CN116938533A - Encryption and decryption signature verification system, method, device and medium in automobile OTA process - Google Patents
Encryption and decryption signature verification system, method, device and medium in automobile OTA process Download PDFInfo
- Publication number
- CN116938533A CN116938533A CN202310760009.1A CN202310760009A CN116938533A CN 116938533 A CN116938533 A CN 116938533A CN 202310760009 A CN202310760009 A CN 202310760009A CN 116938533 A CN116938533 A CN 116938533A
- Authority
- CN
- China
- Prior art keywords
- signature
- ota
- upgrade package
- certificate
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 77
- 238000012795 verification Methods 0.000 title claims abstract description 58
- 230000008569 process Effects 0.000 title claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 238000013461 design Methods 0.000 claims abstract description 6
- 238000004422 calculation algorithm Methods 0.000 claims description 18
- 238000012423 maintenance Methods 0.000 claims description 10
- 238000004891 communication Methods 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 4
- 230000001960 triggered effect Effects 0.000 claims description 3
- 238000004519 manufacturing process Methods 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000005265 energy consumption Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to an encryption and decryption signature verification system, method, device and medium in the process of an automobile OTA, wherein the method comprises encryption and decryption, signature verification and certificate system design of an OTA full link; ensuring that the upgrade package in the transmission channel is encrypted, ensuring that the upgrade package transmitted to the vehicle end is credible, and finally finishing OTA upgrade in the safety link; the system mainly comprises an OTA server, a Web front end, a vehicle end upper computer and a PKI server; transmitting the upgrade package to an OTA server, wherein the OTA server is responsible for encrypting and signing the upgrade package, encrypting the upgrade package and a generated signature file into a zip package, and pushing the zip package to a vehicle-end upper computer; the vehicle-end upper computer completes the authenticity verification of the upgrade package; the application uses the certificate in PKI system, the system is perfect, the functional link is clear, and the whole management of the certificate is convenient; the authenticity of the upgrade package is checked, and the safety of the transmission link is ensured.
Description
Technical Field
The application belongs to the technical field of automobile electronics, and particularly relates to an encryption and decryption signature verification system, method, device and medium in an automobile OTA process.
Background
In the automotive industry, the role of automotive OTA is increasingly important. In the OTA process, a verification mechanism of information security is particularly important, and an upgrade package is protected from being stolen, so that the upgrade security of a user is ensured, and therefore, how to design a reasonable and reliable decryption and signature verification mechanism in the automobile OTA process becomes a current problem to be solved urgently.
Patent document CN114327560a discloses a method, a device and an electronic device for estimating energy consumption of OTA upgrade of a vehicle, and the method and the device specifically analyze an OTA upgrade package after the vehicle receives the OTA upgrade package, and determine the number of a plurality of ECUs to be upgraded and the data volume of the upgrade package corresponding to each ECU; calculating the estimated time required by each ECU for upgrading according to the data volume of each upgrading packet and the upgrading time of the unit data volume; and calculating the total power consumption of the upgrade according to the upgrade mode, the required power and the estimated time required by the upgrade of each ECU. According to the scheme, the estimated power consumption required by the OTA upgrading of the vehicle can be obtained, whether the SOC of the current low-voltage storage battery meets the upgrading requirement can be judged according to other constraint conditions, and necessary measures can be taken according to the judging result, so that the occurrence of OTA upgrading failure can be avoided.
The patent document is an energy consumption estimation method in the OTA upgrading process, and is not an encryption, decryption and signature verification mechanism.
Patent document CN114158035a relates to a pushing method and device of an OTA upgrade message, by obtaining information of an OTA upgrade package of a vehicle and determining a type of the OTA upgrade package according to the information of the OTA upgrade package, wherein the type of the OTA upgrade package comprises a full package and/or a differential package, at least one of a current position, schedule information and system log information of the vehicle is obtained, and according to the at least one of the current position, schedule information and system log information and the type of the OTA upgrade package, the OTA upgrade message conforming to an actual driving situation of the user is pushed to the user through a display device of the vehicle, so that the OTA upgrade message is prevented from being pushed when the user is inconvenient to upgrade software, the situation that software upgrade cannot be performed is reduced, and further OTA upgrade efficiency and user experience are improved.
The above patent document is a message pushing method for OTA upgrade, and is not encryption and decryption in the process of OTA upgrade.
Patent document CN114218594a provides an encryption and decryption initialization configuration method, an edge, an encryption and decryption platform and a security system, and relates to the technical field of data processing. The method comprises the following steps: the edge end generates a public key and a private key of an asymmetric encryption and decryption algorithm, the public key is sent to the encryption and decryption platform, the edge end encrypts key related data of the symmetric encryption and decryption algorithm required by the encryption and decryption platform through the private key of the asymmetric encryption and decryption algorithm, the key related data is sent to the encryption and decryption platform, and the encryption and decryption platform decrypts the key related data according to the public key of the asymmetric encryption and decryption algorithm to complete initialization configuration. In the method, key related data required by the encryption and decryption platform can be encrypted by a private key of an asymmetric encryption and decryption algorithm with higher decryption difficulty at the edge end and then transmitted to the encryption and decryption platform, and the encrypted key related data can only be decrypted by a public key of the asymmetric encryption and decryption algorithm, so that the key related data is not easy to steal in the transmission process, and the security of the key related data is improved.
The patent document provides an encryption and decryption platform and a security system, but not an encryption and decryption and security signature mechanism in the OTA upgrading process.
Patent document CN110061841B proposes a signature method, a signature verification method and a device. A method of signing comprising: performing first hash operation on a preset signature message to obtain a first hash value, and performing second hash operation on the preset signature message to obtain a second hash value; according to a first signature algorithm, carrying out signature processing on the first hash value by using a first private key to obtain a first hash value signature, and according to a second signature algorithm, carrying out signature processing on the second hash value by using a second private key to obtain a second hash value signature; and sending the preset signature message, the first hash value signature and the second hash value signature to a signature verification party, so that the signature verification party performs signature verification according to the preset signature message, the first hash value signature and the second hash value signature. By adopting the scheme to process the signature message, the signature verification difficulty of the signature message can be improved, so that the signature safety is improved.
The above patent document is a signature method, signature verification method and device, and not a signature mechanism in the OTA process.
Disclosure of Invention
The application provides an encryption and decryption signature verification system, an encryption and decryption signature verification method, an encryption and decryption signature verification device and a medium in an automobile OTA process. The upgrade package in the transmission channel is ensured to be encrypted, the upgrade package transmitted to the vehicle end is ensured to be credible, and finally, a user can finish OTA upgrade in a secure link.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
The system mainly comprises an OTA server, a Web front end, a vehicle-end upper computer and a PKI server. The Web front end is operated by an OTA operation and maintenance personnel, the OTA operation and maintenance personnel transmits an upgrade package to an OTA server, the OTA server is responsible for encrypting and signing the upgrade package, the upgrade package and a generated signature file are made into a zip package for encryption, and finally the zip package is pushed to an upper computer at the vehicle end. And the vehicle-end upper computer completes the authenticity verification of the upgrade package. And the PKI server releases the signature certificate of the server to the OTA server, and the OTA server is deployed at the cloud. The PKI server also deploys the root certificate in the vehicle-end upper computer for signature verification.
The PKI server cloud generates certificates of the private key and the public key and sends the certificates to the OTA server, and the OTA server deploys the private key and the certificates on the server. The Web front end uploads an upgrade package to a file server, and the OTA server signs the upgrade package and puts a signature certificate and a signature result into the upgrade package to generate a total upgrade package.
PKI server: for generating and issuing certificates;
the file server belongs to the OTA server.
The upgrade package is then encrypted. The server pushes the encrypted upgrade package to the vehicle end, the vehicle end decrypts the upgrade package after receiving the upgrade package, then verifies and signs the signature certificate of the cloud, decrypts the signature result by using the signature certificate after confirming the credibility, and verifies whether the signature result is correct. So far, the vehicle end completes the authenticity verification of the upgrade package.
An encryption and decryption signature verification system in an automobile OTA process comprises an OTA server, a Web front end, an automobile end upper computer and a PKI server;
the Web front end is operated by an OTA operation and maintenance personnel, the OTA operation and maintenance personnel transmits an upgrade package to an OTA server, the OTA server is responsible for encrypting and signing the upgrade package, the upgrade package and a generated signature file are made into a zip package for encryption, and finally the zip package is pushed to an upper computer at the vehicle end; the vehicle-end upper computer completes the authenticity verification of the upgrade package; the PKI server releases the signature certificate to the OTA server, and the OTA server is deployed at the cloud end; the PKI server also deploys the root certificate in the vehicle-end upper computer for signature verification.
Further, the PKI server cloud generates certificates of the private key and the public key, sends the certificates to the OTA server, and deploys the private key and the certificates on the OTA server.
Further, the Web front end uploads an upgrade package to an OTA server, and the OTA server signs the upgrade package uploaded by the Web front end and puts a signature certificate and a signature result into the upgrade package to generate a total upgrade package; then encrypting the upgrade package uploaded by the WEB front end; the OTA server pushes the encrypted upgrade package to the vehicle end, the vehicle end decrypts the upgrade package after receiving the upgrade package, then verifies and signs the signature certificate of the cloud, decrypts the signature result by using the signature certificate after confirming the credibility, and verifies whether the signature result is correct; so far, the vehicle end completes the authenticity verification of the upgrade package.
An encryption, decryption and signature verification method in the process of an automobile OTA comprises encryption, decryption, signature verification and certificate system design of an OTA full link; the upgrade package in the transmission channel is ensured to be encrypted, the upgrade package transmitted to the vehicle end is ensured to be credible, and finally, a user can finish OTA upgrade in a secure link.
The OTA full link refers to the whole process from certificate issuing to vehicle end verification, and the OTA server is only one ring in the full link.
Further, the source of the upgrade package in the OTA server is that OTA operation and maintenance personnel enter from the Web front end, signature certificates from PKI servers are deployed in the OTA server, the OTA server signs the upgrade package by using the signature certificates, and the whole upgrade package is encrypted after the signing; and after receiving the encrypted upgrade package, the vehicle-end upper computer decrypts the upgrade package, and uses the root certificate from the PKI server to check the upgrade package.
The encryption and decryption signature verification method in the automobile OTA process specifically comprises the following steps:
1. applying for a signature certificate and a private key corresponding to the signature certificate, and manufacturing an included private key pfx file and an included signature certificate pem file; the issuing step of the vehicle-end temporary certificate and the cloud communication certificate is consistent with the signature certificate.
2. Deploying the signature certificate and the private key on an OTA server;
3. uploading an upgrade package at a Web end;
4. the OTA server signs the upgrade package: the detailed steps are that the OTA server uses SHA512 algorithm to calculate the digest value of the upgrade package, then uses private key to encrypt the digest value by AES128 symmetric encryption algorithm, and the obtained result is signature.
5. And (3) writing the signature value obtained in the step (4) into xl4-signature. Txt by the OTA server to obtain a signature file.
6. The OTA server generates a task package, wherein the task package comprises signature certificate signature.p7, signature file xl4-signature.txt and task related configuration information of the OTA server.
7. The OTA server encrypts the task package and stores the task package in the OTA server; after the task is triggered, the vehicle end downloads the encrypted task package, and transmits the symmetric encryption key and the encryption mode to the vehicle end through the https channel.
8. After the downloading of the vehicle end is completed, the encryption task package is decrypted by using the symmetric encryption key and the encryption mode.
9. The vehicle end uses a preset secondary root certificate to check and sign the signature certificate of the OTA server;
10. and (3) using the signature certificate passed by signature verification in the step (9) to verify the signature value of the task package obtained in the step (4).
Further, the specific steps of signature verification in the step 9 are as follows: because the signature value in the signature certificate is obtained by encrypting the digest value of the specific part of the signature certificate by using the specific private key generated by the PKI server, the signature value is decrypted by using the public key of the secondary root certificate preset by the vehicle end to obtain a plaintext digest value, and the digest value calculation is performed by using the same part as the signature certificate, and the two digest values are compared, if the digest values are consistent, the signature verification of the signature certificate is successful.
Further, the step 10 of checking the signature comprises the following detailed steps: decrypting the signature value obtained in the step 7 by using the public key of the signature certificate to obtain a plaintext abstract value, namely an abstract value of the upgrade package; and then, performing digest value calculation on the upgrade package again by using the digest value SHA512 algorithm for calculating the upgrade package in the step 6. Comparing the two abstract values, and if the abstract values are consistent, checking the signature.
An apparatus comprising one or more processors;
a memory for storing one or more programs;
and when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the automobile OTA cloud communication and task triggering method as described above.
A computer readable storage medium having stored thereon a computer program which when executed by a processor implements an over the air, OTA, vehicle-to-cloud communication and task triggering method as described above.
Compared with the prior art, the application has the following advantages and beneficial effects:
the application uses the certificate in PKI system, the system is perfect, the functional link is clear, and the whole management of the certificate by the vehicle factory is convenient.
The application performs authenticity verification on the upgrade package, and ensures the safety of the transmission link.
Drawings
FIG. 1 is a block diagram of the system of the present application.
Fig. 2 is a flow chart of the method of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application become more apparent, the technical solutions in the embodiments of the present application will be described in more detail below with reference to the accompanying drawings in the embodiments of the present application. In the drawings, the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The described embodiments are some, but not all, embodiments of the application. The embodiments described below by referring to the drawings are illustrative and intended to explain the present application and should not be construed as limiting the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application. Embodiments of the present application will be described in detail below with reference to the accompanying drawings.
In the description of the present application, it should be understood that the terms "center," "longitudinal," "lateral," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, merely to facilitate describing the present application and simplify the description, and do not indicate or imply that the devices or elements being referred to must have a specific orientation, be configured and operated in a specific orientation, and therefore should not be construed as limiting the scope of the present application.
As shown in fig. 1, the source of the upgrade package in the OTA server is that the OTA operation and maintenance personnel enter from the Web front end, a signature certificate from the PKI server is deployed in the OTA server, and the OTA server uses the signature certificate to sign the upgrade package, and encrypts the whole upgrade package after signing. And after receiving the encrypted upgrade package, the vehicle-end upper computer decrypts the upgrade package, and uses a root certificate from the PKI server to check the upgrade package.
As shown in fig. 2, the flow chart of the present application is described as follows:
1) The OTA profession applies a signature certificate and a private key corresponding to the signature certificate to PKI system personnel, wherein the signature certificate and the private key are a pair; after the PKI system personnel are manufactured, the personnel give the OTA personnel a pfx file (containing a private key) and a peme file (certificate). The issuing step of the vehicle-end temporary certificate and the cloud communication certificate is consistent with the signature certificate.
2) The OTA professional contacts the vendor and deploys the signature certificate and private key on the OTA server.
3) And the OTA operation and maintenance personnel upload the upgrade package on the Web end.
4) The server signs the upgrade package: the detailed steps are that the server uses a specific algorithm to calculate the digest value of the upgrade package, then uses a private key to encrypt the digest value by using the specific algorithm, and the obtained result is the signature.
5) And (3) the server writes the signature value obtained in the step 4) into xl4-signature. Txt, and thus a signature file is obtained.
6) The OTA server generates a task package comprising the signature certificate (signature.p7) of the OTA server, the signature file xl4-signature.txt obtained in step 5, and the task-related configuration information.
7) The server encrypts the task package and stores the task package in the server. After the task is triggered, the vehicle end downloads the encrypted task package, and transmits the symmetric encryption key and the encryption mode to the vehicle end through the https channel.
8) After the downloading of the vehicle end is completed, the symmetric encryption key and the encryption mode are used for decrypting the encryption task package.
9) The vehicle end uses a preset secondary root certificate to check the signature certificate of the OTA server, and the specific steps of checking the signature are as follows: the signature value in the signature certificate is obtained by encrypting the abstract value of a specific part of the signature certificate by using a private key of the secondary root server, so that the public key of the secondary root certificate preset by a vehicle end is used for decrypting the signature value to obtain a plaintext abstract value, the abstract value is calculated by using the same part as the part in the certificate selected during signature, the two abstract values are compared, and if the abstract values are consistent, the signature verification of the signature certificate is successful.
The signing certificate is placed on the OTA server for signing the task package.
The "secondary root certificate" is used to verify the signature of the task and if verification passes, the legitimate source of the task package can be verified.
10 And 9) using the signature certificate passing through the signature verification in 9) to verify the signature value of the task package obtained in 4). The method comprises the following detailed steps: decrypting the signature value obtained in the step 7) by using the public key of the signature certificate to obtain a plaintext, namely the digest value of the upgrade package. And then, performing digest value calculation on the upgrade package once again by using the digest value algorithm for calculating the upgrade package in the sum 6). Comparing the two abstract values, and if the abstract values are consistent, checking the signature.
The plaintext digest value refers to the digest value decrypted by the vehicle end.
And comparing the plaintext abstract value with the abstract value calculated by the vehicle end, and if the plaintext abstract value and the abstract value are consistent, checking the plaintext abstract value and the abstract value successfully.
Based on the encryption and decryption signature verification method in the automobile OTA process, the application provides another automobile OTA cloud communication and task triggering device. Devices include, but are not limited to: one or more processors and memory.
The memory is used as a computer readable storage medium for storing a software program, a computer executable program and a module, such as program instructions corresponding to an encryption and decryption signature verification method in an automobile OTA process in the embodiment of the application. The processor executes various functional applications and data processing of the vehicle by running software programs, instructions and modules stored in the memory, so that the encryption, decryption and signature verification method in the automobile OTA process is realized.
The memory may mainly include a memory program area and a memory data area, wherein the memory program area may store an operating system, at least one application program required for a function; the storage data area may store data created according to the use of the terminal, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device.
The application also provides a computer readable storage medium, on which a computer program is stored, the program when executed by a processor realizes an encryption, decryption and signature verification method in an automobile OTA process, the encryption, decryption and signature verification method in the automobile OTA process comprises: encryption and decryption of the OTA full link, signature verification and certificate system design; the upgrade package in the transmission channel is ensured to be encrypted, the upgrade package transmitted to the vehicle end is ensured to be credible, and finally, a user can finish OTA upgrade in a secure link.
The computer-readable storage medium provided by the application has the advantage that the computer-executable instructions are not limited to the method operations described above, but can also execute the related operations in the encryption, decryption and signature verification method in the automobile OTA process provided by any embodiment of the application.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable devices. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line, DSL), or wireless (e.g., infrared, wireless, microwave, etc.). Computer readable storage media can be any available media that can be accessed by a computer or data storage devices, such as servers, data centers, etc., that contain an integration of one or more of the available media. The usable medium may be a magnetic medium (e.g., a floppy Disk, a hard Disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk, SSD), etc.
In the above embodiment, the included units and modules are only divided according to the functional logic, but not limited to the above division, so long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present application.
The foregoing is merely illustrative of specific embodiments of the present application, and the scope of the application is not limited thereto, but any modifications, equivalents, improvements and alternatives falling within the spirit and principles of the present application will be apparent to those skilled in the art within the scope of the present application. And all that is not described in detail in this specification is well known to those skilled in the art.
Claims (10)
1. An encryption and decryption signature verification system in an automobile OTA process is characterized in that: the system comprises an OTA server, a Web front end, a vehicle end upper computer and a PKI server;
the Web front end is operated by an OTA operation and maintenance personnel, the OTA operation and maintenance personnel transmits an upgrade package to an OTA server, the OTA server is responsible for encrypting and signing the upgrade package, the upgrade package and a generated signature file are made into a zip package for encryption, and finally the zip package is pushed to an upper computer at the vehicle end; the vehicle-end upper computer completes the authenticity verification of the upgrade package; the PKI server releases the signature certificate to the OTA server, and the OTA server is deployed at the cloud end; the PKI server also deploys the root certificate in the vehicle-end upper computer for signature verification.
2. The encryption and decryption tag verification system in an automobile OTA process according to claim 1, wherein:
and the PKI server cloud generates certificates of the private key and the public key and sends the certificates to the OTA server, and the private key and the certificates are deployed on the OTA server.
3. The encryption and decryption tag verification system in an automobile OTA process of claim 2, wherein:
the Web front end uploads an upgrade package to an OTA server, and the OTA server signs the upgrade package uploaded by the WEB front end and puts a signature certificate and a signature result into the upgrade package to generate a total upgrade package; then encrypting the upgrade package uploaded by the WEB front end; the OTA server pushes the encrypted upgrade package to the vehicle end, the vehicle end decrypts the upgrade package after receiving the upgrade package, then verifies and signs the signature certificate of the cloud, decrypts the signature result by using the signature certificate after confirming the credibility, and verifies whether the signature result is correct; so far, the vehicle end completes the authenticity verification of the upgrade package.
4. An encryption and decryption signature verification method in an automobile OTA process is characterized in that:
encryption and decryption of the OTA full link, signature verification and certificate system design are included; the upgrade package in the transmission channel is ensured to be encrypted, the upgrade package transmitted to the vehicle end is ensured to be credible, and finally, a user can finish OTA upgrade in a secure link.
5. The encryption and decryption signature verification method in the automobile OTA process of claim 4, wherein the method comprises the following steps:
the source of the upgrade package in the OTA server is that OTA operation and maintenance personnel enter from the Web front end, signature certificates from the PKI server are deployed in the OTA server, the OTA server uses the signature certificates to sign the upgrade package, and after the sign is added, the whole upgrade package is encrypted; and after receiving the encrypted upgrade package, the vehicle-end upper computer decrypts the upgrade package, and uses the root certificate from the PKI server to check the upgrade package.
6. The encryption and decryption signature verification method in the automobile OTA process according to claim 5, which is characterized by comprising the following steps:
1) Applying for a signature certificate and a private key corresponding to the signature certificate, and manufacturing an included private key pfx file and an included signature certificate pem file; the issuing step of the vehicle-end temporary certificate and the cloud communication certificate is consistent with the signature certificate.
2) Deploying the signature certificate and the private key on an OTA server;
3) Uploading an upgrade package at a Web end;
4) The OTA server signs the upgrade package: the detailed steps are that the OTA server uses SHA512 algorithm to calculate the digest value of the upgrade package, then uses private key to encrypt the digest value by AES128 symmetric encryption algorithm, and the obtained result is signature.
5) And (3) writing the signature value obtained in the step (4) into xl4-signature. Txt by the OTA server to obtain a signature file.
6) The OTA server generates a task package, wherein the task package comprises signature certificate signature.p7, signature file xl4-signature.txt and task related configuration information of the OTA server.
7) The OTA server encrypts the task package and stores the task package in the OTA server; after the task is triggered, the vehicle end downloads the encrypted task package, and transmits the symmetric encryption key and the encryption mode to the vehicle end through the https channel.
8) After the downloading of the vehicle end is completed, the encryption task package is decrypted by using the symmetric encryption key and the encryption mode.
9) The vehicle end uses a preset secondary root certificate to check and sign the signature certificate of the OTA server;
10 And (3) using the signature certificate passing the signature verification in the step 9) to verify the signature value of the task package obtained in the step 4).
7. The encryption and decryption signature verification method in the automobile OTA process of claim 6, wherein the method comprises the following steps:
the specific steps of the signature verification in the step 9) are as follows: because the signature value in the signature certificate is obtained by encrypting the digest value of the specific part of the signature certificate by using the specific private key generated by the PKI server, the signature value is decrypted by using the public key of the secondary root certificate preset by the vehicle end to obtain a plaintext digest value, and the digest value calculation is performed by using the same part as the signature certificate, and the two digest values are compared, if the digest values are consistent, the signature verification of the signature certificate is successful.
8. The encryption and decryption signature verification method in the automobile OTA process of claim 6, wherein the method comprises the following steps:
the step 10) of checking the labels comprises the following detailed steps: decrypting the signature value obtained in the step 7) by using the public key of the signature certificate to obtain a plaintext abstract value, namely an abstract value of the upgrade package; and then the digest value of the upgrade package is calculated again by using the digest value SHA512 algorithm for calculating the upgrade package in the step 6). Comparing the two abstract values, and if the abstract values are consistent, checking the signature.
9. An apparatus, characterized in that: including one or more processors;
a memory for storing one or more programs;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the over-the-air, OTA, vehicle-to-cloud communication and task triggering method of any of claims 4 to 8.
10. A computer-readable storage medium having stored thereon a computer program, characterized by: the program when executed by a processor implements the method for vehicle-to-vehicle communication and task triggering of an OTA as claimed in any one of claims 4 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310760009.1A CN116938533A (en) | 2023-06-26 | 2023-06-26 | Encryption and decryption signature verification system, method, device and medium in automobile OTA process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310760009.1A CN116938533A (en) | 2023-06-26 | 2023-06-26 | Encryption and decryption signature verification system, method, device and medium in automobile OTA process |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116938533A true CN116938533A (en) | 2023-10-24 |
Family
ID=88381860
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310760009.1A Pending CN116938533A (en) | 2023-06-26 | 2023-06-26 | Encryption and decryption signature verification system, method, device and medium in automobile OTA process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116938533A (en) |
-
2023
- 2023-06-26 CN CN202310760009.1A patent/CN116938533A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10708062B2 (en) | In-vehicle information communication system and authentication method | |
| US10382485B2 (en) | Blockchain-assisted public key infrastructure for internet of things applications | |
| US10999078B2 (en) | Software distribution processing device, software distribution processing method, and vehicle | |
| US11356425B2 (en) | Techniques for improving security of encrypted vehicle software updates | |
| US11070542B2 (en) | Systems and methods for certificate chain validation of secure elements | |
| US11321074B2 (en) | Vehicle-mounted device upgrade method and related apparatus | |
| US11283626B2 (en) | Apparatus and methods for distributed certificate enrollment | |
| CN107086981B (en) | Controlled security code authentication | |
| US9124561B2 (en) | Method of transferring the control of a security module from a first entity to a second entity | |
| CN112913189B (en) | OTA (over the air) upgrading method and device | |
| CN113472790B (en) | Information transmission method, client and server based on HTTPS protocol | |
| CN111814132B (en) | Security authentication method and device, security authentication chip and storage medium | |
| CN108683674A (en) | Verification method, device, terminal and the computer readable storage medium of door lock communication | |
| CN113556230B (en) | Data security transmission method, certificate related method, server, system and medium | |
| CN110650478A (en) | OTA method, system, device, SE module, program server and medium | |
| CN115665138A (en) | Automobile OTA (over the air) upgrading system and method | |
| CN113612852A (en) | Communication method, device, equipment and storage medium based on vehicle-mounted terminal | |
| CN115062292A (en) | Equipment safety starting and authentication method and device based on hierarchical encryption | |
| CN115242397A (en) | OTA upgrade security verification method and readable storage medium for vehicle EUC | |
| CN116938533A (en) | Encryption and decryption signature verification system, method, device and medium in automobile OTA process | |
| JP6188744B2 (en) | Management system, vehicle and management method | |
| CN117397199A (en) | Secure root of trust registration and identity management for embedded devices | |
| CN114553542A (en) | Data packet encryption method and device and electronic equipment | |
| CN113868713A (en) | Data verification method and device, electronic equipment and storage medium | |
| CN117728976A (en) | Data transmission method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |