verification system provided by the embodiment of the application, the eVIN certificate is generated by the eVIN issuing end according to the vehicle identification VIN code of the target vehicle, and the eVIN certificate is transmitted in the identity verification process to replace the VIN code which directly transmits the vehicle identity information, so that the VIN code is prevented from being intercepted, and the safety of the vehicle identity information is improved.
In some embodiments, the vehicle authentication system 100 may further include an eVIN registration issuer that stores the VIN code of the target vehicle; the target vehicle sends a digital identity application request to the eVIN registration issuing party; the method comprises the steps that an eVIN registration issuing end receives a digital identity application request, generates an eVIN application request according to the digital identity application request and a VIN code of a target vehicle, wherein the eVIN application request comprises the VIN code, and sends the eVIN application request to the eVIN issuing end; after receiving an eVIN application request, an eVIN issuing end generates an eVIN code according to the VIN code and the first random number, then generates an eVIN certificate according to the eVIN code, wherein the eVIN certificate comprises the eVIN code, and then sends the eVIN certificate to a target vehicle through an eVIN registration issuing end; the target vehicle receives the eVIN certificate.
The system provided by the embodiment of the application generates the eVIN certificate for the target vehicle, so that the system can verify the identity of the target vehicle based on the eVIN certificate, and the VIN code representing the identity information of the vehicle is replaced by directly transmitting the VIN code, thereby avoiding interception of the VIN code and improving the safety of the identity information of the vehicle. Moreover, the system provided by the embodiment of the application can generate the eVIN certificate for any vehicle with VIN codes, and has strong universality.
A vehicle authentication method provided in an embodiment of the present application will be described in detail below with reference to fig. 3.
As shown in fig. 3, the method may include the steps of:
s310, the target vehicle encrypts the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value.
The target vehicle may be any vehicle in the vehicles having the VIN certificate, the VIN certificate is generated by the VIN issuing end according to the vehicle identification VIN code of the target vehicle, the VIN code is generated by the VIN issuing end according to the VIN code of the target vehicle, and the first verification information may be a random number generated by the target vehicle.
The target vehicle generates a private key in advance, and in a scene where the identity of the target vehicle needs to be verified, for example: under the scenes of real-name authentication, electronic signature verification, registration or login application program and the like of the vehicle, the target vehicle generates a random number, and the random number is encrypted by adopting a private key to obtain a signature value.
S320, the target vehicle generates a verification request according to the eVIN certificate, the first verification information and the signature value.
The target vehicle combines the eVIN certificate, the first verification information and the signature value to obtain a verification request.
S330, the target vehicle sends a verification request to the eVIN application end.
The eVIN application end is provided with an application program, and when the application program is used by a user, the identity information of the target vehicle needs to be verified in a priori, and the target vehicle is provided with the eVIN application end.
The target vehicle sends a verification request to the eVIN application.
In one example, when an application program is related to a device that charges an electric vehicle and needs to charge a target vehicle, the target vehicle sends a verification request to an vin application terminal that installs the application program related to the device that charges the electric vehicle.
S340, the eVIN application end sends a verification request to the eVIN server end.
The eVIN server provides the service for verifying the eVINs for each eVIN application end, and the eVIN application end receives the verification request sent by the target vehicle and sends the verification request to the eVIN server.
S350, the eVIN server side sends a verification request to the eVIN issuing side.
After receiving the verification request sent by the eVIN application end, the eVIN server end sends the verification request to the eVIN issuing end.
In some embodiments, the vin application terminal is registered in the vin server terminal in advance, the vin application terminal carries a credential of the vin application terminal when sending an authentication request to the vin server terminal, after the vin server terminal receives the authentication request sent by the vin application terminal, the credential of the vin application terminal is verified a priori, when the authentication is passed, the vin application terminal is effective, and then the authentication request is sent to the vin issuing terminal.
According to the method, the eVIN server side sends the verification request to the eVIN issuing side when the eVIN application side is verified to be effective, so that the verification request sent by the invalid eVIN application side is prevented from being forwarded to the eVIN issuing side, and data leakage is avoided.
S360, the eVIN issuing end determines a target key corresponding to the eVIN certificate according to the corresponding relation between the eVIN certificate and the key.
The target key may include a public key, where the vin issuing end stores a public key corresponding to a preconfigured vin certificate, and after the vin issuing end receives the verification request, determines the public key corresponding to the vin certificate according to a corresponding relationship between the vin certificate and the key.
In some embodiments, the vin server is registered in advance at an vin issuing end, the vin issuing end carries a credential of the vin server when sending a verification request to the vin issuing end, after receiving the verification request, the vin issuing end verifies the credential of the vin server a priori, and when verification passes, the vin server is described as valid, and then, a public key corresponding to the vin certificate is determined according to a corresponding relationship between the vin certificate and the secret key.
The method provided by the embodiment of the application verifies the identity information of the target vehicle only when the eVIN server is verified to be effective, so that data leakage is avoided.
S360, the eVIN signing end decrypts the signature value by adopting the public key in the eVIN certificate to obtain second verification data.
The eVIN certificate carries a public key, and the eVIN issuing end adopts the public key carried in the eVIN certificate to decrypt the signature value, so that second verification data are obtained.
In some embodiments, the vin server is registered in advance at an vin issuing end, the vin issuing end carries a credential of the vin server when sending a verification request to the vin issuing end, after the vin issuing end receives the verification request, the credential of the vin server is verified a priori, when verification passes, the vin server is described as valid, and then the signature value is decrypted by using a public key in the vin certificate, so as to obtain second verification data.
The method provided by the embodiment of the application verifies the identity information of the target vehicle only when the eVIN server is verified to be effective, so that data leakage is avoided.
And S370, the eVIN issuing end compares the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
The eVIN signing end compares the first verification data with the second verification data, and when the first verification data and the second verification data are the same, the first identity verification result of the target vehicle is verification success; when the first verification data and the second verification data are different, the first identity verification result of the target vehicle is verification failure.
In some embodiments, after obtaining the first authentication result, the vin issuing end further sends the first authentication result to the target automobile through the vin server and the vin application end.
When the identity of the target vehicle is required to be verified, the eVIN issuing and issuing end receives a verification request sent by the target vehicle through the eVIN application end and the eVIN server end, wherein the verification request comprises an eVIN certificate, first verification data and a signature value of the target vehicle; then, the eVIN issuing end decrypts the signature value by adopting a public key in an eVIN certificate to obtain second verification data; finally, the eVIN issuing end compares the first verification data with the second verification data to obtain a first identity verification result of the target vehicle; the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle, and the eVIN certificate is transmitted in the authentication process to replace the VIN code which directly transmits the identity information of the vehicle, so that the VIN code is prevented from being intercepted, the identity of the vehicle is identified on line on the premise of not revealing the privacy information of the vehicle, and the safety of the identity information of the vehicle is improved.
In some embodiments, the validation request further includes a target vehicle encrypted VIN code, and the VIN certificate includes the VIN code; the vehicle authentication method may further include the steps of:
and when the first verification result is verification passing, comparing the corresponding relation between the eVIN codes and the VIN codes with the target corresponding relation between the eVIN codes of the target automobile to obtain a second identity verification result of the target automobile.
After the eVIN issuing end generates the eVIN code according to the VIN code, the corresponding relation between the VIN code and the eVIN code of the target automobile is stored.
In the scene of identity authentication of a target automobile, the target automobile encrypts a self VIN code to obtain an encrypted VIN code, the VIN code, an eVIN certificate, first verification data and a signature value are combined to obtain a verification request, and after receiving the verification request, an eVIN issuing end decrypts the encrypted VIN code to obtain the VIN code. When the first verification result is verification passing, the eVIN issuing end compares the target corresponding relation between the eVIN codes sent by the target automobile and the VIN codes, whether the target corresponding relation between the eVIN codes and the VIN codes is the same as the corresponding relation between the eVIN codes stored by the eVIN issuing end, when the target corresponding relation between the eVIN codes sent by the target automobile and the VIN codes is the same as the corresponding relation between the VIN codes stored by the eVIN issuing end, the second identity verification result of the target automobile is authentication success, and otherwise, the second identity verification result of the target automobile is authentication failure.
The VIN code in the verification request of the method provided by the embodiment of the application is encrypted, and the safety of the VIN code can be protected in the process of transmitting the VIN code.
In some embodiments, the VIN certificate includes an VIN code, the VIN code is generated by an VIN issuer according to the VIN code and the first random number, and the vehicle identity verification method may further include the steps of:
First, according to the correspondence between the eVIN code and the VIN code, the VIN code corresponding to the eVIN code is determined.
And registering a plurality of application programs of the eVIN application terminal on the eVIN service terminal, wherein when a user uses an application program A in the application programs for the first time, the application program A registers an account for a target automobile, and the eVIN application terminal records the VIN code of the target automobile. When a user uses an application program B in the application programs, the target automobile is a registration-free login request through a verification request sent by an eVIN application end, and after receiving the registration-free login request, the eVIN issuing end determines a VIN code corresponding to the eVIN code according to the corresponding relation between the eVIN code and the VIN code recorded in a database of the eVIN issuing end.
And secondly, generating an identity information index value according to the VIN code.
The eVIN issuing end generates an identity information index value according to the VIN code, wherein the identity information index value is generated by the VIN code of the target automobile and comprises the VIN code, and the VIN code is irreversibly pushed.
In some embodiments, the target automobile sends a verification request to the vin application terminal, and after receiving the verification request sent by the target automobile, the vin application terminal combines the identification of the target application program in the vin application terminal with the verification request and sends the combination to the vin issuing terminal, where the target application program is an application program registered in the vin server terminal and not registered by the user. The eVIN signing end encrypts the identifier and the VIN code of the target application program by adopting the second random number to obtain an identity information index value.
In one example, the identification of the target application, the VIN code of the target car, and the second random number are combined, and the identity information index value is generated through an algorithm such as hashing.
And thirdly, the eVIN signing end sends the identity information index value to the eVIN application end through the eVIN service end.
The eVIN issuing end sends the identity information index value to the eVIN server end, and the eVIN server end forwards the identity information index value to the eVIN application end.
And finally, the eVIN application end determines the client class of the target vehicle according to the identity information index value.
The class of the target vehicle is an inventory customer, which indicates that the target vehicle has been registered using the eVIN code, or a new customer.
After the eVIN application end receives the identity information index value, the account of the target automobile is searched according to the identity information index value, the eVIN application end account uses the same parameters (the identification of the application program, the VIN code of the automobile and the second random number) and the password algorithm in advance to generate the identity information index values of all stock clients, when the identity information index value stored in advance by the eVIN application end comprises the identity information index value of the target automobile, the target automobile is the stock client, and the permission of logging in the target application program is granted, so that a user can log in the account of the target automobile without registering in the target application program.
According to the method provided by the embodiment of the application program registration method, a plurality of application programs are registered on the eVIN server side, when a user logs in one unregistered target application program, the target automobile firstly sends a registration-free login request, and when the target application program determines that the target automobile is an inventory client, the user can register the registration-free target application program, so that user experience is improved.
In some embodiments, at S310: before receiving the verification request sent by the target vehicle through the vin application terminal and the vin server terminal, as shown in fig. 4, the method further includes the following steps:
s410, the target vehicle generates a digital identity application request according to the target secret key.
The target key may include a public key and a private key, the target vehicle generates the public key and the private key, and generates the digital identity application request based on the public key and the private key.
S420, the eVIN registration issuer receives a digital identity application request sent by a target vehicle.
S430, the eVIN registration issuing end generates an eVIN application request according to the digital identity application request and the VIN code of the target vehicle.
The eVIN registration issuing end combines the digital identity application request and the VIN code of the target vehicle to obtain an eVIN application request, and sends the eVIN application request to the eVIN issuing end.
The eVIN application request includes a VIN code.
S440, the eVIN issue end receives the eVIN application request sent by the eVIN registration issue end.
Comparing the VIN code in the eVIN application request with the at least one pre-stored VIN code, when the VIN code in the eVIN application request is the same as one of the at least one pre-stored VIN code,
s450, the eVIN signing end generates an eVIN code according to the VIN code and the first random number.
The eVIN issuing end compares the VIN code in the eVIN application request with at least one prestored VIN code, and when the VIN code in the eVIN application request is identical with one of the at least one prestored VIN code, the eVIN code is generated through hashing according to the VIN code in the eVIN application request and the first random number.
In one example, the first random number may include at least one set of random numbers, and the vin issuer generates the vin code using the following formula:
the random number a, the random number b, and the random number c may be the same random number or different random numbers.
S460, the eVIN issuing end generates an eVIN certificate according to the eVIN code.
The eVIN issuing end issues a digital certificate, and fills an eVIN code in a name item of the certificate to obtain an eVIN certificate, wherein the eVIN certificate comprises the eVIN code.
S470, the vin signing and issuing end sends the vin certificate to the vin registration and issuing end.
S480, the vin registration issuer transmits the vin certificate to the target vehicle.
After receiving the eVIN certificate, the eVIN registration issuing end sends the eVIN certificate to the target vehicle.
S490, the target vehicle receives the vin certificate.
The target vehicle receives and stores an eVIN certificate, which is generated according to the VIN code of the target vehicle, and the VIN code represents the identity information of the target vehicle, so that the eVIN certificate can also represent the identity information of the target vehicle for the identity verification of the target vehicle.
The method provided by the embodiment of the application generates the eVIN certificate for the target vehicle, and can carry out identity verification on the target vehicle based on the eVIN certificate, so that VIN codes representing the identity information of the vehicle are directly transmitted in the prior method instead of the identity verification, thereby avoiding interception of the VIN codes and improving the safety of the identity information of the vehicle. Moreover, the method provided by the embodiment of the application can generate the eVIN certificate for any vehicle with VIN codes, and has strong universality.
In some embodiments, at S460: after the eVIN issuing end generates the eVIN certificate according to the eVIN code, the method can further comprise the following steps:
and generating a target corresponding relation between the VIN code and the eVIN code.
The eVIN issuing end generates and stores the target corresponding relation between the VIN code of the target vehicle and the eVIN code.
According to the method provided by the embodiment of the invention, the target corresponding relation between the VIN code and the eVIN code of the target vehicle is generated, and the VIN code of each target vehicle is unique, so that the target corresponding relation between the VIN code and the eVIN code of each target vehicle is also unique, the identity of the target vehicle can be authenticated based on the target corresponding relation between the VIN code and the eVIN code of the target vehicle, and the basis for the identity authentication of any vehicle with the eVIN certificate is provided.
The embodiment of the application also provides a vehicle identity verification device, which is applied to an eVIN signing end, as shown in FIG. 5, wherein the device 500 comprises a receiving module 510, a decrypting module 520 and a comparing module 530.
The receiving module 510 is configured to receive a verification request sent by a target vehicle through an VIN application end and an VIN server end, where the verification request includes an VIN certificate of the target vehicle, first verification data and a signature value, the VIN certificate is generated by an VIN issuing end according to an VIN code of the target vehicle, the VIN code is generated by the VIN issuing end according to the VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by using a private key corresponding to the VIN certificate for the target vehicle;
a decryption module 520, configured to decrypt the signature value using the public key in the vin certificate to obtain second verification data;
The comparing module 530 is configured to compare the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
The device provided by the embodiment of the application receives a verification request sent by a target vehicle through an eVIN application end and an eVIN server end, wherein the verification request comprises an eVIN certificate, first verification data and a signature value of the target vehicle; then, decrypting the signature value by adopting a public key in the eVIN certificate to obtain second verification data; finally, comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle; the eVIN certificate is generated by the device according to the vehicle identification VIN code of the target vehicle, and is transmitted in the authentication process to replace the VIN code which directly transmits the vehicle identification information, so that the VIN code is prevented from being intercepted, and the safety of the vehicle identification information is improved.
In some embodiments, the validation request further includes a target vehicle encrypted VIN code, and the VIN certificate includes the VIN code, the VIN code being generated by the VIN issuer from the VIN code and the first random number.
The comparing module 530 may be further configured to compare the corresponding relationship between the VIN code and the VIN code when the first verification result is verification, and the target corresponding relationship between the VIN code and the VIN code of the target automobile, so as to obtain a second authentication result of the target vehicle.
The VIN code in the verification request of the method provided by the embodiment of the application is encrypted, and the safety of the VIN code can be protected in the process of transmitting the VIN code.
The apparatus 500 may also include a generation module 540 and a transmission module 550.
The generating module 540 is configured to generate an identity information index value according to the VIN code.
The identity information index value may include an identification of an application program in the VIN application terminal, a VIN code, and a second random number for encrypting the identification of the target application program, the VIN code.
The transmitting module 550 is configured to transmit the identity information index value to the vin application terminal, so that the vin application terminal determines the client class of the target vehicle according to the identity information index value.
According to the device provided by the embodiment of the application program registration method, the plurality of application programs are registered on the eVIN server, when a user logs in one unregistered target application program, the target automobile firstly sends a registration-free login request, and when the target application program determines that the target automobile is an inventory client, the user can register the registration-free target application program, so that user experience is improved.
In some embodiments, the receiving module 510 may be further configured to receive an vin application request sent by an vin registration issuer.
The eVIN application request is generated according to the digital identity application request and the VIN code of the target vehicle when the eVIN registration issuer receives the digital identity application request sent by the target vehicle, and the eVIN application request comprises the VIN code.
The apparatus 500 may also include a generation module 540 and a transmission module 550.
A generating module 540, configured to generate an eagn code according to the VIN code and the first random number; and generating an eVIN certificate from the eVIN code, the eVIN certificate including the eVIN code.
A transmitting module 550, configured to transmit the vin certificate to the target vehicle through the vin registration issuer.
The device provided by the embodiment of the application generates the eVIN certificate for the target vehicle, and can carry out identity verification on the target vehicle based on the eVIN certificate, so that VIN codes representing the identity information of the vehicle are directly transmitted in the prior method instead of the identity verification, thereby avoiding interception of the VIN codes and improving the safety of the identity information of the vehicle. Moreover, the method provided by the embodiment of the application can generate the eVIN certificate for any vehicle with VIN codes, and has strong universality.
In some embodiments, the apparatus 500 may further include a generation module 540.
The generating module 540 is configured to generate a target correspondence between VIN codes and ehvin codes.
According to the device provided by the embodiment of the invention, the target corresponding relation between the VIN codes of the target vehicles and the eVIN codes is generated, and the VIN codes of each target vehicle are unique, so that the target corresponding relation between the VIN codes of each target vehicle and the eVIN codes is also unique, the identity of the target vehicle can be authenticated based on the target corresponding relation between the VIN codes of the target vehicle and the eVIN codes, and the basis for the identity authentication of any vehicle with the eVIN certificate is provided.
The vehicle identity authentication device provided in the embodiment of the present application executes each step executed by the vin signing end in fig. 3 and fig. 4, and can achieve the technical effect of improving the security of the vehicle identity information, which is not described in detail again for brevity.
The embodiment of the application also provides another vehicle identity verification device, which is applied to a target vehicle, as shown in fig. 6, the device 600 may include an encryption module 610, a generation module 620 and a sending module 630.
The encryption module 610 is configured to encrypt the first verification information with a private key corresponding to the vin certificate, to obtain a signature value.
The generating module 620 is configured to generate a verification request according to the eVIN certificate, the first verification information, and the signature value, where the verification request includes the eVIN certificate of the target vehicle, the first verification data, and the signature value, the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle.
The sending module 630 is configured to send an authentication request to an ehn issuing end through an ehn application end and an ehn server end.
The signature value is decrypted by the public key in the eVIN certificate by the eVIN issuing end to obtain second verification data, and the first verification data and the second verification data are compared to obtain a first identity verification result of the target vehicle.
According to the device, the eVIN application end and the eVIN server end send verification requests to the eVIN issuing end, the verification requests comprise the eVIN certificate of the target vehicle, first verification data and signature values, the eVIN certificate is transmitted in the identity verification process, VIN codes representing vehicle identity information are directly transmitted instead, therefore the VIN codes are prevented from being intercepted, and the safety of the vehicle identity information is improved.
In some embodiments, the apparatus 600 may further comprise a receiving module 640.
The receiving module 640 is configured to receive an vin certificate sent by the vin signing and issuing end through the vin registration and issuing end.
The device provided by the embodiment of the application receives the eVIN certificate, the eVIN certificate is generated according to the VIN code of the target vehicle, and the VIN code represents the identity information of the target vehicle, so that the eVIN certificate can also represent the identity information of the target vehicle and is used for the identity verification of the target vehicle, and a basis is provided for the identity verification of the target vehicle.
The vehicle identity authentication device provided in the embodiment of the present application executes each step executed by the target vehicle in fig. 3 and 4, and can achieve the technical effect of improving the safety of the vehicle identity information, which is not described in detail for brevity.
Fig. 7 shows a schematic hardware structure of an electronic device according to an embodiment of the present application.
A processor 701 may be included in an electronic device, as well as a memory 702 in which computer program instructions are stored.
In particular, the processor 701 described above may include a Central Processing Unit (CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.
Memory 702 may include mass storage for data or instructions. By way of example, and not limitation, memory 702 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. The memory 702 may include removable or non-removable (or fixed) media, where appropriate. Memory 702 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 702 is a non-volatile solid state memory.
The memory may include Read Only Memory (ROM), random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash memory devices, electrical, optical, or other physical/tangible memory storage devices. Thus, in general, the memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., memory devices) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors) it is operable to perform the operations described with reference to methods in accordance with aspects of the present disclosure.
The processor 701 implements any one of the vehicle authentication methods of the above embodiments by reading and executing the computer program instructions stored in the memory 702.
In one example, the electronic device may also include a communication interface 703 and a bus 710. As shown in fig. 7, the processor 701, the memory 702, and the communication interface 703 are connected by a bus 710 and perform communication with each other.
The communication interface 703 is mainly used for implementing communication between each module, device, unit and/or apparatus in the embodiments of the present application.
Bus 710 includes hardware, software, or both that couple the components of the online data flow billing device to each other. By way of example, and not limitation, the buses may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a micro channel architecture (MCa) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of the above. Bus 310 may include one or more buses, where appropriate. Although embodiments of the present application describe and illustrate a particular bus, the present application contemplates any suitable bus or interconnect.
The electronic device may perform the vehicle authentication method in the embodiments of the present application, so as to implement the vehicle authentication method performed by the vin issuing end or the target vehicle described in connection with fig. 3 and fig. 4.
In addition, in combination with the vehicle authentication method in the above embodiment, the embodiment of the application may be implemented by providing a computer-readable storage medium. The computer readable storage medium has stored thereon computer program instructions; the computer program instructions, when executed by the processor, implement any one of the vehicle authentication methods performed by the vin issuer or the target vehicle in the above embodiments.
In combination with the vehicle authentication method in the above embodiments, embodiments of the present application may be implemented by providing a computer program product. The instructions in the computer program product, when executed by the processor of the electronic device, implement any of the vehicle authentication methods performed by the vin issuing end or the target vehicle in the above embodiments.
It should be clear that the present application is not limited to the particular arrangements and processes described above and illustrated in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications, and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the present application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this application describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be different from the order in the embodiments, or several steps may be performed simultaneously.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present application, which are intended to be included in the scope of the present application.

Claims (15)

1. A vehicle identity verification method applied to an electronic vehicle identification (vin) sign-on end, the method comprising:
receiving a verification request sent by a target vehicle through an eVIN application end and an eVIN server end, wherein the verification request comprises an eVIN certificate of the target vehicle, first verification data and a signature value, the eVIN certificate is generated by the eVIN issuing end according to an eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to a vehicle identification VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by the target vehicle through a private key corresponding to the eVIN certificate;
Decrypting the signature value by adopting a public key in the eVIN certificate to obtain second verification data;
and comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
2. The method of claim 1, wherein the validation request further comprises an encrypted VIN code of the target vehicle, the VIN certificate comprising an VIN code; the method further comprises the steps of:
and when the first verification result is verification passing, comparing the corresponding relation between the eVIN codes and the VIN codes with the target corresponding relation between the eVIN codes and the VIN codes of the target automobile to obtain a second identity verification result of the target vehicle.
3. The method of claim 1, wherein the VIN certificate includes an VIN code that the VIN issuing end generates from the VIN code and a first random number, the method further comprising:
according to the corresponding relation between the eVIN codes and the VIN codes, determining the VIN codes corresponding to the eVIN codes;
generating an identity information index value according to the VIN code;
and sending the identity information index value to the eVIN application end so as to be used for determining the client class of the target vehicle according to the identity information index value by the eVIN application end.
4. The method of claim 3, wherein the identity information index value includes an identification of a target application in the VIN application, the VIN code, and a second random number for encrypting the identification of the target application, the VIN code.
5. The method of claim 1, wherein prior to receiving the validation request sent by the target vehicle through the vin application and the vin server, the method further comprises:
receiving a digital identity application request sent by an eVIN registration issuing end, wherein the eVIN application request is generated according to the digital identity application request and a VIN code of the target vehicle when the eVIN registration issuing end receives the digital identity application request sent by the target vehicle, and the eVIN application request comprises the VIN code;
generating the eVIN code according to the VIN code and a first random number;
generating the eVIN certificate according to the eVIN code, wherein the eVIN certificate comprises the eVIN code;
and sending the eVIN certificate to the target vehicle through the eVIN registration issuing end.
6. The method of claim 5, wherein the method further comprises:
And generating the target corresponding relation between the VIN code and the eVIN code.
7. A vehicle authentication method applied to a target vehicle, the method comprising:
encrypting the first verification information by adopting a private key target key corresponding to the eVIN certificate to obtain a signature value;
generating a verification request according to the eVIN certificate, the first verification information and the signature value, wherein the verification request comprises the eVIN certificate of the target vehicle, the first verification data and the signature value, the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle;
and sending the verification request to an eVIN issuing end through an eVIN application end and an eVIN service end, so that the eVIN issuing end adopts a public key in the eVIN certificate to decrypt the signature value to obtain second verification data, and comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
8. The method of claim 7, wherein prior to the generating a verification request from the vin certificate, first verification information, and the signature value, the method further comprises:
And receiving the eVIN certificate sent by the eVIN issuing end through the eVIN registration issuing end.
9. A vehicle authentication system, the system comprising:
the target vehicle is used for encrypting the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value; the method comprises the steps that a target vehicle sends a signature value to an eVIN certificate, and is further used for generating a verification request according to the eVIN certificate, first verification information and the signature value, wherein the verification request comprises the eVIN certificate of the target vehicle, first verification data and the signature value, the eVIN certificate is generated by an eVIN issuing end according to an eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle; the authentication request is also sent to an eVIN issuing end through an eVIN application end and an eVIN service end;
the eVIN issuing end is used for receiving the verification request; the method is also used for decrypting the signature value by adopting a public key in the eVIN certificate to obtain second verification data; and the first authentication data is also used for comparing the first authentication data with the second authentication data to obtain a first identity authentication result of the target vehicle.
10. The system of claim 9, further comprising an vin registration issuer; the target vehicle is further used for sending a digital identity application request to the eVIN registration issuing end;
The eVIN registration issuing end is used for receiving a digital identity application request sent by the target vehicle; the method also comprises the steps of generating an eVIN application request according to the digital identity application and the VIN code of the target vehicle, wherein the eVIN application request comprises the VIN code; the method is also used for sending the eVIN application request to the eVIN issuing end;
the eVIN issuing end is further configured to receive the eVIN application request and generate an eVIN code according to the VIN code and the first random number; the method further includes generating the eVIN certificate from the eVIN code, the eVIN certificate including the eVIN code; the method is also used for sending the eVIN certificate to the target vehicle through the eVIN registration issuing end;
the target vehicle is further configured to receive the vin certificate.
11. A vehicle identity verification device applied to an end of an vin signature, the device comprising:
the receiving module is used for receiving a verification request sent by a target vehicle through an eVIN application end and an eVIN server end, wherein the verification request comprises an eVIN certificate of the target vehicle, first verification data and a signature value, the eVIN certificate is generated by the eVIN issuing end according to a vehicle identification eVIN code of the target vehicle, the eVIN code is generated by the eVIN issuing end according to a VIN code of the target vehicle, and the signature value is obtained by encrypting the first verification data by adopting a private key corresponding to the eVIN certificate for the target vehicle;
The decryption module is used for decrypting the signature value by adopting the public key in the eVIN certificate to obtain second verification data;
and the comparison module is used for comparing the first verification data with the second verification data to obtain a first identity verification result of the target vehicle.
12. A vehicle authentication apparatus for application to a target vehicle, the apparatus comprising:
the encryption module is used for encrypting the first verification information by adopting a private key corresponding to the eVIN certificate to obtain a signature value;
the generation module is used for generating a verification request according to the eVIN certificate, the first verification information and the signature value, wherein the verification request comprises the eVIN certificate of the target vehicle, the first verification data and the signature value, the eVIN certificate is generated by the eVIN issuing end according to the eVIN code of the target vehicle, and the eVIN code is generated by the eVIN issuing end according to the VIN code of the target vehicle;
the transmitting module is used for transmitting the verification request to an eVIN issuing end through an eVIN application end and an eVIN service end, so that the eVIN issuing end can decrypt the signature value by adopting a public key in the eVIN certificate to obtain second verification data, and the first verification data and the second verification data are compared to obtain a first identity verification result of the target vehicle.
13. An electronic device, the device comprising: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements a vehicle authentication method as claimed in any one of claims 1-6 or 7-8.
14. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon computer program instructions which, when executed by a processor, implement a vehicle authentication method according to any of claims 1-6 or 7-8.
15. A computer program product, characterized in that instructions in the computer program product, when executed by a processor of an electronic device, cause the electronic device to perform the vehicle authentication method according to any of claims 1-6 or 7-8.
CN202211065606.4A 2022-08-29 2022-08-29 Vehicle identity verification method, device, equipment and storage medium Pending CN116192416A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211065606.4A CN116192416A (en) 2022-08-29 2022-08-29 Vehicle identity verification method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211065606.4A CN116192416A (en) 2022-08-29 2022-08-29 Vehicle identity verification method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116192416A true CN116192416A (en) 2023-05-30

Family

ID=86449560

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211065606.4A Pending CN116192416A (en) 2022-08-29 2022-08-29 Vehicle identity verification method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116192416A (en)

Similar Documents

Publication Publication Date Title
CN107196966B (en) Identity authentication method and system based on block chain multi-party trust
CN106656488B (en) Key downloading method and device for POS terminal
CN105553666B (en) Intelligent power terminal safety authentication system and method
CN110324335B (en) Automobile software upgrading method and system based on electronic mobile certificate
CN105577612B (en) Identity authentication method, third-party server, merchant server and user terminal
CN107733636B (en) Authentication method and authentication system
CN110121159B (en) Lightweight RFID security authentication method and Internet of vehicles communication system in Internet of vehicles scene
CN112396735B (en) Internet automobile digital key safety authentication method and device
CN110020869B (en) Method, device and system for generating block chain authorization information
CN112084234A (en) Data acquisition method, apparatus, device and medium
CN103701787A (en) User name password authentication method implemented on basis of public key algorithm
CN106209730B (en) Method and device for managing application identifier
KR101679771B1 (en) Method, device, and system for identity authentication
CN102065092B (en) Method and system for authorizing digital signature of application program of set top box
CN113672890A (en) Identity authentication method and device, electronic equipment and computer storage medium
CN108989038B (en) Identification equipment, system and method for geographic position authentication
CN109495269B (en) Method and system for verifying credibility of vehicle-mounted terminal access equipment and vehicle-mounted terminal
CN106789963B (en) Asymmetric white-box password encryption method, device and equipment
CN111224784A (en) Role separation distributed authentication and authorization method based on hardware trusted root
CN110572392A (en) Identity authentication method based on HyperLegger network
CN114079645B (en) Method and device for registering service
CN105873043B (en) Method and system for generating and applying network private key for mobile terminal
JP5537129B2 (en) Authentication system, authentication method and program
CN110955921A (en) Electronic signature method, device, equipment and storage medium
KR101868564B1 (en) Apparatus for authenticating user in association with user-identification-registration and local-authentication and method for using the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination