CN116781263B - Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium - Google Patents
Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium Download PDFInfo
- Publication number
- CN116781263B CN116781263B CN202311061224.9A CN202311061224A CN116781263B CN 116781263 B CN116781263 B CN 116781263B CN 202311061224 A CN202311061224 A CN 202311061224A CN 116781263 B CN116781263 B CN 116781263B
- Authority
- CN
- China
- Prior art keywords
- ecu
- common
- tested
- rand
- gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000004891 communication Methods 0.000 claims abstract description 36
- 238000004364 calculation method Methods 0.000 claims description 23
- 238000012545 processing Methods 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 4
- 101100379079 Emericella variicolor andA gene Proteins 0.000 claims description 2
- 101100001671 Emericella variicolor andF gene Proteins 0.000 claims description 2
- 101100001672 Emericella variicolor andG gene Proteins 0.000 claims description 2
- 238000012795 verification Methods 0.000 claims description 2
- 230000000694 effects Effects 0.000 abstract description 2
- 238000012216 screening Methods 0.000 abstract 1
- 230000004044 response Effects 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 101100459518 Bacillus subtilis (strain 168) nadE gene Proteins 0.000 description 1
- 101100393826 Dickeya dadantii (strain 3937) outB gene Proteins 0.000 description 1
- 101001093748 Homo sapiens Phosphatidylinositol N-acetylglucosaminyltransferase subunit P Proteins 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40006—Architecture of a communication node
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Abstract
The invention relates to the technical field of information security of the Internet of vehicles, in particular to an identity authentication and secret key self-updating method among ECUs in vehicles and a readable storage medium. The invention carries out the identity authentication of the ordinary ECU after the vehicle is electrified, firstly searches through the ID number, carries out preliminary identification on whether the ordinary ECU to be tested is a legal ordinary ECU, and then decrypts the message to be tested through the searched current secret key to determine whether the ordinary ECU to be tested is the legal ordinary ECU, thereby screening and removing illegal ordinary ECUs and greatly improving the safety of the vehicle interior network. The key is updated according to the condition that whether the current communication times or the current working time reach the corresponding threshold value or not is taken as an updating condition, and unilateral updating can be carried out without communication negotiation of the two parties; and the peak staggering updating effect CAN be achieved, the unified updating condition is avoided, and the load pressure of the CAN bus is reduced.
Description
Technical Field
The invention relates to the technical field of information security of the Internet of vehicles, in particular to an identity authentication and secret key self-updating method among ECUs in vehicles and a readable storage medium.
Background
The Internet of vehicles is divided according to the use scene, and can be divided into:
1, an in-vehicle network (in-vehicle) -a whole vehicle network established based on a CAN bus;
2, inter-vehicle network (vehicle, road) -dynamic network based on DSRC and 802.11 series wireless local area network WLAN protocols;
and 3, vehicle-mounted mobile Internet (vehicle person, vehicle cloud), which is a network in which a vehicle-mounted terminal is in wireless connection with the Internet through a 4G/5G communication technology.
For the in-car network, the CAN bus has potential safety hazards: (1) CAN bus messages are broadcast, which allows a malicious ECU to optionally eavesdrop on messages on the CAN bus. (2) Hundreds of ECUs CAN be mounted on the CAN bus, so that the load pressure of the CAN bus is high; if the negotiation or the key distribution are frequently carried out, the CAN bus is overwhelmed, and the transmission efficiency of the in-car network information is greatly affected.
Disclosure of Invention
Based on the above, it is necessary to provide a method for identity authentication and key self-updating between in-vehicle ECUs and a readable storage medium, aiming at the problems that the existing in-vehicle network lacks identity authentication to the ECU and the existing CAN bus is overloaded due to key updating.
The invention is realized by adopting the following technical scheme:
the invention discloses a method for identity authentication and secret key self-updating among in-vehicle ECUs, which is applied to vehiclesGIn-vehicle net of (a)In the architecture. The in-vehicle network architecture comprises a gateway ECU,MA plurality of common ECUs to be tested;Mand the common ECUs to be tested are communicated with the gateway ECU through the CAN bus.
The gateway ECU pre-stores a vehicleGAll legal common ECU ID numbers and corresponding current keys. First, themThe common ECU to be tested pre-stores a class II current key Ek m 。
The method for identity authentication and secret key self-updating among the ECUs in the vehicle comprises the following steps:
step one, detecting a vehicleGWhether to power up; if yes, the second step is firstly carried out, and then the third step is carried out, or the second step and the third step are carried out simultaneously;
step two, the gateway ECU generates a random number RAND 0 And broadcast to the CAN busMA plurality of common ECUs to be tested;
first, themGenerating random numbers RAND by using common ECUs to be tested m And at the firstmThe common ECU to be tested receives the RAND 0 Then, combine withmClass II current secret key Ek of each ordinary ECU to be tested m ID number ID of mth common ECU to be tested m Calculate the firstmIndividual messages to be checkedD m And then willD m Transmitting back to the gateway ECU;m∈[1,M];
wherein, D m the calculation method of (1) is as follows:
s2.1, RAND 0 、RAND m Performing a first type of logic operation to obtain the firstmThe number of calculation valuesA m ;
S2.2, RAND 0 And (3) withA m Connecting to obtain the firstmIntermediate values ofB m ;
S2.3 with Ek m For a pair ofB m Encryption is carried out to obtain the firstmEach encrypted valueC m ;
S2.4, willC m With ID m Connecting to obtain the firstmIndividual messages to be checkedD m ;
Gateway ECU receives the transmitted backD m Then, firstly according toD m ID in (a) m Find the firstmCurrent secret key Ek of common ECU to be tested m 'A'; if Ek is found m ' then transmit backD m Decrypting; if decryption obtainsmPersonal decryption valueB m ', comparisonB m ' whether there is RAND in 0 The method comprises the steps of carrying out a first treatment on the surface of the If it isB m ' there is RAND in 0 The gateway ECU pairsmThe identity authentication of the common ECU to be tested is passed;
step three, recording the working time length of the gateway ECU from 0T 0 And (b) the firstmCommunication times CT between common ECUs to be tested m0→ The method comprises the steps of carrying out a first treatment on the surface of the Record the first from 0mWorking time length of each common ECU to be testedT m Number of communications CT with gateway ECU m→0 The method comprises the steps of carrying out a first treatment on the surface of the Wherein, T 0 =T m ,CT m0→ =CT m→0 ;
step four, CT is acquired m0→ 、T 0 、CT m→0 、T m ;
When (when)T 0 Exceeding a preset time threshold or CT m0→ When the preset times threshold value is exceeded, combining CT m0→ 、T 0 、Ek m Calculation of New Key NEk m And to Ek m Updating; combining CT m→0 、T m 、Ek m ' New Key calculation NEk m ' parallel to Ek m ' update; therein, NEk m 、NEk m ' the calculation mode is the same;
and after all the updating is finished, returning to the step three.
The implementation of the method for identity authentication and secret key self-updating among the ECUs in the vehicle is according to the method or the process of the embodiment of the disclosure.
In a second aspect, the present invention discloses a readable storage medium having stored therein computer program instructions which, when read and executed by a processor, perform the steps of the inter-ECU identity authentication and key self-updating method disclosed in the first aspect.
Compared with the prior art, the invention has the following beneficial effects:
1, the identity authentication of the ordinary ECU is carried out after the vehicle is electrified, firstly, the ordinary ECU to be tested is preliminarily identified by searching through the ID number, and then the message to be tested is decrypted by searching for a current key to determine whether the ordinary ECU to be tested is the legal ordinary ECU, so that the illegal ordinary ECU is screened and excluded, and the safety of the vehicle interior is greatly improved; the gateway ECU plays a role of an authoritative third party, performs unified identity authentication on M common ECUs to be tested, does not need identity authentication operation, and reduces the calculation overhead pressure of the common ECUs to be tested.
2, the invention completes mutual authentication of the two parties in a challenge response mode, wherein the first stepmThe common ECU to be tested processes and transmits back to the firstmIndividual messages to be checkedD m In the case of the random number RAND, the challenge and response operations are included, and the random number RAND is not directly transmitted m But encrypts and transmits the firstmThe number of calculation valuesA m Even if the data is stolen, the random number RAND cannot be directly obtained m The safety is further improved.
3, the secret key of the invention updates the secret key according to the current communication times or the current working time length reaching the corresponding threshold value as an updating condition, and unilateral updating can be carried out without communication negotiation of the two parties; and the peak staggering updating effect CAN be achieved, the unified updating condition is avoided, and the load pressure of the CAN bus is reduced.
And 4, the new key is obtained by adopting the current key, the current communication times and the current working time through simple calculation, the cost is low, and the influence on the load pressure of the ECU is also small. And the current communication times and the current working time are determined by the running state of the vehicle, so that the randomness is high, and the safety of the new key obtained by updating each time is greatly improved.
Drawings
FIG. 1 is a diagram of an in-vehicle rack provided in embodiment 1 of the present invention;
FIG. 2 is a block diagram of the gateway time module of FIG. 1;
FIG. 3 is a block diagram of the common time module of FIG. 1;
fig. 4 is a flowchart of a method for identity authentication and key self-updating between ECUs in a vehicle provided in embodiment 1 of the present invention;
fig. 5 is a flowchart of another method for identity authentication and key self-updating between ECUs in a vehicle provided in embodiment 1 of the present invention;
FIG. 6 is a flowchart of the identity authentication between the ECUs in the vehicle in FIG. 4;
fig. 7 is a specific flowchart of the self-updating of the key in fig. 6.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It is noted that when an element is referred to as being "mounted to" another element, it can be directly on the other element or intervening elements may also be present. When an element is referred to as being "disposed on" another element, it can be directly on the other element or intervening elements may also be present. When an element is referred to as being "secured to" another element, it can be directly secured to the other element or intervening elements may also be present.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "or/and" as used herein includes any and all combinations of one or more of the associated listed items.
Example 1
First, the method for identity authentication and key self-updating between in-vehicle ECUs provided in embodiment 1 is applied to a vehicleGIs provided. Referring to fig. 1, a frame structure in a vehicle is shown. The vehicle interior network architecture comprises a gateway ECU,MA plurality of common ECUs to be tested;Mand the common ECUs to be tested are communicated with the gateway ECU through the CAN bus.
The gateway ECU comprises a total information storage module, a total communication module, a gateway encryption and decryption module and a gateway time module. The total information storage module is used for storing the vehicleGAll legal common ECU ID numbers and corresponding current keys. That is, the gateway ECU prestores the vehicleGAll legal common ECU ID numbers and corresponding current keys. Typically, the information may be stored in the form of a table, such as table 1, by the manufacturer before the vehicle leaves the factory. Of course, other items may be added to the information table. Referring to table 1, the information table contains a general ECU name, an ID number, a class of current keys, the number of times of communication with the gateway ECU, and the like.
Table 1 information table
If all legal common ECUs areNAnd then the information table hasNLine (1)nThe row corresponds to the firstnA common ECU is provided with a plurality of control units,n∈[1,N]。
the total communication module is used for receiving or transmitting information andmand the common ECUs to be tested communicate.m∈[1,M]. A gateway data processing module for generating random number RAND 0 Data processing and is related to the firstmAnd the common ECUs to be tested encrypt or decrypt when communicating.
As shown in fig. 2, the gateway time module includes a gateway timing module and a gateway counting module. The gateway timingThe module is used for recording the working time length of the gateway ECU from 0T 0 The method comprises the steps of carrying out a first treatment on the surface of the The gateway counting module is used for recording the gateway ECU and the first gateway from 0mCommunication times CT between common ECUs to be tested m0→ 。
The gateway timing module automatically starts timing (in the form of minutes and seconds) after the vehicle is electrified; the gateway counting module counts each common ECU to be tested separately, wherein the firstmThe common ECU to be tested corresponds to CT m0→ So that every time the gateway ECU receives a firstmWhen the message of each common ECU to be tested is sent, the message is sent to CT m0→ And performing an addition operation. If at firstmFinally determining the common ECU to be tested as legal common ECU, and correspondingly the first one in the information tablemAnd the number of times of communication with the gateway ECU in the line of the common ECUs to be tested is synchronously updated.
In the first placemThe common ECU to be tested comprises a key storage module, a sub-communication module, a common encryption and decryption module and a common time module.
The key storage module is used for storing the firstmClass II current secret key Ek of each ordinary ECU to be tested m . The sub communication module is used for receiving or sending information and communicating with the gateway ECU. A common data processing module for generating random number RAND m Data processing is performed, and encryption or decryption is performed in communication with the gateway ECU.
As shown in fig. 3, the common time module includes a common timing module and a common counting module. The common timing module is used for recording the first time from 0mWorking time length of each common ECU to be testedT m The method comprises the steps of carrying out a first treatment on the surface of the The common counting module is used for recording the first time from 0mCommunication times CT between common ECU to be tested and gateway ECU m→0 。
Wherein the ordinary timing module automatically starts timing (in the form of minutes and seconds) after the vehicle G is powered up, so that,T m =T 0 the time remains synchronized. Gateway counting module is at the firstmEach time a message is sent to the gateway ECU, the common ECU to be tested performs one adding operation, so that CT m0→ =CT m→0 The number of communications remains uniform.
Based on the in-vehicle network architecture, the method for carrying out identity authentication and key self-updating among in-vehicle ECUs comprises the following steps:
step one, detecting whether the vehicle is electrified; if yes, the second step is performed, and then the third step is performed, or the second step and the third step are performed simultaneously.
Powering up the vehicle means that the vehicle is in an operating state, which is a prerequisite. If not, the first step is carried out again.
Referring to fig. 4, there is shown the case where the second and third steps are performed simultaneously. Referring to fig. 5, a case of first performing the second step and then performing the third step is shown.
And secondly, carrying out identity authentication based on a challenge response mechanism. And thirdly, carrying out data statistics for subsequent self-updating of the key. Selecting the method shown in fig. 5 is more accurate for key self-updating. However, because the time for completing the identity authentication is short, and the gateway ECU and the first gateway ECU perform the identity authenticationmThe data interaction between the individual ordinary ECUs to be tested is at most 2 times, and in practice, it is also possible to select the method described in fig. 4 with little influence on the subsequent self-updating of the key.
Step two, firstly, looking at: in the first placemThe interaction of the common ECUs to be tested and the gateway ECU is illustrated as an example, and the identity authentication method comprises the following steps:
s1, generating a random number RAND by a gateway ECU 0 And broadcast to the CAN busMAnd the common ECU to be tested.
Wherein the random number RAND 0 Is generated by the gateway ECU after power-up is detected. S2, the firstmGenerating random numbers RAND by using common ECUs to be tested m And at the firstmThe common ECU to be tested receives the RAND 0 After combining Ek m ID number ID of mth common ECU to be tested m Calculate the firstmIndividual messages to be checkedD m And then willD m Transmitted back to the gateway ECU.
Wherein the random number RAND m Is powered up after detectionmTo be measured respectivelyAnd generating by a common ECU.
For the followingD m The calculation method comprises the following steps:
s2.1, RAND 0 、RAND m Performing a first type of logic operation to obtain the firstmThe number of calculation valuesA m . One type of logical operation may be to divide the RAND 0 、RAND m Any one of addition, subtraction, exclusive or, exclusive nor, and, or, nand, nor, etc. operations are performed. Thus, the simple operation ensures that the computing load does not influence the firstmThe common ECU to be tested works, so that the safety of data transmission is improved. In this embodiment 1, an exclusive or operation is adopted.
S2.2, RAND 0 And (3) withA m Connecting to obtain the firstmIntermediate values ofB m 。
B m Can be expressed as RAND 0 ||A m 。
S2.3 with Ek m For a pair ofB m Encryption is carried out to obtain the firstmEach encrypted valueC m 。
C m Can be expressed as Ek m (RAND 0 ||A m )。
S2.4, willC m With ID m Connecting to obtain the firstmIndividual messages to be checkedD m 。
D m Can be expressed as Ek m (RAND 0 ||A m )||ID m 。
Thus obtainedD m Fusion of RAND 0 、RAND m 、Ek m 、ID m Multiple information of (3).
S3, the gateway ECU receives the transmitted backD m Then, firstly according toD m ID in (a) m Find the firstmCurrent secret key Ek of common ECU to be tested m ’。
Referring to the above description of the gateway ECU, a class of current keys is stored in the total information storage module and has a correspondence relationship with the ID number.
WhileD m ID in (a) m Unencrypted, thus (i)mThe common ECU to be tested can read out the ID m . If at firstmThe individual ordinary ECUs to be tested are actually illegal ordinary ECUs, then there may be two cases: first, ID m In the absence of information stored in the total information storage module, i.e. in accordance with ID m Ek cannot be found m ' then it can be directly determined thatmThe common ECUs to be tested are illegal common ECUs. Second, ID m Just in line withNOne of the legal common ECUs has the same ID number, ormThe common ECU to be tested stealsNA certain ID number in the legal common ECU, so that the ID m Identical to the ID number, ek can then be found in the information stored from the total information storage module m ' the first cannot be determined yetmThe common ECUs to be tested are illegal common ECUs.
I.e. if Ek is not found m ' then gateway ECU pairsmThe identity authentication of the common ECU to be tested is not passed, the firstmThe common ECUs to be tested are illegal common ECUs.
If Ek is found m ' then transmit backD m Decryption is performed. If at firstmThe common ECUs to be tested are actually illegal common ECUs, then Ek m ’≠Ek m . Thus, due toD m Using Ek m Encryption, then Ek is used m ' is unable to pairD m Decrypted, or decrypted firstmPersonal decryption valueB m ' ANDB m Is different. That is, only Ek is obtained m ' and Ek m ’=Ek m Can only makeD m Correctly decrypt to obtain the firstmPersonal decryption valueB m ’=RAND 0 ||A m = B m 。
But due to no gateway ECUB m Cannot be usedB m And (3) withB m ' alignment is performed. The invention adopts comparisonB m ' whether there is RAND in 0 Mode of (1) -ifD m Correctly decrypt outB m ', thenB m ’=RAND 0 ||A m ,B m RAND in 0 Is not encrypted, so the gateway ECU can read out the RAND 0 And with RAND generated by gateway ECU 0 Comparing, if the two are consistent, then explainingB m ' there is RAND in 0 Also reversely describeB m ' is correct, gateway ECU pairsmIdentity authentication of the common ECU to be tested is passed, the firstmThe common ECUs to be tested are legal common ECUs. Of course, ifB m ' lack of RAND in 0 Is reversely describedB m ' is wrong, gateway ECU pairsmIdentity authentication of the common ECU to be tested is not passed, the firstmThe common ECUs to be tested are illegal common ECUs.
So far, the identity authentication flow on the gateway ECU side is ended.
In the above process, for RAND 0 For the RAND, the gateway ECU 0 Broadcasting can be considered as the first challenge in the challenge-response mechanism. First, themThe common ECU to be tested receives and aligns with the RAND 0 After the relevant operation, the first response in the challenge-response mechanism can be regarded as the first response.
For RAND m In other words, the firstmThe common ECU to be tested will RAND m After the relevant operation, the second challenge in the challenge-response mechanism can be regarded as the second challenge. While in the design principle of mechanism, for the firstmThe common ECU to be tested can also enterThe authentication result, namely the second response, is known to be that the gateway ECU will RAND m Re-issue to the firstmAnd the common ECU to be tested (identity authentication is also passed at the moment).
That is, referring to fig. 6, step two may further include:
s4, ifB m ' there is RAND in 0 Will alsoB m ' and RAND 0 Verifying to obtain the firstmIndividual verification valuesA m ’And (2) andA m ’=A m ;
will beA m ’And RAND (RAND) 0 Performing inverse operation to obtain RAND m Reuse of Ek m ' against-the-inverse operated RAND m Encryption to obtain the firstmEach encrypted valueE m And send to the firstmA plurality of common ECUs to be tested;
the inverse operation here is directed to a simple operation of S2.1, the purpose of which is based onA m ’Obtaining RAND m . Then use Ek m ' encryption is carried out to obtainE m =Ek m ’(RAND m ) In order to ensure the security of data transmission.
In the first placemThe common ECU to be tested receivesE m After that, use Ek m For a pair ofE m Decrypting to obtain the firstmPersonal decryption valueF m And (2) andF m =RAND m then (1)mThe individual ordinary ECUs to be tested are notified that the identity authentication has been passed.
Due to Ek m ’=Ek m Can successfully decrypt and further make the firstmThe ordinary ECUs to be tested are informed of passing the identity authentication, so that the ordinary ECUs to be tested can successfully communicate with the gateway RCU in the follow-up process.
Looking back to step three, the working time length of the gateway ECU is recorded from 0T 0 And (b) the firstmCommunication times CT between common ECUs to be tested m0→ . Record the first from 0mWorking time length of each common ECU to be testedT m Number of communications CT with gateway ECU m→0 。
See the description of the gateway time module and the common time module, which respectively bear the gateway ECU side and the first timemAnd the data recording work of the common ECU side to be tested.
All are performed synchronously, soT 0 =T m ,CT m0→ =CT m→0 。
In practice, the recording is started from 0, that is, the clear operation is performed first, and then the recording is started. The data thus recorded can be used directly without additional difference calculation.
Step four, referring to FIG. 7, CT is acquired m0→ 、T 0 、CT m→0 、T m 。
When (when)T 0 Exceeding a preset time threshold or CT m0→ When the preset times threshold value is exceeded, combining CT m0→ 、T 0 、Ek m Calculation of New Key NEk m And to Ek m Updating; combining CT m→0 、T m 、Ek m ' New Key calculation NEk m ' parallel to Ek m ' update.
And after all the updating is finished, returning to the step three. Here, returning to step three, the data recording is restarted from 0, and a loop is actually formed.
Therein, NEk m 、NEk m The' calculation method is the same:
1,NEk m the calculation method of (1) is as follows:
will beT 0 、CT m0→ Connecting to obtain a connection valueG 0 The method comprises the steps of carrying out a first treatment on the surface of the Will beG 0 And Ek m Performing second-class logic operation to obtain NEk m And replace Ek m 。
2,NEk m The' calculation method is as follows:
will beT m 、CT m→0 Connecting to obtain a connection valueH 0 The method comprises the steps of carrying out a first treatment on the surface of the Will beH 0 And Ek m ' go andG 0 、Ek m the same class of logic operations result in NEk m ' replace Ek again m ’。
Similar to one type of logical operation, the two types of logical operations may be any of an addition operation, a subtraction operation, an exclusive-or operation, an or operation, a nand operation, a nor operation, and the like. Referring to fig. 7, in the present embodiment 1, the second-class logical operation adopts exclusive or.
Thus obtainedG 0 =H 0 ,NEk m =NEk m '. Thus for gateway ECU, the firstmThe updated key is the same for the common ECU under test, although not negotiated.
And for an inspection ofT 0 Exceeding a preset time threshold or CT m0→ The preset number of times threshold is exceeded because:
if the ECU communication frequency is low, CT m0→ The amount of increase is small and the time required to exceed the preset number of times threshold is long, so that the risk of cracking the key is increased without updating the key for a long time. For this case, set upT 0 And updating after exceeding a preset time threshold. If the ECU communication frequency is high, which means that there are a sufficient number of times of communication, then the greater number of times of communication in the same key case will increase the risk of the key being cracked. For this case, T is set m0→ And updating after exceeding a preset time threshold.
Thus, if the common ECU passing the identity authentication hasQAnd, thisQThe current communication times of the common ECU and the gateway ECU are not necessarily the same, and randomness exists. Thus, set T m0→ Updating is performed when the threshold value exceeds the preset times, so that peak staggering updating can be realized, and avoidingQThe common ECUs unify the updating conditions, so that the load pressure of the CAN bus CAN be reduced.
And the new key is obtained by simple operation of the current key, the current communication times and the current working time before updating. That is, when the current communication times meet the threshold value exceeding the preset times, the current working time is random; when the current working time exceeds a preset time threshold, the current communication times are random; therefore, the new key generated based on the method is irregular and has high security.
Example 2
Embodiment 2 also discloses a readable storage medium, in which computer program instructions are stored, and when the computer program instructions are read and executed by a processor, the steps of the inter-ECU identity authentication and key self-updating method disclosed in embodiment 1 are executed.
The method of embodiment 1 may be applied in the form of software, such as a program designed to be independently executable on a computer-readable storage medium, which may be a usb disk, through which the program is designed to start the entire method by external triggering.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the invention, which are described in detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.
Claims (10)
1. An identity authentication and key self-updating method between in-vehicle ECUs (electronic control units) is applied to vehiclesGIs in the vehicle interior network architecture; the in-vehicle network architecture comprises a gateway ECU,MTo wait forMeasuring a common ECU;Mthe common ECUs to be tested communicate with the gateway ECU through the CAN bus, and are characterized in that,
the gateway ECU stores a vehicleGAll legal ID numbers of common ECU and corresponding current keys; first, themThe common ECU to be tested stores a second class current secret key Ek m ;m∈[1,M];
The method for identity authentication and secret key self-updating among the ECUs in the vehicle comprises the following steps:
step one, detecting a vehicleGWhether to power up; if yes, the second step is firstly carried out, and then the third step is carried out, or the second step and the third step are carried out simultaneously;
step two, the gateway ECU generates a random number RAND 0 And broadcast to the CAN busMA plurality of common ECUs to be tested;
first, themGenerating random numbers RAND by using common ECUs to be tested m And at the firstmThe common ECU to be tested receives the RAND 0 After combining Ek m ID number ID of mth common ECU to be tested m Calculate the firstmIndividual messages to be checkedD m And then willD m Transmitting back to the gateway ECU;
wherein, D m the calculation method of (1) is as follows:
s2.1, RAND 0 、RAND m Performing a first type of logic operation to obtain the firstmThe number of calculation valuesA m ;
S2.2, RAND 0 And (3) withA m Connecting to obtain the firstmIntermediate values ofB m ;
S2.3 with Ek m For a pair ofB m Encryption is carried out to obtain the firstmEach encrypted valueC m ;
S2.4, willC m With ID m Connecting to obtain the firstmIndividual messages to be checkedD m ;
Gateway ECU receives the transmitted backD m Then, firstly according toD m ID in (a) m Find the firstmCurrent secret key Ek of common ECU to be tested m 'A'; if Ek is found m ' then transmit backD m Decrypting; if decryption obtainsmPersonal decryption valueB m ', comparisonB m ' whether there is RAND in 0 The method comprises the steps of carrying out a first treatment on the surface of the If it isB m ' there is RAND in 0 The gateway ECU pairsmThe identity authentication of the common ECU to be tested is passed;
step three, recording the working time length of the gateway ECU from 0T 0 And (b) the firstmCommunication times CT between common ECUs to be tested m0→ The method comprises the steps of carrying out a first treatment on the surface of the Record the first from 0mWorking time length of each common ECU to be testedT m Number of communications CT with gateway ECU m→0 The method comprises the steps of carrying out a first treatment on the surface of the Wherein, T 0 =T m ,CT m0→ =CT m→0 ;
step four, CT is acquired m0→ 、T 0 、CT m→0 、T m ;
When (when)T 0 Exceeding a preset time threshold or CT m0→ When the preset times threshold value is exceeded, combining CT m0→ 、T 0 、Ek m Calculation of New Key NEk m And to Ek m Updating; combining CT m→0 、T m 、Ek m ' New Key calculation NEk m ' parallel to Ek m ' update; therein, NEk m 、NEk m ' the calculation mode is the same;
and after all the updating is finished, returning to the step three.
2. The method for identity authentication and key self-updating between in-vehicle ECUs according to claim 1, wherein the gateway ECU comprises:
total information storage module for storing vehiclesGAll legal common ECU ID numbers and corresponding current keysThe method comprises the steps of carrying out a first treatment on the surface of the A total communication module for receiving or transmitting information, andmthe common ECUs to be tested communicate;
a gateway data processing module for generating random number RAND 0 Data processing and is related to the firstmEncrypting or decrypting when the common ECUs to be tested communicate;
and
the gateway time module comprises a gateway timing module and a gateway counting module; the gateway timing module is used for recording the working time of the gateway ECU from 0T 0 The method comprises the steps of carrying out a first treatment on the surface of the The gateway counting module is used for recording the gateway ECU and the first gateway from 0mCommunication times CT between common ECUs to be tested m0→ 。
3. The method for identity authentication and key self-updating between in-vehicle ECUs according to claim 1, wherein the first step is thatmThe common ECU to be tested includes:
a key storage module for storing the firstmClass II current secret key Ek of each ordinary ECU to be tested m ;
A sub communication module for receiving or transmitting information, communicating with the gateway ECU;
a common data processing module for generating random number RAND m Data processing is performed, and encryption or decryption is performed in communication with the gateway ECU;
and
the common time module comprises a common timing module and a common counting module; the common timing module is used for recording the first time from 0mWorking time length of each common ECU to be testedT m The method comprises the steps of carrying out a first treatment on the surface of the The common counting module is used for recording the first time from 0mCommunication times CT between common ECU to be tested and gateway ECU m→0 。
4. The method for authenticating an inter-ECU identity and automatically updating a key according to claim 1, wherein in step one, if not, step one is performed again.
5. The method for identity authentication and key self-updating between ECU' S in a vehicle according to claim 1, wherein in S2.1, one type of logical operation includes, but is not limited to, addition operation, subtraction operation, exclusive or operation, exclusive nor operation, and operation, or operation, nand operation, or operation.
6. The method for identity authentication and key self-updating between ECU's in a vehicle according to claim 1, wherein step two further comprises:
if it isB m ' there is RAND in 0 Will alsoB m ' and RAND 0 Verifying to obtain the firstmIndividual verification valuesA m ’And (2) andA m ’=A m ;
will beA m ’And RAND (RAND) 0 Performing inverse operation to obtain RAND m Reuse of Ek m ' against-the-inverse operated RAND m Encryption to obtain the firstmEach encrypted valueE m And send to the firstmA plurality of common ECUs to be tested;
in the first placemThe common ECU to be tested receivesE m After that, use Ek m For a pair ofE m Decrypting to obtain the firstmPersonal decryption valueF m And (2) andF m =RAND m then (1)mThe individual ordinary ECUs to be tested are notified that the identity authentication has been passed.
7. The method for identity authentication and key self-updating between ECU's in a vehicle according to claim 5, wherein in step two:
if Ek is not found m ', orB m ' lack of RAND in 0 The gateway ECU pairsmThe identity authentication of the common ECU to be tested is not passed.
8. The method for identity authentication and key self-updating between ECU's in a vehicle according to claim 1, wherein NEk m The calculation mode of (a) is as follows:
will beT 0 、CT m0→ Connecting to obtain a connection valueG 0 ;
Will beG 0 And Ek m Performing second-class logic operation to obtain NEk m And replace Ek m ;
NEk m The' calculation mode is as follows:
will beT m 、CT m→0 Connecting to obtain a connection valueH 0 ;
Will beH 0 And Ek m ' go andG 0 、Ek m the same class of logic operations result in NEk m ' replace Ek again m ’;
Wherein, G 0 =H 0 ,NEk m =NEk m ’。
9. the method for identity authentication and key self-updating between ECU's in a vehicle according to claim 8, wherein said second type of logical operation includes, but is not limited to, addition operation, subtraction operation, exclusive or operation, exclusive nor operation, and operation, or operation, nand operation, nor operation.
10. A readable storage medium having stored therein computer program instructions which, when read and executed by a processor, perform the steps of the inter-ECU identity authentication and key self-updating method as claimed in any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311061224.9A CN116781263B (en) | 2023-08-23 | 2023-08-23 | Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311061224.9A CN116781263B (en) | 2023-08-23 | 2023-08-23 | Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116781263A CN116781263A (en) | 2023-09-19 |
| CN116781263B true CN116781263B (en) | 2023-10-20 |
Family
ID=88006694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311061224.9A Active CN116781263B (en) | 2023-08-23 | 2023-08-23 | Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116781263B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2013155505A (en) * | 2012-01-27 | 2013-08-15 | Tokai Rika Co Ltd | Communication object authentication system |
| CN106533655A (en) * | 2016-10-27 | 2017-03-22 | 江苏大学 | Method for secure communication of ECUs (Electronic control unit) in a vehicle network |
| KR101740957B1 (en) * | 2016-01-15 | 2017-05-30 | 고려대학교 산학협력단 | Data certification and acquisition method for vehicle |
| US9705678B1 (en) * | 2014-04-17 | 2017-07-11 | Symantec Corporation | Fast CAN message authentication for vehicular systems |
| CN107483393A (en) * | 2016-11-22 | 2017-12-15 | 宝沃汽车(中国)有限公司 | Communication means, server and the communication system of car networking |
| CN108292993A (en) * | 2015-09-18 | 2018-07-17 | 翠里姆股份有限公司 | For improve computer network computer execute encryption method and for its terminal, system and computer-readable medium |
| US10218499B1 (en) * | 2017-10-03 | 2019-02-26 | Lear Corporation | System and method for secure communications between controllers in a vehicle network |
| CN110086622A (en) * | 2018-01-25 | 2019-08-02 | 南京汽车集团有限公司 | In-vehicle network security architecture designs under a kind of intelligent network connection environment |
| CN112636923A (en) * | 2020-12-23 | 2021-04-09 | 江苏徐工工程机械研究院有限公司 | Engineering machinery CAN equipment identity authentication method and system |
| CN112994898A (en) * | 2021-04-08 | 2021-06-18 | 北京邮电大学 | Vehicle intranet communication safety authentication method and device |
| CN115190477A (en) * | 2022-05-19 | 2022-10-14 | 西安电子科技大学 | Vehicle intranet ECU (electronic control unit) hierarchical authentication method based on dynamic key |
| WO2023087423A1 (en) * | 2021-11-18 | 2023-05-25 | 成都市卡蛙科技有限公司 | In-vehicle network ota security communication method and apparatus, vehicle-mounted system, and storage medium |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2005196568A (en) * | 2004-01-08 | 2005-07-21 | Denso Corp | Method and device for vehicle component management, method and device for updating vehicle component management data, and vehicle component management center |
| DE102015209116A1 (en) * | 2015-05-19 | 2016-11-24 | Robert Bosch Gmbh | Method and update gateway for updating an embedded controller |
| JP6684690B2 (en) * | 2016-01-08 | 2020-04-22 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America | Fraud detection method, monitoring electronic control unit and in-vehicle network system |
| US10701102B2 (en) * | 2017-10-03 | 2020-06-30 | George Mason University | Hardware module-based authentication in intra-vehicle networks |
| JP2019140577A (en) * | 2018-02-13 | 2019-08-22 | 株式会社デンソー | Electronic control device and communication system |
| US20210347331A1 (en) * | 2018-09-27 | 2021-11-11 | Honda Motor Co., Ltd. | Vehicle control system and application execution device |
| CN111835627B (en) * | 2019-04-23 | 2022-04-26 | 华为技术有限公司 | Communication method of vehicle-mounted gateway, vehicle-mounted gateway and intelligent vehicle |
-
2023
- 2023-08-23 CN CN202311061224.9A patent/CN116781263B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2013155505A (en) * | 2012-01-27 | 2013-08-15 | Tokai Rika Co Ltd | Communication object authentication system |
| US9705678B1 (en) * | 2014-04-17 | 2017-07-11 | Symantec Corporation | Fast CAN message authentication for vehicular systems |
| CN108292993A (en) * | 2015-09-18 | 2018-07-17 | 翠里姆股份有限公司 | For improve computer network computer execute encryption method and for its terminal, system and computer-readable medium |
| KR101740957B1 (en) * | 2016-01-15 | 2017-05-30 | 고려대학교 산학협력단 | Data certification and acquisition method for vehicle |
| CN106533655A (en) * | 2016-10-27 | 2017-03-22 | 江苏大学 | Method for secure communication of ECUs (Electronic control unit) in a vehicle network |
| CN107483393A (en) * | 2016-11-22 | 2017-12-15 | 宝沃汽车(中国)有限公司 | Communication means, server and the communication system of car networking |
| US10218499B1 (en) * | 2017-10-03 | 2019-02-26 | Lear Corporation | System and method for secure communications between controllers in a vehicle network |
| CN110086622A (en) * | 2018-01-25 | 2019-08-02 | 南京汽车集团有限公司 | In-vehicle network security architecture designs under a kind of intelligent network connection environment |
| CN112636923A (en) * | 2020-12-23 | 2021-04-09 | 江苏徐工工程机械研究院有限公司 | Engineering machinery CAN equipment identity authentication method and system |
| CN112994898A (en) * | 2021-04-08 | 2021-06-18 | 北京邮电大学 | Vehicle intranet communication safety authentication method and device |
| WO2023087423A1 (en) * | 2021-11-18 | 2023-05-25 | 成都市卡蛙科技有限公司 | In-vehicle network ota security communication method and apparatus, vehicle-mounted system, and storage medium |
| CN115190477A (en) * | 2022-05-19 | 2022-10-14 | 西安电子科技大学 | Vehicle intranet ECU (electronic control unit) hierarchical authentication method based on dynamic key |
Non-Patent Citations (7)
| Title |
|---|
| Wang, XY (Wang, Xinyang) [1] * |
| Xue, HB (Xue, Haibo) [1] ; Wang, CS (Wang, Changsheng) [1] * |
| Yang, TZ (Yang, Tiezao) [1] * |
| Yuan, L (Yuan, Lei).Research on Fitting Method for Flow Characteristics of Small Injection Pulse Width of Injector.《International Conference on Renewable Energy and Environmental Technology (REET 2013)》.2014,全文. * |
| Zeliang hao ; Youqin chen ; Tinglong pan ; Weilin yang ; Xichao zhou.Model Predictive Control Method for Warship DC Micro-Grid Based on Finite Control Set.《INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL》.2023,全文. * |
| 石琴 ; 潘廷亮 ; 程腾 ; 王川宿 ; 张星. 面向车云网量子加密通信架构的轻量化身份认证方案研究.《汽车技术》.2023,全文. * |
| 石琴,鲁康源,程腾,王川宿,张星,许佩玲.基于量子密钥的车-云加密通信架构研究.《汽车工程》.2023,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116781263A (en) | 2023-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230224145A1 (en) | End-to-end communication security | |
| CN109076078B (en) | Method for establishing and updating a key for secure on-board network communication | |
| US10708062B2 (en) | In-vehicle information communication system and authentication method | |
| CN107770159B (en) | Vehicle accident data recording method and related device and readable storage medium | |
| CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
| EP1882346B1 (en) | Communication protocol and electronic communication system, in particular authentication control system, as well as corresponding method | |
| CN111181928B (en) | Vehicle diagnosis method, server, and computer-readable storage medium | |
| US11228438B2 (en) | Security device for providing security function for image, camera device including the same, and system on chip for controlling the camera device | |
| CN108650220B (en) | Method and equipment for issuing and acquiring mobile terminal certificate and automobile end chip certificate | |
| JP2014204444A (en) | Method and device for detecting manipulation of sensor and/or sensor data of the sensor | |
| CN110149209B (en) | Internet of things equipment and method and device for improving data transmission safety of Internet of things equipment | |
| CN107508791B (en) | Terminal identity verification method and system based on distributed key encryption | |
| CN108243176B (en) | Data transmission method and device | |
| CN111064572B (en) | Data communication method and device | |
| CN110336673B (en) | Block chain design method based on privacy protection | |
| CN114793184B (en) | Security chip communication method and device based on third-party key management node | |
| CN110690956A (en) | Bidirectional authentication method and system, server and terminal | |
| CN112398894A (en) | Safety verification method and device for vehicle | |
| CN116781263B (en) | Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium | |
| KR102236282B1 (en) | Method and system for authenticating communication data of vehicle | |
| KR102415628B1 (en) | Method and apparatus for authenticating drone using dim | |
| CN113434837B (en) | Method and device for equipment identity authentication and smart home system | |
| CN104883260A (en) | Certificate information processing and verification methods, processing terminal, and verification server | |
| CN103179088A (en) | Protection method and protection system of common gateway interface business | |
| CN107682380B (en) | Cross authentication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |