CN118259947A - OTA upgrade package protection method, device, equipment and readable storage medium - Google Patents
OTA upgrade package protection method, device, equipment and readable storage medium Download PDFInfo
- Publication number
- CN118259947A CN118259947A CN202410491875.XA CN202410491875A CN118259947A CN 118259947 A CN118259947 A CN 118259947A CN 202410491875 A CN202410491875 A CN 202410491875A CN 118259947 A CN118259947 A CN 118259947A
- Authority
- CN
- China
- Prior art keywords
- upgrade package
- encryption
- target
- module
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 238000012795 verification Methods 0.000 claims abstract description 21
- 238000000605 extraction Methods 0.000 claims description 19
- 238000009434 installation Methods 0.000 claims description 8
- 230000008569 process Effects 0.000 description 24
- 238000004891 communication Methods 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000011900 installation process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
Abstract
An OTA upgrade package protection method, device, equipment and readable storage medium relate to the technical field of automobile software upgrade, and comprise the steps of carrying out symmetric key encryption on an original upgrade package to obtain a first encrypted upgrade package, and extracting first key information from the original upgrade package; encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package; generating a first random number based on a preset cloud random number generation module, and generating a first encryption parameter based on a preset encryption parameter generation module; carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file; and generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of an OTA upgrade package. The application improves the system decryption efficiency and enhances the security of OTA upgrading.
Description
Technical Field
The application relates to the technical field of automobile software upgrading, in particular to an OTA upgrade package protection method, an OTA upgrade package protection device, OTA upgrade package protection equipment and a readable storage medium.
Background
OTA upgrades provide numerous benefits to the vehicle, such as manufacturers can repair faults remotely, improving vehicle reliability, and making the vehicle more flexible, efficient, and safe. However, there are also some potential risks in the vehicle OTA upgrade process, for example, OTA communication may be subject to network attacks, such as man-in-the-middle attacks, denial of service attacks, resulting in tampering of the upgrade package or interruption of communication; in addition, the upgrade package may also be subject to unauthorized access during transmission, resulting in leakage of sensitive data such as vehicle location, user privacy, etc.
In order to cope with the risks, the OTA system needs to take strict security measures including encryption communication, digital signature, identity verification, security protocol and the like to ensure the security and reliability of the OTA process, but the conventional upgrade package encryption mode often has the problems of low decryption efficiency and poor security. Therefore, how to improve the decryption efficiency of the system and enhance the security of OTA upgrade is a current urgent problem to be solved.
Disclosure of Invention
The application provides a protection method, a protection device, protection equipment and a readable storage medium for an OTA upgrade package, which can solve the technical problems of poor security of OTA upgrade and low decryption efficiency of the upgrade package in the prior art.
In a first aspect, an embodiment of the present application provides a method for protecting an OTA upgrade package, where the method includes:
Performing symmetric key encryption on an original upgrade package to obtain a first encrypted upgrade package, and extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
Encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
generating a first random number based on a preset cloud random number generation module, and generating a first encryption parameter based on a preset encryption parameter generation module;
Carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file;
And generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of an OTA upgrade package.
With reference to the first aspect, in an implementation manner, the vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package, including:
the vehicle end obtains a target signature file and a target encryption upgrade package based on the target upgrade package;
Signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
Decrypting the target encrypted upgrade package according to the historical encryption parameters to obtain a decrypted encrypted upgrade package;
And decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
With reference to the first aspect, in one implementation manner, after the step of decrypting the decrypted encrypted upgrade packet based on the symmetric key to obtain the decrypted original upgrade packet, the method further includes:
Extracting second key information from the decrypted original upgrade package, and generating a second random number based on a preset vehicle-end random number generation module;
And installing an upgrade package based on the target key information, the second key information, the target random number and the second random number.
With reference to the first aspect, in an implementation manner, the performing the upgrade package installation based on the target key information, the second key information, the target random number, and the second random number includes:
And when the second key information is the same as the target key information and the second random number is the same as the target random number, installing the upgrade package.
With reference to the first aspect, in an embodiment, the method further includes:
After the OTA cloud upgrade is successful, the first encryption parameter is used as a historical encryption parameter to be stored in a preset encryption parameter storage module for next upgrade.
In a second aspect, an embodiment of the present application provides an OTA upgrade package protection device, where the OTA upgrade package protection device includes a cloud upgrade package encryption module and a vehicle-end upgrade package decryption module, and the upgrade package encryption module includes an upgrade package encryption module and a digital signature encryption module; the digital signature encryption module comprises a key information extraction module, an encryption parameter generation module, a cloud random number generation module and an asymmetric encryption module;
The symmetric key encryption module is used for carrying out symmetric key encryption on the original upgrade package to obtain a first encrypted upgrade package;
the key information extraction module is used for extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
The encryption parameter storage module is used for encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
the cloud random number generation module is used for generating a first random number;
the encryption parameter generation module is used for generating a first encryption parameter;
The asymmetric encryption module is used for carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file; and generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle-end upgrade package decryption module performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of the OTA upgrade package.
With reference to the second aspect, in one implementation manner, the vehicle-end upgrade package decryption module includes an upgrade package decryption module and a digital signature decryption module; the upgrade package decryption module comprises a symmetric key decryption module and a vehicle-end encryption parameter storage module, and the digital signature decryption module comprises an asymmetric decryption module;
The asymmetric decryption module is used for obtaining a target signature file and a target encryption upgrade package based on the target upgrade package; signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
the vehicle-end encryption parameter storage module decrypts the target encryption upgrade package according to the historical encryption parameters to obtain a decrypted encryption upgrade package;
the symmetric key decryption module is used for decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
With reference to the second aspect, in one implementation manner, the vehicle-end upgrade package decryption module further includes an upgrade package execution module, and the digital signature decryption module further includes an upgrade package key information extraction module and a vehicle-end random number generation module;
the upgrade package key information extraction module is used for extracting second key information from the decrypted original upgrade package;
The vehicle-end random number generation module is used for generating a second random number;
The upgrade package execution module is used for installing the upgrade package based on the target key information, the second key information, the target random number and the second random number.
In a third aspect, an embodiment of the present application provides an OTA upgrade package protection apparatus, where the OTA upgrade package protection apparatus includes a processor, a memory, and an OTA upgrade package protection program stored on the memory and executable by the processor, where when the OTA upgrade package protection program is executed by the processor, the steps of the OTA upgrade package protection method according to any one of the preceding claims are implemented.
In a fourth aspect, an embodiment of the present application provides a computer readable storage medium, where an OTA upgrade package protection program is stored on the computer readable storage medium, where the OTA upgrade package protection program, when executed by a processor, implements the steps of the OTA upgrade package protection method according to any one of the preceding claims.
The technical scheme provided by the embodiment of the application has the beneficial effects that:
The original upgrade package is encrypted by a symmetric key, and further encrypted based on historical encryption parameters, so that the data security is ensured; generating key parameters by using a preset random number generation module and an encryption parameter generation module, and combining an asymmetric key public key signature to ensure data integrity and authenticity; the target upgrade package is generated through the signature file and the encryption upgrade package, and a security verification and decryption process is provided for the vehicle end, so that security protection of OTA upgrade is realized, security of OTA upgrade is enhanced while system decryption efficiency is improved, potential security threat is effectively prevented, and information security of the vehicle-mounted system is ensured.
Drawings
Fig. 1 is a schematic flow chart of an embodiment of an OTA upgrade package protection method of the present application;
fig. 2 is a flow chart of an embodiment of the protection method for OTA upgrade package encryption according to the present application;
FIG. 3 is a detailed flowchart of step S50 of FIG. 1 according to the present application;
Fig. 4 is a flowchart illustrating an embodiment of decrypting an upgrade package of the OTA upgrade package protection method according to the present application;
Fig. 5 is a schematic architecture diagram of an embodiment of an OTA upgrade package protection apparatus according to the present application;
fig. 6 is a schematic hardware structure of an OTA upgrade package protection device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In a first aspect, an embodiment of the present application provides an OTA upgrade package protection method. In one embodiment, referring to fig. 1 and 2, the OTA upgrade package protection method includes:
S10, carrying out symmetric key encryption on an original upgrade package to obtain a first encrypted upgrade package, and extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
Exemplary, in the embodiment of the present application, the upgrade package encryption process is implemented based on a cloud upgrade package encryption module, and specifically, the cloud upgrade package encryption module includes an upgrade package encryption module and a digital signature encryption module, where the upgrade package encryption module includes a symmetric key encryption module and an encryption parameter storage module, the symmetric key encryption module is used to encrypt an original upgrade package, and the encryption parameter storage module is used to store encryption parameters generated in a previous upgrade process; the digital signature encryption module comprises a key information extraction module, an encryption parameter generation module, a cloud random number generation module and an asymmetric encryption module, wherein the key information extraction module is used for extracting key information in an original upgrade package, the encryption parameter generation module is used for generating encryption parameters, the cloud random number generation module is used for generating random numbers, and the asymmetric encryption module is used for signing the key information, the encryption parameters and the random numbers.
Specifically, the original upgrade package is encrypted for the first time through the symmetric key encryption module to obtain a first encrypted upgrade package, so that the security of data in the transmission and storage processes can be ensured, and the confidentiality and the integrity of the upgrade data can be effectively protected. Meanwhile, key information in the upgrade package is extracted from the original upgrade package through a key information extraction module to obtain first key information, wherein the first key information is used for representing the unique identifier of the upgrade package and comprises a hash value, version information and the like of the upgrade package.
Step S20, encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
Exemplary, in the embodiment of the present application, the historical encryption parameter is the encryption parameter generated by the encryption parameter generating module in the last upgrading process, and is stored in the encryption parameter storing module after the last upgrading is completed; after the first encryption is finished, performing second encryption on the upgrade package according to the corresponding historical encryption parameters stored by the encryption parameter storage module during the last upgrade to obtain a second encrypted upgrade package so as to realize multi-layer encryption; the confidentiality of the data can be effectively protected by a multi-layer encryption mode, and the security of the data in the transmission and storage processes is ensured.
It will be appreciated that for an upgrade package that contains not only valid information, but also invalid information, for example (2,50,100) that characterizes the current upgrade package that the 50 nd to 100 th bytes of line 2 are valid information present in the upgrade package, it will be appreciated that any form of padding may be performed at locations other than this interval to include valid information in the cluttered information.
Step S30, generating a first random number based on a preset cloud random number generation module, and generating a first encryption parameter based on a preset encryption parameter generation module;
Exemplary, in the embodiment of the application, the preset encryption parameter module and the preset cloud random number generation module can be self-designed and customized by a user, so that upgrade package protection with higher security level can be realized by designing a complex algorithm in the module. Specifically, the random number generation module in the embodiment of the application generates random numbers according to the built-in rule, and the generation mode is agreed to use the same random number within a few days. By using the first random number generated by the cloud random number generation module and the first encryption parameter generated by the encryption parameter generation module, the randomness and the uniqueness of the encryption process can be ensured, and meanwhile, the accuracy and the consistency of the encryption parameter are ensured, so that the control and the management of the system on the encryption operation can be effectively enhanced, and the safety and the reliability of the encryption process are ensured.
Step S40, carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file;
Exemplary, in the embodiment of the application, after the work of the upgrade package key information extraction module, the encryption parameter generation module and the random number generation module is completed, the first key information, the first encryption parameter and the first random number are signed by using the asymmetric key public key to obtain the encrypted signature file, so that the integrity and the authenticity of the data can be ensured, the data is prevented from being tampered or forged in the transmission process, and the trust degree and the security of the system on the data are improved.
And S50, generating a target upgrade package based on the signature file and the second encryption upgrade package, so that the vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of the OTA upgrade package.
In the embodiment of the application, the cloud upgrade package encryption module can generate the target upgrade package according to the signature file and the second encryption upgrade package, so that the vehicle-end upgrade package decryption module can verify the signature file through asymmetric signature verification to ensure the integrity and authenticity of the target upgrade package, prevent the target upgrade package from being tampered or replaced in the upgrading process, and simultaneously decrypt the target upgrade package by utilizing a symmetric decryption mode to ensure the safe transmission and storage of data and protect the vehicle-mounted system from unauthorized upgrading operation. Therefore, the security mechanism of integrating the signature file, the encryption upgrade package and the verification decryption can effectively protect the security of the OTA upgrade package, and the reliability and stability of the vehicle-mounted system are ensured.
In summary, in the embodiment, the data security is ensured by carrying out symmetric key encryption on the original upgrade package and further encrypting based on the historical encryption parameters; generating key parameters by using a preset random number generation module and an encryption parameter generation module, and combining an asymmetric key public key signature to ensure data integrity and authenticity; the target upgrade package is generated through the signature file and the encryption upgrade package, and a security verification and decryption process is provided for the vehicle end, so that security protection of OTA upgrade is realized, security of OTA upgrade is enhanced while system decryption efficiency is improved, potential security threat is effectively prevented, and information security of the vehicle-mounted system is ensured.
Further, in an embodiment, referring to fig. 3, the vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package, including:
Step S501, a vehicle end obtains a target signature file and a target encryption upgrade package based on the target upgrade package;
step S502, signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
step S503, decrypting the target encryption upgrade package according to the historical encryption parameters to obtain a decrypted encryption upgrade package;
Step S504, decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
Exemplary, in the embodiment of the present application, the upgrade package decryption process is implemented based on a vehicle-end upgrade package decryption module, and specifically, the vehicle-end upgrade package decryption module includes an upgrade package decryption module, a digital signature decryption module, and an upgrade package execution module; the upgrade package decryption module comprises a symmetric key decryption module and a vehicle-end encryption parameter storage module, wherein the symmetric key decryption module is used for decrypting an encryption upgrade package, the vehicle-end encryption parameter storage module is used for storing encryption parameters generated in the last upgrade process, the digital signature decryption module comprises an asymmetric decryption module, an upgrade package key information extraction module, a vehicle-end random number generation module and an information comparison module, the asymmetric decryption module is used for checking signature files, the upgrade package key information extraction module is used for extracting key information, the vehicle-end random number generation module is used for generating random numbers, the information comparison module is used for comparing whether the key information and the random numbers are accurate or not, the upgrade package execution module comprises an upgrade package installation module and an encryption parameter update module, the upgrade package installation module is used for installing the upgrade package, and the encryption parameter update module is used for updating encryption parameters currently stored at the vehicle end.
Specifically, referring to fig. 4, the vehicle end analyzes the target upgrade package to obtain a target signature file and a target encrypted upgrade package; signing the signature file according to the asymmetric key private key stored by the vehicle end to obtain target key information, target random number and target encryption parameter; decrypting the target encryption upgrade package for the first time according to the historical encryption parameters stored in the encryption parameter storage module to obtain a decrypted encryption upgrade package; and after the first decryption is finished, performing second decryption according to the symmetric key stored in the vehicle end to obtain the decrypted original upgrade package.
Further, in an embodiment, after the step of decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain the decrypted original upgrade package, the method further includes:
Extracting second key information from the decrypted original upgrade package, and generating a second random number based on a preset vehicle-end random number generation module;
And installing an upgrade package based on the target key information, the second key information, the target random number and the second random number.
In the embodiment of the application, the second key information in the decrypted original upgrade package is extracted by the upgrade package key information extraction module of the vehicle end and the second random number is generated by the random number generation module of the vehicle end, the second key information and the second random number are compared with the target key information and the target random number extracted from the target upgrade package by the vehicle end on the basis of the information comparison module, and the vehicle end can install the upgrade package after confirming that the upgrade package of the current vehicle end is true and reliable according to the comparison result.
Specifically, by extracting the second key information and generating the second random number, the security of the upgrade package can be increased; the random number can prevent replay attack, ensure that each upgrade package is unique in installation, and improve the security of the system; the use of the target key information and the target random number can help to verify the integrity of the upgrade package, and ensure that the upgrade package is not tampered or damaged in the transmission process; through the operation, the installation process of the upgrade package can be ensured to be safer and more reliable, the risk of the system being subjected to malicious attack is reduced, and the stability and the safety of the vehicle system are ensured.
Further, in an embodiment, the installing the upgrade package based on the target key information, the second key information, the target random number, and the second random number includes:
And when the second key information is the same as the target key information and the second random number is the same as the target random number, installing the upgrade package.
Exemplary, in the embodiment of the present application, a specific flow for installing an upgrade package is as follows:
Step N1: judging whether the second key information is the same as the target key information, if so, continuing to step N2; otherwise, the upgrade package installation flow is stopped.
Step N2: judging whether the second random number is the same as the target random number or not, if the second random number is the same as the target random number, indicating that the verification is passed, executing the step N3; otherwise, the upgrade package installation flow is stopped.
Step N3: and after the verification is passed, performing an upgrade package installation operation.
It can be understood that the above flow system can ensure that the upgrade package is installed under the condition that the specific condition is met, thereby ensuring the accuracy and the safety of upgrade, effectively preventing the upgrade package which is not authorized or meets the condition from being installed in the vehicle-mounted system by the verification method based on the key information and the random number, and improving the reliability and the safety of the system.
Further, in an embodiment, the method further comprises:
After the OTA cloud upgrade is successful, the first encryption parameter is used as a historical encryption parameter to be stored in a preset encryption parameter storage module for next upgrade.
In the embodiment of the application, after the cloud receives the feedback that the vehicle-end upgrade is successful, the generated encryption parameters are synchronously updated to the encryption parameter storage module of the cloud, so that the latest encryption parameters are used for encryption and decryption in the next upgrade.
Specifically, when upgrading is performed next time, encryption operation is performed on upgrade data to be sent to the vehicle end based on stored historical encryption parameters, after the vehicle end receives the encrypted upgrade data, decryption operation is performed by using appointed historical encryption parameters, original upgrade file content is obtained, the vehicle end verifies the integrity and correctness of the decrypted upgrade data, the fact that the data are not tampered or damaged is ensured, and after verification is passed, the vehicle end executes corresponding upgrade operation.
By storing the historical encryption parameters, the system can quickly and accurately perform decryption and verification operations in the next upgrading process, the safety and effectiveness of the upgrading process are ensured, the upgrading process is simplified, the efficiency is improved, and meanwhile, the possibility of errors is reduced.
In a second aspect, an embodiment of the present application further provides an OTA upgrade package protection apparatus, and referring to fig. 5, the OTA upgrade package protection apparatus includes a cloud upgrade package encryption module and a vehicle-end upgrade package decryption module, where the upgrade package encryption module includes an upgrade package encryption module and a digital signature encryption module; the digital signature encryption module comprises a key information extraction module, an encryption parameter generation module, a cloud random number generation module and an asymmetric encryption module;
The symmetric key encryption module is used for carrying out symmetric key encryption on the original upgrade package to obtain a first encrypted upgrade package;
the key information extraction module is used for extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
The encryption parameter storage module is used for encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
the cloud random number generation module is used for generating a first random number;
the encryption parameter generation module is used for generating a first encryption parameter;
The asymmetric encryption module is used for carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file; and generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle-end upgrade package decryption module performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of the OTA upgrade package.
Further, in an embodiment, the vehicle-end upgrade package decryption module includes an upgrade package decryption module and a digital signature decryption module, the upgrade package decryption module includes a symmetric key decryption module and a vehicle-end encryption parameter storage module, and the digital signature decryption module includes an asymmetric decryption module;
The asymmetric decryption module is used for obtaining a target signature file and a target encryption upgrade package based on the target upgrade package; signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
the vehicle-end encryption parameter storage module decrypts the target encryption upgrade package according to the historical encryption parameters to obtain a decrypted encryption upgrade package;
the symmetric key decryption module is used for decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
Further, in some embodiments, the vehicle-end upgrade package decryption module further includes an upgrade package execution module, and the digital signature decryption module further includes an upgrade package key information extraction module and a vehicle-end random number generation module;
the upgrade package key information extraction module is used for extracting second key information from the decrypted original upgrade package;
The vehicle-end random number generation module is used for generating a second random number;
The upgrade package execution module is used for installing the upgrade package based on the target key information, the second key information, the target random number and the second random number.
Further, in an embodiment, the upgrade package execution module is specifically further configured to:
And when the second key information is the same as the target key information and the second random number is the same as the target random number, installing the upgrade package.
Further, in an embodiment, the digital signature decryption module further includes an encryption parameter storage module for:
After the OTA cloud upgrade is successful, the first encryption parameter is used as a historical encryption parameter to be stored in a preset encryption parameter storage module for next upgrade.
In the embodiment of the application, the data security is ensured by carrying out symmetric key encryption on the original upgrade package and further encrypting based on the historical encryption parameters; generating key parameters by using a preset random number generation module and an encryption parameter generation module, and combining an asymmetric key public key signature to ensure data integrity and authenticity; the target upgrade package is generated through the signature file and the encryption upgrade package, and a security verification and decryption process is provided for the vehicle end, so that security protection of OTA upgrade is realized, security of OTA upgrade is enhanced while system decryption efficiency is improved, potential security threat is effectively prevented, and information security of the vehicle-mounted system is ensured.
The function implementation of each module in the OTA upgrade package protection device corresponds to each step in the embodiment of the OTA upgrade package protection method, and the function and implementation process of the module are not described in detail herein.
In a third aspect, an embodiment of the present application provides an OTA upgrade package protection device, where the OTA upgrade package protection device may be a device with a data processing function, such as a personal computer (personal computer, PC), a notebook computer, or a server.
Referring to fig. 6, fig. 6 is a schematic hardware structure diagram of an OTA upgrade package protection device according to an embodiment of the present application. In the embodiment of the application, the OTA upgrade package protection device may include a processor, a memory, a communication interface, and a communication bus.
The communication bus may be of any type for implementing the processor, memory, and communication interface interconnections.
The communication interfaces include input/output (I/O) interfaces, physical interfaces, logical interfaces, and the like for implementing device interconnection inside the OTA upgrade package protection apparatus, and interfaces for implementing interconnection of the OTA upgrade package protection apparatus with other apparatuses (e.g., other computing apparatuses or user apparatuses). The physical interface may be an ethernet interface, a fiber optic interface, an ATM interface, etc.; the user device may be a Display, a Keyboard (Keyboard), or the like.
The memory may be various types of storage media such as random access memory (randomaccess memory, RAM), read-only memory (ROM), nonvolatile RAM (non-volatileRAM, NVRAM), flash memory, optical memory, hard disk, programmable ROM (PROM), erasable PROM (erasable PROM, EPROM), electrically erasable PROM (ELECTRICALLY ERASABLE PROM, EEPROM), and the like.
The processor may be a general-purpose processor, and the general-purpose processor may invoke the OTA upgrade package protection program stored in the memory and execute the OTA upgrade package protection method provided by the embodiment of the present application. For example, the general purpose processor may be a central processing unit (central processing unit, CPU). The method executed when the OTA upgrade package protection program is called may refer to various embodiments of the OTA upgrade package protection method of the present application, and will not be described herein.
Those skilled in the art will appreciate that the hardware configuration shown in fig. 6 is not limiting of the application and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
In a fourth aspect, embodiments of the present application also provide a readable storage medium.
The readable storage medium of the application stores an OTA upgrade package protection program, wherein when the OTA upgrade package protection program is executed by a processor, the steps of the OTA upgrade package protection method are realized.
The method implemented when the OTA upgrade package protection program is executed may refer to various embodiments of the OTA upgrade package protection method of the present application, and will not be described herein.
The terms "comprising" and "having" and any variations thereof in the description and claims of the application and in the foregoing drawings are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus. The terms "first," "second," and "third," etc. are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order, and are not limited to the fact that "first," "second," and "third" are not identical.
In describing embodiments of the present application, "exemplary," "such as," or "for example," etc., are used to indicate by way of example, illustration, or description. Any embodiment or design described herein as "exemplary," "such as" or "for example" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary," "such as" or "for example," etc., is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present application, unless otherwise indicated, "/" means or, for example, a/B may represent a or B; the text "and/or" is merely an association relation describing the associated object, and indicates that three relations may exist, for example, a and/or B may indicate: the three cases where a exists alone, a and B exist together, and B exists alone, and furthermore, in the description of the embodiments of the present application, "plural" means two or more than two.
In some of the processes described in the embodiments of the present application, a plurality of operations or steps occurring in a particular order are included, but it should be understood that the operations or steps may be performed out of the order in which they occur in the embodiments of the present application or in parallel, the sequence numbers of the operations merely serve to distinguish between the various operations, and the sequence numbers themselves do not represent any order of execution. In addition, the processes may include more or fewer operations, and the operations or steps may be performed in sequence or in parallel, and the operations or steps may be combined.
It should be noted that, the foregoing reference numerals of the embodiments of the present application are merely for describing the embodiments, and do not represent the advantages and disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising several instructions for causing a terminal device to perform the method according to the embodiments of the present application.
The foregoing description is only of the preferred embodiments of the present application, and is not intended to limit the scope of the application, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (10)
1. An OTA upgrade package protection method, comprising:
Performing symmetric key encryption on an original upgrade package to obtain a first encrypted upgrade package, and extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
Encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
generating a first random number based on a preset cloud random number generation module, and generating a first encryption parameter based on a preset encryption parameter generation module;
Carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file;
And generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle end performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of an OTA upgrade package.
2. The OTA upgrade package protection method of claim 1 wherein the vehicle end performs asymmetric verification and symmetric decryption based on the target upgrade package, comprising:
the vehicle end obtains a target signature file and a target encryption upgrade package based on the target upgrade package;
Signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
Decrypting the target encrypted upgrade package according to the historical encryption parameters to obtain a decrypted encrypted upgrade package;
And decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
3. The OTA upgrade package protection method of claim 2, further comprising, after the step of decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain the decrypted original upgrade package:
Extracting second key information from the decrypted original upgrade package, and generating a second random number based on a preset vehicle-end random number generation module;
And installing an upgrade package based on the target key information, the second key information, the target random number and the second random number.
4. The OTA upgrade package protection method of claim 3 wherein said performing upgrade package installation based on said target key information, said second key information, said target random number, and said second random number comprises:
And when the second key information is the same as the target key information and the second random number is the same as the target random number, installing the upgrade package.
5. The OTA upgrade package protection method of claim 1, wherein the method further comprises:
After the OTA cloud upgrade is successful, the first encryption parameter is used as a historical encryption parameter to be stored in a preset encryption parameter storage module for next upgrade.
6. The OTA upgrade package protection device is characterized by comprising a cloud upgrade package encryption module and a vehicle-end upgrade package decryption module, wherein the upgrade package encryption module comprises an upgrade package encryption module and a digital signature encryption module; the digital signature encryption module comprises a key information extraction module, an encryption parameter generation module, a cloud random number generation module and an asymmetric encryption module;
The symmetric key encryption module is used for carrying out symmetric key encryption on the original upgrade package to obtain a first encrypted upgrade package;
the key information extraction module is used for extracting first key information from the original upgrade package, wherein the first key information comprises an upgrade package hash value and version information;
The encryption parameter storage module is used for encrypting the first encryption upgrade package based on the historical encryption parameters to obtain a second encryption upgrade package;
the cloud random number generation module is used for generating a first random number;
the encryption parameter generation module is used for generating a first encryption parameter;
The asymmetric encryption module is used for carrying out asymmetric key public key signature on the first encryption parameter, the first key information and the first random number to obtain a signature file; and generating a target upgrade package based on the signature file and the second encryption upgrade package, so that a vehicle-end upgrade package decryption module performs asymmetric signature verification and symmetric decryption based on the target upgrade package to realize protection of the OTA upgrade package.
7. The OTA upgrade package protection apparatus of claim 6 wherein the vehicle-side upgrade package decryption module comprises an upgrade package decryption module, a digital signature decryption module; the upgrade package decryption module comprises a symmetric key decryption module and a vehicle-end encryption parameter storage module, and the digital signature decryption module comprises an asymmetric decryption module;
The asymmetric decryption module is used for obtaining a target signature file and a target encryption upgrade package based on the target upgrade package; signing the target signature file based on the asymmetric key private key to obtain target encryption parameters, target key information and target random numbers;
the vehicle-end encryption parameter storage module decrypts the target encryption upgrade package according to the historical encryption parameters to obtain a decrypted encryption upgrade package;
the symmetric key decryption module is used for decrypting the decrypted encrypted upgrade package based on the symmetric key to obtain a decrypted original upgrade package.
8. The OTA upgrade package protection device of claim 6 wherein the vehicle-side upgrade package decryption module further comprises an upgrade package execution module, the digital signature decryption module further comprises an upgrade package key information extraction module, a vehicle-side random number generation module;
the upgrade package key information extraction module is used for extracting second key information from the decrypted original upgrade package;
The vehicle-end random number generation module is used for generating a second random number;
The upgrade package execution module is used for installing the upgrade package based on the target key information, the second key information, the target random number and the second random number.
9. An OTA upgrade package protection device comprising a processor, a memory, and an OTA upgrade package protection program stored on the memory and executable by the processor, wherein the OTA upgrade package protection program, when executed by the processor, implements the steps of the OTA upgrade package protection method of any one of claims 1 to 5.
10. A computer readable storage medium, wherein an OTA upgrade package protection program is stored on the computer readable storage medium, wherein the OTA upgrade package protection program, when executed by a processor, implements the steps of the OTA upgrade package protection method according to any one of claims 1 to 5.
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118259947A true CN118259947A (en) | 2024-06-28 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2634960B1 (en) | Method and apparatus for incremental code signing | |
| CN112784278B (en) | Trusted starting method, device and equipment of computer system | |
| JP6371919B2 (en) | Secure software authentication and verification | |
| CN101308538B (en) | Method and apparatus for checking integrity of firmware | |
| US20190372759A1 (en) | Shared secret establishment | |
| CN111984962A (en) | Firmware security verification method and device | |
| CN101199159A (en) | Secure boot | |
| EP3343424B1 (en) | Control board secure start method, and software package upgrade method and device | |
| EP3316160A1 (en) | Authentication method and apparatus for reinforced software | |
| KR101805310B1 (en) | User apparatus based on trusted platform module and firmware updating method using the same | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| JP6387908B2 (en) | Authentication system | |
| CN114662087B (en) | Multi-terminal verification security chip firmware updating method and device | |
| CN111433771A (en) | Secure booting of kernel modules | |
| CN111160879A (en) | Hardware wallet and security improving method and device thereof | |
| CN108270574B (en) | Safe loading method and device for white list library file | |
| CN112511306A (en) | Safe operation environment construction method based on mixed trust model | |
| EP3742665A1 (en) | Semiconductor device, update data-providing method, update data-receiving method, and program | |
| US11520595B2 (en) | Industrial internet of things gateway boot methods | |
| US11615188B2 (en) | Executing software | |
| Plappert et al. | Evaluating the applicability of hardware trust anchors for automotive applications | |
| CN118259947A (en) | OTA upgrade package protection method, device, equipment and readable storage medium | |
| CN113868628A (en) | Signature verification method and device, computer equipment and storage medium | |
| CN113508380A (en) | Method for terminal entity authentication | |
| Baseri et al. | Cybersecurity in the Quantum Era: Assessing the Impact of Quantum Computing on Infrastructure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication |