CN116669019A - Unmanned vehicle track communication encryption method - Google Patents

Unmanned vehicle track communication encryption method Download PDF

Info

Publication number
CN116669019A
CN116669019A CN202310940605.8A CN202310940605A CN116669019A CN 116669019 A CN116669019 A CN 116669019A CN 202310940605 A CN202310940605 A CN 202310940605A CN 116669019 A CN116669019 A CN 116669019A
Authority
CN
China
Prior art keywords
network
node
data
group
representing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310940605.8A
Other languages
Chinese (zh)
Other versions
CN116669019B (en
Inventor
唐伟锋
何先志
黄奎
张浩田
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Feisuo Zhixing Equipment Co ltd
Original Assignee
Jiangsu Feisuo Zhixing Equipment Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Feisuo Zhixing Equipment Co ltd filed Critical Jiangsu Feisuo Zhixing Equipment Co ltd
Priority to CN202310940605.8A priority Critical patent/CN116669019B/en
Publication of CN116669019A publication Critical patent/CN116669019A/en
Application granted granted Critical
Publication of CN116669019B publication Critical patent/CN116669019B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The invention relates to an encryption method for unmanned vehicle track communication, which comprises the following steps: grouping N network nodes in a network transmission layer into M network transmission groups to form a plurality of communication paths; acquiring operation parameters of a sending terminal, a receiving terminal and N network nodes, calculating cost functions of the network nodes, taking the network node with the minimum cost function in each group of network transmission groups as an optimal path node of the group, and forming an optimal path for transmitting data between the sending terminal and the receiving terminal by the optimal path node of each group; the transmitting terminal selects an optimal path to transmit real data, and when transmitting data, the former network node transmits encrypted data and a public key of the transmitting terminal to the latter network node; and decrypting the data by the receiving terminal by using the public key of the M-th network transmission group to obtain the original real data. The invention aims to improve communication safety of an unmanned vehicle.

Description

Unmanned vehicle track communication encryption method
Technical Field
The invention relates to the technical field of network security communication, in particular to an encryption method for unmanned vehicle track communication.
Background
Unmanned vehicles have become the development trend of automobiles, the complexity of vehicle software has also increased greatly, and because of numerous vehicle-mounted ECUs (Electronic Control Unit, electronic control units) and complex networks, once the vehicles establish communication with the outside, new network attacks are endless, so that the possibility that the originally closed network is invaded is increased. How to communicate with unmanned vehicles is not easy to be attacked by the outside is a problem to be solved at present.
Disclosure of Invention
The invention aims to improve communication safety of an unmanned vehicle and provides an encryption method for unmanned vehicle track communication.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
an encryption method for unmanned vehicle track communication comprises the following steps:
step 1, grouping N network nodes in a network transmission layer into M network transmission groups to form a plurality of communication paths for a sending terminal to send data to a receiving terminal through the network transmission layer;
step 2, acquiring operation parameters of a sending terminal, a receiving terminal and N network nodes, calculating cost functions of the network nodes based on grouping of the network nodes, taking the network node with the smallest cost function in each group of network transmission groups as an optimal path node of the group, and forming an optimal path for transmitting data between the sending terminal and the receiving terminal by the optimal path node of each group;
step 3, according to the communication path in step 1, the sending terminal selects an optimal path to transmit real data, other communication paths transmit false data, and when transmitting data, the former network node sends encrypted data and a public key of the former network node to the latter network node; and decrypting the data by the receiving terminal by using the public key of the M-th network transmission group to obtain the original real data.
In the step 1, after grouping N network nodes in the network transport layer, the distribution relationship of the N network nodes in M network transport groups is:
n 1 +n 2 +...+n m +...+n M =N
wherein ,n1 Representing the number of network nodes in the 1 st network transport group, n m Representing the number of network nodes in the mth network transmission group, M epsilon M;
M≥1,n m ≥2;
the number of network nodes contained in each network transmission group is equal or unequal;
n for forming transmitting terminal to transmitting data to receiving terminal through network transmission layer 1 ×n 2 ×...×n m ×...×n M A communication path.
In the step 2, the acquired operation parameters of the sending terminal include available network bandwidth; the operation parameters of the receiving terminal and the N network nodes comprise available network bandwidth, CPU operation parameters, memory operation parameters, bandwidth operation parameters and connection number operation parameters;
the CPU operation parameters are CPU occupancy rate, CPU hot spot threshold value and CPU influence factor; the memory operation parameters are memory occupancy rate, memory hot spot threshold value and memory influence factor; the bandwidth operation parameters are bandwidth occupancy rate, bandwidth hot spot threshold value and bandwidth influence factor; the connection number operation parameters are connection number occupancy rate, connection number hot spot threshold value and connection number influence factor.
In the step 2, the step of calculating the cost function of each network node based on the grouping of the network nodes includes:
setting the starting point of each section of communication path as a node i and the end point as a node j, and calculating a cost function F of the node j when the node i transmits data to the node j i,j
wherein ,representing a first equalization factor, ">Representing a second equalization factor; />Available network bandwidth for node i; />Throughput for the network link between node i and node j;
CPU occupancy representing node j, +.>CPU hot-spot threshold representing node j, +.>CPU impact factors representing node j;
representing the memory occupancy of node j, +.>Memory hot-spot threshold representing node j, +.>Representing the memory impact factor of node j;
representing the bandwidth occupancy of node j, +.>Bandwidth hot-spot threshold representing node j, +.>Representing a bandwidth impact factor of node j;
representing the connection count occupancy of node j, +.>A connection number hotspot threshold representing node j, +.>Representing a connection number influence factor of the node j;
there is a method of producing a liquid crystal display device,;/>,/>
in the step 3, when transmitting data, the previous network node sends the encrypted data and the public key thereof to the next network node, which includes:
transmitting terminal generates n 1 The share data, wherein only 1 share data is the true data, and using the key matrix pair n 1 Encrypting the data, and then respectively transmitting the encrypted data to n in the 1 st network transmission group 1 The personal network node sends the public key of the terminal itself at the same time;
the network node of the 1 st network transmission group decrypts the received data by using the public key of the sending terminal to form still encrypted data; the data and the public key are respectively sent to the network nodes of the 2 nd group network transmission group;
decrypting the received data by using the public key of the M-1 network transmission group until the network node of the M network transmission group to form still encrypted data; and transmits the data and its own public key to the receiving terminal.
In the step 3, until the receiving terminal decrypts the data by using the public key of the mth group network transmission group to obtain the original real data, the method includes the steps of: the receiving terminal only decrypts the data transmitted by the optimal path.
Compared with the prior art, the invention has the beneficial effects that:
the communication paths of the transmitting terminal for transmitting data to the receiving terminal through the network transmission layer are n in total 1 ×n 2 ×...×n m ×...×n M The data transmitted by only one communication path is real data. If an external attacker wants to steal data, n needs to be cracked 1 ×n 2 ×...×n m ×...×n M The stripe data, and the attacker will not know the transmission path where each network node is located, because one network node may be in different network transmission groups at the same time or at different times, no matter which network node's data is cracked, the data obtained is not completely decrypted, but is still encrypted. And when different terminals transmit data, network transmission groups where all network nodes are located are disordered and rearranged, so that an attacker cannot obtain real data easily, and a guarantee is provided for communication safety.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a schematic diagram of an apparatus according to an embodiment of the present invention;
fig. 3 is a schematic topology diagram of N network nodes according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a network node packet according to an embodiment of the present invention;
fig. 5 is a schematic diagram of another network node packet according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the invention, as presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present invention.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Also, in the description of the present invention, the terms "first," "second," and the like are used merely to distinguish one from another, and are not to be construed as indicating or implying a relative importance or implying any actual such relationship or order between such entities or operations. In addition, the terms "connected," "coupled," and the like may be used to denote a direct connection between elements, or an indirect connection via other elements.
Example 1:
referring to fig. 2, the device related to the present solution includes a sending terminal a, a receiving terminal B, a cloud end, and a network transmission layer. The sending terminal A comprises one of an unmanned vehicle, a server (different from a cloud end) and a user terminal; the receiving terminal B includes one of an unmanned vehicle, a server, and a user terminal. The server can be used for monitoring and scheduling the unmanned vehicle to run; the staff can use the user terminal to remotely check the running condition of the unmanned vehicle through the server, and participate in the dispatching control when necessary; the cloud end is used for executing the calculation of the method steps.
When the transmitting terminal a transmits data to the receiving terminal B, the network transmission layer is needed, and the scheme does not limit why the data is transmitted, and only protects the communication encryption method when the data is transmitted. The network transport layer has N network nodes, and the N network nodes are in a topology structure, as shown in fig. 3, i.e. the N network nodes have no hierarchical relationship, and each circle in fig. 3 represents one network node.
The invention is realized by the following technical scheme, as shown in fig. 1, and the method for encrypting the unmanned vehicle track communication comprises the following steps:
step 1, grouping N network nodes in a network transmission layer into M network transmission groups to form a plurality of communication paths for a sending terminal to send data to a receiving terminal through the network transmission layer.
When the transmitting terminal A is to transmit data to the receiving terminal B, the cloud broadcast groups N network nodes, and the N network nodes are divided into M network transmission groups, wherein a communication path is formed by the transmitting terminal A, the transmitting terminal A firstly transmits data to the 1 st network transmission group, the 1 st network transmission group transmits data to the 2 nd network transmission group, and the M-1 network transmission group transmits data to the M network transmission group, and finally the M network transmission group transmits data to the receiving terminal B.
It should be noted that, for each data transmission, N network nodes need to be grouped again. Referring to fig. 4, for example, when an unmanned vehicle a (with a plurality of unmanned vehicles) sends data to an unmanned vehicle B, the unmanned vehicle a initiates a transmission request to a cloud, where the transmission request carries an ID of a receiving terminal B, the cloud forms a data link of a-B, and supposedly there are 14 network nodes (n=14) in total, and the network nodes are divided into 4 network transmission groups (m=4) which are L1, L2, L3, and L4 respectively. Wherein, the L1 group has 4 network nodes, which are a1, a2, a3 and a4 respectively; the L2 group has 3 network nodes, b1, b2 and b3 respectively; the L3 group has 5 network nodes, which are c1, c2, c3, c4 and c5 respectively; the L4 group has 2 network nodes, d1, d2, respectively.
For another example, referring to fig. 5, when a server a (generally only one server but there may be multiple servers) sends data to a user terminal B (there are multiple user terminals), the cloud forms a data link of a-B, and divides 14 network nodes into 3 network transmission groups, i.e., L1, L2, and L3. Wherein, the L1 group has 6 network nodes, which are a1, a2, a3, a4, a5 and a6 respectively; the L2 group has 3 network nodes, b1, b2 and b3 respectively; the L3 group has 5 network nodes, c1, c2, c3, c4, c5, respectively.
That is, whenever one transmitting terminal a needs to transmit data to a designated receiving terminal B, new packets need to be performed for N network nodes, which means that this packet scheme is only applicable to the current data transmission. The N network nodes themselves have no hierarchical relationship, which is the hierarchical relationship that exists after being grouped before data needs to be transmitted between terminals, and is limited to the data transmission at this time. In other words, a certain network node j belongs to the 3 rd network transmission group when the unmanned vehicle a transmits data to the server B; however, when the unmanned vehicle a sends data to the user terminal B, the network node j may belong to the mth network transmission group, so the same network node j may belong to different network transmission groups simultaneously or not simultaneously.
Therefore, after grouping the N network nodes, the distribution relationship of the N network nodes in the M network transmission groups is:
n 1 +n 2 +...+n m +...+n M =N
wherein ,n1 Representing the number of network nodes in the 1 st network transport group, n m Representing the number of network nodes in the mth network transport group, M e M. As a preferred mode, M is greater than or equal to 1, n m And 2, and the number of network nodes contained in each network transmission group can be equal or unequal.
Taking fig. 4 as an example for illustration, the transmitting terminal a and 4 network nodes a in the L1 group form 4 communication paths; each network node a in the L1 group needs to form a communication path with each network node b in the L2 group, and then the L1 group to the L2 group form 12 communication paths; each network node b in the L2 group needs to form a communication path with each network node c in the L3 group, and then the L2 group to the L3 group form 60 communication paths; each network node c in the L3 group needs to form a communication path with each network node d in the L4 group, and then the L4 group to the L5 group form 120 communication paths; 120 communication paths exist between the final L4 group and the receiving terminal B.
Finally, n can be formed for the transmitting terminal to transmit data to the receiving terminal through the network transmission layer 1 ×n 2 ×...×n m ×...×n M A communication path. It can be seen that when the number of network nodes in the network transport layer is large, the number of communication paths that can be formed is also very large.
And 2, acquiring operation parameters of a sending terminal, a receiving terminal and N network nodes, calculating a cost function of each network node based on the grouping of the network nodes, taking the network node with the smallest cost function in each group of network transmission groups as an optimal path node of the group, and forming an optimal path for transmitting data between the sending terminal and the receiving terminal by the optimal path node of each group.
The operation parameters of the sending terminal A need to be acquired, including available network bandwidth; the operation parameters of the receiving terminal and the N network nodes need to be acquired include available network bandwidth, CPU operation parameters, memory operation parameters, bandwidth operation parameters and connection number operation parameters. The CPU operation parameters are CPU occupancy rate, CPU hot spot threshold value and CPU influence factor; the memory operation parameters are memory occupancy rate, memory hot spot threshold value and memory influence factor; the bandwidth operation parameters are bandwidth occupancy rate, bandwidth hot spot threshold value and bandwidth influence factor; the connection number operation parameters are connection number occupancy rate, connection number hot spot threshold value and connection number influence factor.
Assuming that the starting point of each section of communication path is node i, the end point is node j, and calculating the cost function F of node j when the node i transmits data to the node j i,j
wherein ,representing a first equalization factor, ">Representing a second equalization factor; />Available network bandwidth for node i; />Throughput for the network link between node i and node j;
CPU occupancy representing node j, +.>CPU hot-spot threshold representing node j, +.>CPU impact factors representing node j;
representing the memory occupancy of node j, +.>Memory hot-spot threshold representing node j, +.>Representing the memory impact factor of node j;
representing the bandwidth occupancy of node j, +.>Bandwidth hot-spot threshold representing node j, +.>Representing a bandwidth impact factor of node j;
representing the connection count occupancy of node j, +.>A connection number hotspot threshold representing node j, +.>Representing a connection number influence factor of the node j;
there is a method of producing a liquid crystal display device,;/>,/>
for example, when the transmitting terminal a transmits data to the network node a1, the transmitting terminal a serves as the node i, the network node a1 serves as the node j, and the data represents a communication path from the transmitting terminal a to the network node a1; for another example, when the network node d2 transmits data to the receiving terminal B, the network node d2 serves as node i, the receiving terminal B serves as node j, and the data represents a communication path from the network node d2 to the receiving terminal B.
Cost function F i,j In the calculation of (a), only the available network bandwidth of the starting point node i is neededAnd in one data transmission, the transmitting terminal A only serves as the starting point node i, so that only acquisition is neededTaking available network bandwidth of transmitting terminal a
The network node with the minimum cost function in the L1 group can be obtained through the calculation of the cost function, and the assumption is a1; the network node with the smallest cost function in the L2 group is assumed to be b3; the network node with the smallest cost function in the L3 group is assumed to be c1; the network node with the smallest cost function in the L4 group is assumed to be d1; the optimal path is a-a1-B3-c1-d1 (i.e. the dashed path in fig. 4), and the receiving terminal B directly decrypts the piece of data to obtain the original data, and does not need to decrypt other 119 pieces of data, because the 119 pieces of data are all false data. Therefore, the safety of the data in the transmission path can be ensured, the data calculation amount of the receiving terminal B can not be caused, the optimal path can be found through the calculation of the cost function, and the real data can be directly obtained through decryption.
And 3, according to the communication path in the step 1, the sending terminal selects an optimal path to transmit real data, other communication paths transmit false data, and when transmitting data, the former network node sends encrypted data and a public key of the former network node to the latter network node.
Referring to fig. 4, taking this as an example, if there are 4 network nodes in the L1 group, the sending terminal a generates 4 parts of data first, only 1 part of data is real data, and the other 3 parts of data are dummy data, and the 4 parts of data are encrypted respectively by using the key matrix. The key matrix has 4 groups (m=4), and the public key of a network node in a network transmission group can crack a group key matrix.
First, a transmitting terminal a generates 4 parts of data, encrypts the 4 parts of data using a key matrix, and forms encrypted data C 1 、C 2 、C 3 、C 4 Then the encrypted data are respectively transmitted to the network node a in the L1 group, and the public key PK of the network node a is simultaneously transmitted A . That is, the transmitting terminal a transmits the encrypted data C to the network node a1 1 And its own public key PK A The method comprises the steps of carrying out a first treatment on the surface of the The transmitting terminal a transmits the encrypted data to the network node a2C 2 And its own public key PK A The method comprises the steps of carrying out a first treatment on the surface of the The transmitting terminal A transmits the encrypted data C to the network node a3 3 And its own public key PK A The method comprises the steps of carrying out a first treatment on the surface of the The transmitting terminal A transmits the encrypted data C to the network node a4 4 And its own public key PK A . Each network node a in the L1 group receives 1 piece of data, and the L1 group receives 4 pieces of data in total.
Network nodes a1, a2, a3, a4 use public key PK A Decrypting the received data. Network node a1 uses public key PK A For data C 1 Decrypting to form data C 1_1a1 (the first "1" in the subscript "1_1a1" represents the 1 st piece of data, the second "1" represents the L1 group, and "a1" represents the network node a 1); network node a2 uses public key PK A For data C 2 Decrypting to form data C 2_1a2 The method comprises the steps of carrying out a first treatment on the surface of the Network node a3 uses public key PK A For data C 3 Decrypting to form data C 3_1a3 The method comprises the steps of carrying out a first treatment on the surface of the Network node a4 uses public key PK A For data C 4 Decrypting to form data C 4_1a4 . Each network node a in the L1 group will form 1 piece of data, but the data C formed 1_1a1 、C 2_1a2 、C 3_1a3 、C 4_1a4 Still encrypted data.
Next, the network nodes a1, a2, a3, a4 send data and their own public keys to the network nodes b1, b2, b3 in the L2 group, respectively. That is, the network node a1 sends data C to the network nodes b1, b2, b3, respectively 1_1a1 And its own public key PK a1 The method comprises the steps of carrying out a first treatment on the surface of the The network node a2 sends data C to the network nodes b1, b2, b3, respectively 2_1a2 And its own public key PK a2 The method comprises the steps of carrying out a first treatment on the surface of the The network node a3 sends data C to the network nodes b1, b2, b3, respectively 3_1a3 And its own public key PK a3 The method comprises the steps of carrying out a first treatment on the surface of the The network node a4 sends data C to the network nodes b1, b2, b3, respectively 4_1a4 And its own public key PK a4 . Each network node b in the L2 group receives 4 pieces of data, and the L2 group receives 12 pieces of data in total.
Network node b1 uses public key PK a1 For data C 1_1a1 Decrypting to form data C 1_1a1_2b1 Network nodeb1 use of public Key PK a2 For data C 2_1a2 Decrypting to form data C 2_1a2_2b1 Network node b1 uses public key PK a3 For data C 3_1a3 Decrypting to form data C 3_1a3_2b1 Network node b1 uses public key PK a4 For data C 4_1a4 Decrypting to form data C 4_1a4_2b1 The method comprises the steps of carrying out a first treatment on the surface of the Network node b2 uses public key PK a1 For data C 1_1a1 Decrypting to form data C 1_1a1_2b2 The method comprises the steps of carrying out a first treatment on the surface of the By analogy, each network node b in the L2 group forms 4 pieces of data, which remain encrypted.
The network nodes b1, b2, b3 then send the data and their own public keys to the network nodes c1, c2, c3, c4, c5 in the L3 group, respectively. That is, network node b1 sends data C to network node C1 1_1a1_2b1 、C 2_1a2_2b1 、C 3_1a3_2b1 、C 4_1a4_2b1 And its own public key PK b1 The network node b1 also sends the same data and its own public key PK to c2, c3, c4, c5 b1 The method comprises the steps of carrying out a first treatment on the surface of the Network node b2 sends data C to network node C1 1_1a1_2b2 、C 2_1a2_2b2 、C 3_1a3_2b2 、C 4_1a4_2b2 And its own public key PK b2 The network node b2 also sends the same data and its own public key PK to c2, c3, c4, c5 b2 The method comprises the steps of carrying out a first treatment on the surface of the By analogy, each network node c in the L3 group receives 12 pieces of data, and the L3 group receives 60 pieces of data in total.
Network node c1 uses public key PK b1 Respectively to data C 1_1a1_2b1 、C 2_1a2_2b1 、C 3_1a3_2b1 、C 4_1a4_2b1 Decrypting to form data C 1_1a1_2b1_3c1 、C 2_1a2_2b1_3c1 、C 3_1a3_2b1_3c1 、C 4_1a4_2b1_3c1 The method comprises the steps of carrying out a first treatment on the surface of the Network node c1 uses public key PK b2 Respectively to data C 1_1a1_2b2 、C 2_1a2_2b2 、C 3_1a3_2b2 、C 4_1a4_2b2 Decrypting to form data C 1_1a1_2b2_3c1 、C 2_1a2_2b2_3c1 、C 3_1a3_2b2_3c1 、C 4_1a4_2b2_3c1 The method comprises the steps of carrying out a first treatment on the surface of the By analogy, each network node c in the L3 group will form 12 pieces of data, formingStill being encrypted data.
Next, the network nodes c1, c2, c3, c4, c5 send data and their own public keys to the network nodes d1, d2 in the L4 group, respectively. That is, network node C1 sends data C to network node d1 1_1a1_2b1_3c1 、C 2_1a2_2b1_3c1 、C 3_1a3_2b1_3c1 、C 4_1a4_2b1_3c1 、C 1_1a1_2b2_3c1 、C 2_1a2_2b2_3c1 、C 3_1a3_2b2_3c1 、C 4_1a4_2b2_3c1 、C 1_1a1_2b3_3c1 、C 2_1a2_2b3_3c1 、C 3_1a3_2b3_3c1 、C 4_1a4_2b3_3c1 And its own public key PK c1 The method comprises the steps of carrying out a first treatment on the surface of the Network node c1 also sends the same data and its own public key PK to d2 c1 The method comprises the steps of carrying out a first treatment on the surface of the By analogy, each network node d in the L4 group receives 60 pieces of data, and the L4 group receives 120 pieces of data in total.
Network node d1 uses public key PK c1 、PK c2 、PK c3 、PK c4 、PK c5 Decrypting the 60 pieces of data respectively to form 60 pieces of still-encrypted data; network node d2 uses public key PK c1 、PK c2 、PK c3 、PK c4 、PK c5 And decrypting the 60 pieces of data respectively to form 60 pieces of still encrypted data. The network nodes d1, d2 then send 120 pieces of data to the receiving terminal B. Public keys (e.g. PK) of network nodes in each group of network transport groups a1 、PK a2 、PK a3 、PK a4 ) A set of key matrices may be hacked until the receiving terminal B hacks the last set of key matrices to obtain the original data.
The 120 data corresponds to 120 communication paths, and only data transmitted by one communication path is real data. If an external attacker wants to steal data, 120 pieces of data need to be cracked, and the attacker cannot know the communication paths where all network nodes are located, because one network node may be located in different network transmission groups at the same time or at different times, no matter which network node is cracked, the obtained data is not completely decrypted, and the data still is encrypted. And when different terminals transmit data, network transmission groups where all network nodes are located are disordered and rearranged, so that an attacker cannot obtain real data easily, and a guarantee is provided for communication safety.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (6)

1. An encryption method for unmanned vehicle track communication is characterized in that: the method comprises the following steps:
step 1, grouping N network nodes in a network transmission layer into M network transmission groups to form a plurality of communication paths for a sending terminal to send data to a receiving terminal through the network transmission layer;
step 2, acquiring operation parameters of a sending terminal, a receiving terminal and N network nodes, calculating cost functions of the network nodes based on grouping of the network nodes, taking the network node with the smallest cost function in each group of network transmission groups as an optimal path node of the group, and forming an optimal path for transmitting data between the sending terminal and the receiving terminal by the optimal path node of each group;
step 3, according to the communication path in step 1, the sending terminal selects an optimal path to transmit real data, other communication paths transmit false data, and when transmitting data, the former network node sends encrypted data and a public key of the former network node to the latter network node; and decrypting the data by the receiving terminal by using the public key of the M-th network transmission group to obtain the original real data.
2. The unmanned vehicle track communication encryption method of claim 1, wherein: in the step 1, after grouping N network nodes in the network transport layer, the distribution relationship of the N network nodes in M network transport groups is:
n 1 +n 2 +...+n m +...+n M =N
wherein ,n1 Representing the number of network nodes in the 1 st network transport group, n m Representing the number of network nodes in the mth network transmission group, M epsilon M;
M≥1,n m ≥2;
the number of network nodes contained in each network transmission group is equal or unequal;
n for forming transmitting terminal to transmitting data to receiving terminal through network transmission layer 1 ×n 2 ×...×n m ×...×n M A communication path.
3. The unmanned vehicle track communication encryption method of claim 1, wherein: in the step 2, the acquired operation parameters of the sending terminal include available network bandwidth; the operation parameters of the receiving terminal and the N network nodes comprise available network bandwidth, CPU operation parameters, memory operation parameters, bandwidth operation parameters and connection number operation parameters;
the CPU operation parameters are CPU occupancy rate, CPU hot spot threshold value and CPU influence factor; the memory operation parameters are memory occupancy rate, memory hot spot threshold value and memory influence factor; the bandwidth operation parameters are bandwidth occupancy rate, bandwidth hot spot threshold value and bandwidth influence factor; the connection number operation parameters are connection number occupancy rate, connection number hot spot threshold value and connection number influence factor.
4. A method of encrypting unmanned vehicle track communications according to claim 3, wherein: in the step 2, the step of calculating the cost function of each network node based on the grouping of the network nodes includes:
setting the starting point of each section of communication path as a node i and the end point as a node j, and calculating a cost function F of the node j when the node i transmits data to the node j i,j
wherein ,representing a first equalization factor, ">Representing a second equalization factor; />Available network bandwidth for node i; />Throughput for the network link between node i and node j;
CPU occupancy representing node j, +.>A CPU hot spot threshold representing node j,CPU impact factors representing node j;
representing the memory occupancy of node j, +.>Representing the memory hot spot threshold for node j,representing the memory impact factor of node j;
representing the bandwidth occupancy of node j, +.>Representing the bandwidth hot-spot threshold for node j,representing a bandwidth impact factor of node j;
representing the connection count occupancy of node j, +.>A connection number hotspot threshold representing node j, +.>Representing a connection number influence factor of the node j;
there is a method of producing a liquid crystal display device,;/>,/>
5. the unmanned vehicle track communication encryption method of claim 2, wherein: in the step 3, when transmitting data, the previous network node sends the encrypted data and the public key thereof to the next network node, which includes:
transmitting terminal generates n 1 The share data, wherein only 1 share data is the true data, and using the key matrix pair n 1 Data is encrypted and then the encrypted data is encryptedData are respectively transmitted to n in the 1 st network transmission group 1 The personal network node sends the public key of the terminal itself at the same time;
the network node of the 1 st network transmission group decrypts the received data by using the public key of the sending terminal to form still encrypted data; the data and the public key are respectively sent to the network nodes of the 2 nd group network transmission group;
decrypting the received data by using the public key of the M-1 network transmission group until the network node of the M network transmission group to form still encrypted data; and transmits the data and its own public key to the receiving terminal.
6. The method for encrypting the unmanned vehicle track communication according to claim 5, wherein: in the step 3, until the receiving terminal decrypts the data by using the public key of the mth group network transmission group to obtain the original real data, the method includes the steps of:
the receiving terminal only decrypts the data transmitted by the optimal path.
CN202310940605.8A 2023-07-28 2023-07-28 Unmanned vehicle track communication encryption method Active CN116669019B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310940605.8A CN116669019B (en) 2023-07-28 2023-07-28 Unmanned vehicle track communication encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310940605.8A CN116669019B (en) 2023-07-28 2023-07-28 Unmanned vehicle track communication encryption method

Publications (2)

Publication Number Publication Date
CN116669019A true CN116669019A (en) 2023-08-29
CN116669019B CN116669019B (en) 2023-10-27

Family

ID=87710049

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310940605.8A Active CN116669019B (en) 2023-07-28 2023-07-28 Unmanned vehicle track communication encryption method

Country Status (1)

Country Link
CN (1) CN116669019B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994021A (en) * 2015-07-21 2015-10-21 三星电子(中国)研发中心 Method and device for determining optimal path
CN106714265A (en) * 2017-01-05 2017-05-24 清华大学 Network node prediction method and device based on DTN (Delay and Disruption-Tolerant Networking) algorithm
CN112822107A (en) * 2021-02-21 2021-05-18 上海帕科信息科技有限公司 Wide area network optimization method based on artificial intelligence
WO2022142463A1 (en) * 2020-12-28 2022-07-07 科大国盾量子技术股份有限公司 Group key distribution method in distributed quantum cryptography network, and system
CN115622821A (en) * 2022-12-20 2023-01-17 北京佳芯信息科技有限公司 Encryption communication method and encryption communication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994021A (en) * 2015-07-21 2015-10-21 三星电子(中国)研发中心 Method and device for determining optimal path
CN106714265A (en) * 2017-01-05 2017-05-24 清华大学 Network node prediction method and device based on DTN (Delay and Disruption-Tolerant Networking) algorithm
WO2022142463A1 (en) * 2020-12-28 2022-07-07 科大国盾量子技术股份有限公司 Group key distribution method in distributed quantum cryptography network, and system
CN112822107A (en) * 2021-02-21 2021-05-18 上海帕科信息科技有限公司 Wide area network optimization method based on artificial intelligence
CN115622821A (en) * 2022-12-20 2023-01-17 北京佳芯信息科技有限公司 Encryption communication method and encryption communication system

Also Published As

Publication number Publication date
CN116669019B (en) 2023-10-27

Similar Documents

Publication Publication Date Title
CN108696411B (en) Device for use in a CAN system
US10965450B2 (en) In-vehicle networking
US11316677B2 (en) Quantum key distribution node apparatus and method for quantum key distribution thereof
US9106617B2 (en) Methods, systems and computer program products for authenticating computer processing devices and transferring both encrypted and unencrypted data therebetween
KR101740957B1 (en) Data certification and acquisition method for vehicle
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
CN107659406B (en) Resource operation method and device
CN107708112A (en) A kind of encryption method suitable for MQTT SN agreements
KR101508497B1 (en) Data certification and acquisition method for vehicle
Wang et al. NOTSA: Novel OBU with three-level security architecture for internet of vehicles
CN108964897B (en) Identity authentication system and method based on group communication
CN109413051B (en) Data encryption method and device, computer equipment and storage medium
CN101677269A (en) Method and system for transmitting keys
CN111756528B (en) Quantum session key distribution method, device and communication architecture
CN112636923B (en) Engineering machinery CAN equipment identity authentication method and system
KR101481403B1 (en) Data certification and acquisition method for vehicle
CN106712939A (en) Offline key transmission method and device
CN113572795B (en) Vehicle safety communication method, system and vehicle-mounted terminal
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN105681362A (en) Client and server communication method capable of protecting geographic position privacy
CN110383755A (en) The network equipment and trusted third party's equipment
TWI422241B (en) Spectrum authorization and related communications methods and apparatus
CN116669019B (en) Unmanned vehicle track communication encryption method
CN110312232B (en) Vehicle communication system and vehicle communication method
CN115834210A (en) Quantum secure network data transmitting and receiving method and communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant