WO2021129511A1 - 通信方法及相关产品 - Google Patents

通信方法及相关产品 Download PDF

Info

Publication number
WO2021129511A1
WO2021129511A1 PCT/CN2020/137200 CN2020137200W WO2021129511A1 WO 2021129511 A1 WO2021129511 A1 WO 2021129511A1 CN 2020137200 W CN2020137200 W CN 2020137200W WO 2021129511 A1 WO2021129511 A1 WO 2021129511A1
Authority
WO
WIPO (PCT)
Prior art keywords
cloud server
secure channel
control unit
electronic control
key
Prior art date
Application number
PCT/CN2020/137200
Other languages
English (en)
French (fr)
Inventor
王勇
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP20904646.5A priority Critical patent/EP4068683A4/en
Priority to JP2022538694A priority patent/JP7418584B2/ja
Publication of WO2021129511A1 publication Critical patent/WO2021129511A1/zh
Priority to US17/848,101 priority patent/US20220329582A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1033Signalling gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/24Negotiation of communication capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Definitions

  • This application relates to the field of vehicle communication technology, and in particular to a communication method and related products.
  • Vehicle components include car boxes, gateways and other electronic control units.
  • the car box and gateway are generally configured with certificates.
  • the certificate can be used to complete identity authentication and establish a transport layer security (TLS) secure channel with the cloud server.
  • TLS transport layer security
  • the electronic control unit (ECU) of the automobile when communicating securely with the cloud, also needs to establish a TLS secure channel based on the certificate and the cloud server. In this way, configuring the certificate will occupy the storage resources of the ECU, and the process of configuring the certificate will also increase the production cost of the ECU. Moreover, some ECUs do not have the conditions to configure certificates.
  • the embodiments of the present application provide a communication method and related products, which can realize secure communication between an electronic control unit and a cloud server, and can also save storage resources of the electronic control unit.
  • the first aspect provides a communication method.
  • the method can be implemented by a cloud server, or can be implemented by a processing chip on the cloud server.
  • this embodiment is described by taking the cloud server executing the method as an example.
  • the cloud server receives the first request message sent by the information processing unit through the first secure channel, and the first request message includes the identifier of the electronic control unit of the vehicle. Further, the cloud server obtains the first key according to the identifier and the security information of the first secure channel, and then the cloud server establishes a second secure channel with the electronic control unit according to the first key, and the first The two secure channels are used for communication between the cloud server and the electronic control unit.
  • the second aspect also provides a communication method.
  • the method can be implemented by an information processing unit, or can be implemented by a processing chip on the information processing unit.
  • this embodiment is described by taking the method executed by the information processing unit as an example.
  • the information processing unit sends a first request message to the cloud server through the first secure channel, and the first request message includes the identifier of the electronic control unit of the vehicle.
  • the information processing unit obtains the first key according to the identifier and the security information of the first secure channel.
  • the information processing unit sends the first key to the electronic control unit, and the first key Used for establishing a second secure channel between the electronic control unit and the cloud server. It should be noted that this embodiment does not limit the sequence of the various steps.
  • the third aspect also provides a communication method, which can be implemented by an electronic control unit or a processing chip on the electronic control unit.
  • this embodiment is described by taking the electronic control unit executing the method as an example.
  • the electronic control unit sends a first request message to the information processing unit, and the first request message includes the identification of the electronic control unit; further, the electronic control unit receives the first key sent by the information processing unit, so The first key is obtained by the information processing unit according to the identifier and the security information of the first secure channel, and the first secure channel is used for communication between the cloud server and the information processing unit; further, the The electronic control unit establishes a second secure channel with the cloud server according to the first key, and the second secure channel is used for the cloud server to communicate with the electronic control unit.
  • the first key when the cloud server needs to establish a secure channel with the electronic control unit, the first key can be obtained according to the security information of the first secure channel between the cloud server and the information processing unit, and the first key can be used to establish a secure channel with the electronic control unit.
  • there is no need to pre-configure the certificate for the electronic control unit that is, the electronic control unit does not need to store the certificate in advance, which can save the storage resources of the electronic control unit and can also reduce the cost of the electronic control unit manufacturer or vehicle manufacturer.
  • the cloud server establishes a second secure channel with the electronic control unit according to the first key includes: the cloud server generates a communication key according to the first key, and the communication key Used to encrypt data sent by the cloud server to the electronic control unit, or used to decrypt data received from the electronic control unit.
  • the electronic control unit establishing a second secure channel with the cloud server according to the first key includes: the electronic control unit generates a communication key according to the first key, and the communication key is used for encryption Data sent to the cloud server or used to decrypt data received from the cloud server.
  • the cloud server and the electronic control unit establish the second secure channel by using the communication key obtained by the first key, which can isolate the first secure channel and the second secure channel, and reduce the security of the first secure channel when the security of the first secure channel is affected. 2. The impact of safe passage.
  • the method further includes: verifying the certificate of the information processing unit; and when the certificate is valid, contacting the The information processing unit establishes the first secure channel.
  • the method further includes: the information processing unit verifies the certificate of the cloud server; when the certificate is valid, The information processing unit establishes the first secure channel with the cloud server.
  • the cloud server verifies the certificate of the information processing unit and/or the certificate of the information processing unit verifies the server, which can ensure the security of the first secure channel. Since in the embodiment of the present application, the second secure channel between the electronic control unit and the cloud server is also established based on the security information of the first secure channel, ensuring the security of the first secure channel can also improve the second secure channel Security.
  • the method before the receiving the first request message sent by the information processing unit through the first secure channel, the method further includes: negotiating a session key with the information processing unit; The session key establishes the first secure channel, wherein the session key is used to encrypt data sent to the information processing unit or used to decrypt data received from the information processing unit.
  • the method before the information processing unit sends the first request message to the cloud server through the first secure channel, the method further includes: the information processing unit negotiates a session key with the cloud server; and the information processing unit The first secure channel is established with the cloud server based on the session key, where the session key is used to encrypt data sent to the cloud server or used to decrypt data received from the cloud server.
  • the information processing unit does not need a pre-configured certificate, and can also establish a first secure channel with the cloud server, which can save storage resources of the information processing unit, and can also save the cost of information processing unit manufacturers or vehicle manufacturers.
  • the information processing unit does not need a pre-configured certificate, and can also establish a first secure channel with the cloud server, which can save storage resources of the information processing unit, and can also save the cost of information processing unit manufacturers or vehicle manufacturers.
  • the information processing unit is a vehicle box or a vehicle gateway. Because the information processing unit or the vehicle box is connected to multiple electronic control units of the vehicle, the electronic control unit can use the first secure channel between the information processing unit and the cloud server to send the first request message to the cloud server to achieve communication with the cloud server. Establish a second safe channel.
  • the electronic control unit is a complete vehicle controller of the vehicle, a micro control unit of the vehicle, or a body control module of the vehicle. In this way, the vehicle controller of the vehicle, the micro control unit of the vehicle, or the body control module of the vehicle can establish a second secure channel with the cloud server.
  • an implementation manner of the present application provides a cloud server, including:
  • a transceiver module configured to receive a first request message sent by the information processing unit through the first secure channel, wherein the first request message includes the identifier of the electronic control unit of the vehicle;
  • the processing module is configured to obtain a first key according to the identifier and the safety information of the first secure channel; and establish a second secure channel with the electronic control unit according to the first key, wherein the first key Two secure channels are used for communication between the cloud server and the electronic control unit.
  • the first key can be obtained according to the security information of the first secure channel between the cloud server and the information processing unit, and the first key can be used to establish the second key with the electronic control unit.
  • processing module is specifically configured to establish the second secure channel as follows:
  • a communication key is generated according to the first key, and the communication key is used to encrypt data sent by the cloud server to the electronic control unit, or used to decrypt data received from the electronic control unit.
  • processing module is further configured to:
  • the first secure channel is established with the information processing unit.
  • processing module is further configured to:
  • the first secure channel is established with the information processing unit based on the session key, wherein the session key is used to encrypt data sent to the information processing unit or to decrypt data received from the information processing unit The data.
  • implementation manners of the present application also provide an information processing unit, including:
  • a sending unit configured to send a first request message to the cloud server through the first secure channel, where the first request message includes the identifier of the electronic control unit of the vehicle;
  • a processing unit configured to obtain a first key according to the identifier and the security information of the first secure channel
  • the sending unit is further configured to send the first key to the electronic control unit, wherein the first key is used for the electronic control unit to establish a second secure channel with the cloud server.
  • the information processing unit can obtain the first key according to the security information of the first secure channel between the cloud server and the information processing unit, and send the first key to the electronic control unit.
  • One key the electronic control unit can use the first key to establish a second secure channel with the cloud server.
  • processing unit is further configured to:
  • the first secure channel is established with the cloud server based on the session key, where the session key is used to encrypt data sent to the cloud server or used to decrypt data received from the cloud server.
  • processing unit is further configured to:
  • the first secure channel is established with the cloud server.
  • implementation manners of the present application also provide an electronic control unit, including:
  • a sending unit configured to send a first request message to an information processing unit, where the first request message includes an identifier of the electronic control unit;
  • the receiving unit is configured to receive a first key sent by the information processing unit, where the first key is obtained by the information processing unit according to the identifier and the security information of the first secure channel, and the first security
  • the channel is used for communication between the cloud server and the information processing unit;
  • the processing unit is configured to establish a second secure channel with the cloud server according to the first key, wherein the second secure channel is used for communication between the cloud server and the electronic control unit.
  • the electronic control unit when it needs to establish a secure channel with the cloud server, it can send a first request message containing the identifier of the electronic control unit to the information processing unit, and use the first secure channel established by the information processing unit and the cloud server to communicate with the cloud.
  • the server sends the first request message.
  • the electronic control unit can receive the first key obtained by the information processing unit according to the security information of the first secure channel and the identification of the electronic control unit from the information processing unit, and establish a second secure channel with the cloud server according to the first key.
  • there is no need to pre-configure the certificate for the electronic control unit which can save the storage resources of the electronic control unit, and can also reduce the cost of the electronic control unit manufacturer or the vehicle manufacturer.
  • the processing unit specifically establishes the second secure channel as follows:
  • a communication key is generated according to the first key, and the communication key is used to encrypt data sent by the electronic control unit to the cloud server, or used to decrypt data received by the electronic control unit from the cloud server data.
  • the implementation manners of the present application further provide a device, the device including a processor and a memory, the memory storing computer instructions; the processor executes the computer instructions stored in the memory, so that the device executes the foregoing
  • the communication method described in any one of the embodiments In one aspect, the communication method described in any one of the embodiments.
  • the implementation manners of the present application further provide a device that includes a processor and a memory, and the memory stores computer instructions; the processor executes the computer instructions stored in the memory, so that the device executes the foregoing The communication method described in any one of the two aspects.
  • the implementation manners of the present application further provide a device that includes a processor and a memory, and the memory stores computer instructions; the processor executes the computer instructions stored in the memory, so that the device executes the foregoing The communication method described in any one of the three aspects.
  • an implementation manner of the present application further provides a vehicle, which includes the device described in the eighth aspect and the device described in the ninth aspect.
  • embodiments of the present application also provide a computer-readable storage medium for storing program code executable by a device, and when the program code is executed by the device, it is used to implement
  • the communication method provided by any implementation manner of the foregoing first aspect, or the communication method provided by any implementation manner of the foregoing second aspect, or the communication method provided by any implementation manner of the foregoing third aspect.
  • the foregoing embodiment may also include the following optional solutions.
  • the information processing unit may be, for example, a vehicle box or a vehicle gateway.
  • the electronic control unit may be, for example, a vehicle controller, a micro control unit, or a body control module of the vehicle.
  • this embodiment is not limited to this. Because the information processing unit or the vehicle box is connected to multiple electronic control units of the vehicle, the electronic control unit can use the first secure channel between the information processing unit and the cloud server to send the first request message to the cloud server to achieve communication with the cloud server. Establish a second safe channel.
  • the security information includes a session key of the first security channel.
  • the cloud server can obtain the first key based on the session key of the first secure channel and the identification of the electronic control unit, and according to the first key and the vehicle
  • the electronic control unit establishes a secure channel to realize the secure communication between the electronic control unit and the cloud server.
  • the security information further includes at least one of the following information: an identifier of the cloud server, a session identifier of the first secure channel, or an identifier of the information processing unit.
  • an identifier of the cloud server e.g., a session identifier of the first secure channel
  • an identifier of the information processing unit e.g., a device that receives the encrypted data from the cloud server.
  • the complexity of the calculation of the first key can be increased, and the communication security between the electronic control unit and the cloud server can be ensured.
  • FIG. 1 is a schematic diagram of a network architecture of a communication system involved in an embodiment of this application;
  • Figure 2 is a schematic diagram of the network structure of the communication system
  • FIG. 3 is a schematic diagram of the GBA architecture
  • Figure 4 is a schematic diagram of another network architecture of the communication system
  • FIG. 5 is a schematic diagram of a network architecture involved in a communication method according to an embodiment of the application.
  • FIG. 6 is a schematic flowchart of a communication method according to an embodiment of the application.
  • FIG. 7 is a schematic diagram of modules of a cloud server according to an embodiment of the application.
  • FIG. 8 is a schematic diagram of modules of an information processing unit according to an embodiment of the application.
  • FIG. 9 is a schematic diagram of modules of an electronic control unit according to an embodiment of the application.
  • FIG. 10 is a schematic structural diagram of a device according to an embodiment of the application.
  • FIG. 11 is a schematic diagram of another structure of a device according to an embodiment of the application.
  • FIG. 12 is a schematic diagram of another structure of the device according to an embodiment of the application.
  • FIG. 1 is a schematic diagram of a network architecture of a communication system related to an embodiment of this application.
  • the communication system includes a cloud server 100 and a vehicle 200.
  • the vehicle 200 in the embodiment of the present application may be, but is not limited to, a fuel vehicle, an electric vehicle, a two-wheeled vehicle, a three-wheeled vehicle, and the like.
  • the vehicle 200 includes an information processing unit 210 and one or more electronic control units 220.
  • the information processing unit 210 and the electronic control unit 220 may communicate with the cloud server 100 through wireless communication.
  • the information processing unit 210 is a data interaction hub capable of data transmission with each electronic control unit 220 of the vehicle 200.
  • the information processing unit 210 may be, for example, but not limited to, a vehicle box (Telematics BOX, T-BOX) or a vehicle gateway (Gateway).
  • the electronic control unit 220 is an electronic controller with processing or control capabilities of the vehicle.
  • the vehicle 200 may include one or more electronic control units 220.
  • the vehicle 200 in FIG. 1 includes a plurality of electronic control units 220, which are respectively an electronic control unit 1, an electronic control unit 2, ..., an electronic control unit n.
  • the electronic control unit may be, for example, but not limited to, a vehicle control unit (VCU), a microcontroller unit (MCU), and a body control module (BCM) of the vehicle.
  • VCU vehicle control unit
  • MCU microcontroller unit
  • BCM body control module
  • TLS Transport Layer Security Protocol
  • TLS is a security protocol used to provide confidentiality and data integrity between two communication applications.
  • TLS is a protocol built on top of the transport layer TCP protocol and serves the application layer.
  • the information processing unit may establish a secure channel with the cloud server based on TLS, so that the information processing unit and the cloud server communicate through the secure channel.
  • the information processing unit When the information processing unit establishes a secure channel with the cloud server based on TLS, the information processing unit needs to be pre-configured with a certificate. After the cloud server verifies the certificate of the information processing unit, the secure channel is established with the information processing unit.
  • the electronic control unit of the vehicle can also establish a secure channel with the cloud server based on TLS, so that the electronic control unit and the cloud server can communicate through the secure channel.
  • each electronic control unit needs to be pre-configured with a certificate, so that each electronic control unit can establish a secure channel with the cloud server based on TLS, and through the establishment of The secure channel to communicate with the cloud server.
  • the electronic control unit 1 when the electronic control unit 1 needs to communicate securely with the cloud server, the electronic control unit 1 establishes a TLS secure channel with the cloud server based on the certificate pre-configured in the electronic control unit 1; when the electronic control unit 2 needs When communicating securely with the cloud server, the electronic control unit 2 establishes a TLS secure channel with the cloud server based on the certificate pre-configured in the electronic control unit 2; when the electronic control unit n needs to communicate securely with the cloud server, the electronic control unit n is based on the The pre-configured certificate of the electronic control unit n establishes a TLS secure channel with the cloud server.
  • each electronic control unit of the multiple electronic control units needs to be pre-configured with a certificate.
  • This pre-configured certificate will increase the cost of the manufacturer on the one hand.
  • the pre-configured certificate will also be the storage resource of the electronic control unit.
  • GBA Generic Bootstrapping Architecture
  • Both parties in communication can use GBA to obtain a shared key recognized by both parties.
  • FIG. 3 is a schematic diagram of the GBA architecture.
  • GBA includes Bootstrapping Server Function (BSF), User Equipment (UE), Network Application Function (NAF), and Home Subscriber Server (HSS).
  • BSF Bootstrapping Server Function
  • UE User Equipment
  • NAF Network Application Function
  • HSS Home Subscriber Server
  • the BSF acts as an intermediate hub and interacts with the UE through the Ub interface to realize the authentication between the UE and the BSF.
  • a shared key can be negotiated between the UE and the BSF.
  • the information processing unit When the information processing unit needs to communicate securely with the cloud server, the information processing unit can be regarded as the UE in the GBA, and the cloud server can be regarded as the BSF in the GBA. Then, based on GBA, the information processing unit and the cloud server can negotiate a shared key using the above-mentioned shared key negotiation process, and use the negotiated shared key as the session key. Then the information processing unit and the cloud server communicate based on the session key to ensure the security of communication between the information processing unit and the cloud server. As shown in FIG. 4, FIG. 4 is a schematic diagram of another network architecture of the communication system. When the information processing unit needs to communicate securely with the cloud server, the information processing unit and the cloud server first negotiate the session key K0 based on GBA.
  • the information processing unit communicates with the cloud server based on the negotiated session key K0.
  • the electronic control unit can be regarded as the UE in the GBA, and the cloud server can be regarded as the BSF in the GBA.
  • the electronic control unit and the cloud server can negotiate a shared key using the above-mentioned shared key negotiation process, and use the shared key as the session key.
  • the electronic control unit and the cloud server perform secure communication based on the session key.
  • each of the multiple electronic control units needs to be negotiated with the cloud server based on GBA respectively.
  • Each electronic control unit then securely communicates with the cloud server based on the session key negotiated with the cloud server.
  • the electronic control unit 1 and the cloud server When the electronic control unit 1 needs to communicate securely with the cloud server, the electronic control unit 1 and the cloud server first negotiate a session key K1 based on GBA, and then the electronic control unit 1 and the cloud server conduct secure communication based on the negotiated session key K1 ;
  • the electronic control unit 2 When the electronic control unit 2 needs to communicate securely with the cloud server, the electronic control unit 2 and the cloud server also need to first negotiate the session key K2 based on GBA, and then the electronic control unit 2 and the cloud server perform based on the negotiated key K2 Secure communication;
  • the electronic control unit n needs to communicate securely with the cloud server, the electronic control unit n and the cloud server also need to negotiate the session key Kn based on GBA, and then the electronic control unit 2 and the cloud server based on the negotiated key Kn conducts secure communication.
  • each electronic control unit of the multiple electronic control units needs to negotiate a session with the cloud server through the above-mentioned GBA-based negotiated shared key method.
  • the above-mentioned process of negotiating shared keys based on GBA is very complicated. This will result in a cumbersome process of secure communication between the various electronic control units of the vehicle and the cloud server.
  • the embodiment of the present application provides a communication method.
  • the communication method includes: the electronic control unit of the vehicle sends a first request message to the information processing unit, the first request message includes the identification of the electronic control unit; the information processing unit sends the first request message to the cloud server through the first secure channel; cloud The server obtains the first key according to the identification of the electronic control unit and the security information of the first secure channel; the information processing unit obtains the first key according to the identification of the electronic control unit and the security information of the first secure channel; the information processing unit sends The electronic control unit sends the first key; the cloud server and the electronic control unit establish a second secure channel based on the first key.
  • the second secure channel is used for communication between the cloud server and the electronic control unit.
  • FIG. 5 is a schematic diagram of a network architecture involved in a communication method according to an embodiment of the application.
  • a first secure channel is established between the cloud server and the information processing unit.
  • the electronic control unit 1 may send a first request message containing the identification of the electronic control unit 1 to the information processing unit.
  • the information processing unit obtains the first key according to the identification of the electronic control unit 1 and the security information of the first secure channel, and sends the first key to the electronic control unit 1.
  • the information processing unit also sends the first request to the cloud server.
  • the cloud server obtains the first key according to the identification of the electronic control unit 1 and the security information of the first secure channel. Then, a second secure channel is established between the electronic control unit 1 and the cloud server based on the first key. Similarly, if the electronic control unit 2 needs to communicate securely with the cloud server, it can also establish a secure channel with the above-mentioned electronic control unit 1 and the cloud server to realize the establishment of a secure channel between the electronic control unit 2 and the cloud server, and use This secure channel conducts secure communication.
  • the information processing unit and the cloud server can be based on the first secure channel.
  • the security information of the secure channel and the identification of the electronic control unit obtain the first key.
  • the information processing unit sends the first key to the electronic control unit.
  • the electronic control unit and the cloud server can establish a second secure connection based on the first key.
  • there is no need to pre-configure the certificate for the electronic control unit which can save the storage resources of the electronic control unit. Since the process of pre-configuration certificates is omitted, the production cost of the electronic control unit can also be reduced.
  • the electronic control unit and the cloud server also do not need to negotiate a session key based on GBA, which makes the process of implementing secure communication between the electronic control unit and the cloud server easier.
  • FIG. 6 is a schematic flowchart of a communication method according to an embodiment of this application.
  • the communication method may include the following steps:
  • the electronic control unit sends a first request message to the information processing unit, where the first request message includes the identifier of the electronic control unit.
  • the electronic control unit may send the first request message to the information processing unit when it needs to perform secure communication with the cloud server.
  • the first request message is used to request the electronic control unit to perform secure communication with the cloud server.
  • the information processing unit may be, for example, but not limited to, a vehicle box or a vehicle gateway.
  • the electronic control unit may be, for example, but not limited to, a vehicle controller, a micro control unit, or a body control module of the vehicle.
  • the information processing unit sends the first request message to the cloud server through the first secure channel.
  • the information processing unit After receiving the first request message sent by the electronic control unit, the information processing unit sends the first request message to the cloud server through the first secure channel.
  • the first secure channel is a secure channel between the information processing unit and the cloud server.
  • the first secure channel is used for communication between the information processing unit and the cloud server.
  • the first secure channel is established before the information processing unit sends the first request message to the cloud server.
  • the information processing unit obtains the first key according to the identification of the electronic control unit and the security information of the first secure channel.
  • the information processing unit uses the first key derivation algorithm agreed upon between the information processing unit and the cloud server to process the identification of the electronic control unit and the security information of the first secure channel to obtain the first key.
  • the information processing unit and the cloud server may pre-appoint the first key derivation algorithm.
  • the first key derivation algorithm can be HMAC-SHA256, HMAC-MD5, and so on.
  • the information processing unit sends the first key to the electronic control unit.
  • the information processing unit may send the first key to the electronic control unit based on the security protection mechanism of the in-vehicle network.
  • the information processing unit may send the first key to the electronic control unit based on Internet Protocol Security (IPsec) or TLS.
  • IPsec Internet Protocol Security
  • TLS Transmission Layer Security
  • the cloud server receives the first request message, and obtains the first key according to the security information of the first secure channel and the identification of the electronic control unit in the first request message.
  • the cloud server obtains the identification of the electronic control unit from the first request message.
  • the cloud server uses the first key derivation algorithm agreed upon between the information processing unit and the cloud server to process the identification of the electronic control unit and the security information of the first secure channel to obtain the first key.
  • the electronic control unit establishes a second secure channel with the cloud server according to the first key, and the second secure channel is used for the electronic control unit to communicate with the cloud server.
  • the cloud server and the information processing unit obtain the first key according to the first security information of the first secure communication between the cloud server and the information processing unit.
  • the electronic control unit and the cloud server can establish a second secure channel based on the first key.
  • the electronic control unit and the cloud server implement secure communication based on the second secure channel.
  • steps S602, S603, S604, and S605 is not limited to being executed sequentially in the order of S602, S603, S604, and S605.
  • Step S605 needs to be executed after step S602.
  • Step S604 needs to be executed after step S603.
  • Step S602 may be executed before step S603, or may be executed after step S603, and step S602 and step S603 may also be executed at the same time.
  • the specific execution sequence of S602, S603, S604, and S605 is not limited here.
  • the security information of the first secure channel includes the session key of the first secure channel.
  • the cloud server and the information processing unit can obtain the first key according to the session key of the first secure channel.
  • the electronic control unit of the vehicle and the cloud server can obtain the first key based on the session key of the first secure channel and the identification of the electronic control unit, and according to the The first key establishes a secure channel between the electronic control unit and the cloud server, and realizes the secure communication between the electronic control unit and the cloud server.
  • the security information of the first secure channel further includes at least one of the following information: the identifier of the cloud server, the session identifier of the first secure channel, or the identifier of the information processing unit. In this way, the complexity of the calculation of the first key can be increased, and the communication security between the electronic control unit and the cloud server can be ensured.
  • the security information of the first secure channel may only include the session key of the first secure channel.
  • the information processing unit may obtain the first key only according to the session key of the first secure channel.
  • the security information of the first secure channel may also include the identity of the cloud server and the session key of the first secure channel; or the security information of the first secure channel includes the session identifier of the first secure channel and the session key of the first secure channel ; Or the security information of the first secure channel includes the identity of the information processing unit and the session key of the first secure channel; or the security information of the first secure channel includes the identity of the cloud server, the session identifier of the first secure channel, and the first security The session key of the channel; or the security information of the first secure channel includes the identity of the cloud server, the identity of the information processing unit, and the session key of the first secure channel; or the security information of the first secure channel includes the session of the first secure channel ID, the ID of the information processing unit, and the session key of the first secure channel; or the security information of the first secure channel includes the ID of
  • the cloud server before the information processing unit sends the first request message to the cloud server, the cloud server establishes a first secure channel with the information processing unit.
  • the method for establishing the first secure channel may be that the cloud server verifies the certificate of the information processing unit, and the information processing unit verifies the certificate of the cloud service; when the cloud server confirms that the certificate of the information processing unit is valid and the information processing unit confirms that the certificate of the cloud server is valid, The cloud server and the information processing unit establish a first secure channel. Specifically, after the cloud server verifies that the certificate of the information processing unit is legal, and the information processing unit verifies that the certificate of the cloud server is legal, the cloud server sends a random number 1 to the information processing unit.
  • the information processing unit sends a random number 2 to the cloud server.
  • the cloud server sends a random number 3 to the information processing unit.
  • the cloud server obtains the session key according to the random number 1, the random number 2, and the random number 3 based on the agreed algorithm.
  • the information processing unit also obtains the session key according to the random number 1, the random number 2, and the random number 3 based on the agreed algorithm. In this way, the session key agreement is completed between the information processing unit and the cloud server.
  • a first secure channel is established between the cloud server and the information processing unit based on the session key.
  • the cloud server can use the session key to encrypt data sent to the information processing unit and decrypt data received from the information processing unit.
  • the information processing unit can use the session key to encrypt data sent to the cloud server and decrypt data received from the cloud server.
  • the agreed algorithm may be a key derivation algorithm in the TLS protocol.
  • the first secure channel between the cloud server and the information processing unit is a TLS secure channel, which ensures the security of the first secure channel, that is, more effectively guarantees the communication security between the cloud server and the information processing unit. Since in the embodiment of the present application, the second secure channel between the electronic control unit and the cloud server is also established based on the security information of the first secure channel, ensuring the security of the first secure channel can also improve the second secure channel Security.
  • the method for establishing the first secure channel may also be that the cloud server and the information processing unit negotiate a session key, and the cloud server and the information processing unit establish the first secure channel based on the session key.
  • the cloud server can use the session key to encrypt data sent to the information processing unit and decrypt data received from the information processing unit.
  • the information processing unit can use the session key to encrypt data sent to the cloud server and decrypt data received from the cloud server.
  • the cloud server and the information processing unit negotiate the session key through the aforementioned GBA-based shared key negotiation method. In this way, the information processing unit does not need a pre-configured certificate, and can also establish a first secure channel with the cloud server, which can save storage resources of the information processing unit, and can also save the cost of information processing unit manufacturers or vehicle manufacturers.
  • the electronic control unit and the cloud server may obtain the communication key according to the first key.
  • a second secure channel is established between the cloud server and the electronic control unit based on the communication key.
  • the communication key is used to encrypt data sent by the cloud server to the electronic control unit, decrypt data received by the cloud server from the electronic control unit, encrypt data sent by the electronic control unit to the cloud server, and decrypt data received by the electronic control unit from the cloud server.
  • the electronic control unit and the cloud server may use the agreed second key derivation algorithm to process the first key to obtain the communication key. For example, the electronic control unit generates a random number 4 and encrypts the random number 4 with the first key. Then the electronic control unit sends the encrypted random number 4 to the cloud server. The cloud server generates a random number 5 and encrypts the random number 5 with the first key. Then the cloud server sends the encrypted random number 5 to the electronic control unit. The electronic control unit then generates a random number 6 and encrypts the random number 6 with the first key. The electronic control unit sends the random number 6 to the cloud server. The electronic control unit uses the first key to decrypt the random number 5 received from the cloud server to obtain the decrypted random number 5.
  • the electronic control unit uses the second key deduction algorithm agreed with the cloud server to process the random number 4, the random number 5, and the random number 6 to obtain the communication key.
  • the cloud server uses the first key to decrypt the random number 4 and the random number 6 received from the electronic control unit to obtain the decrypted random number 4 and the random number 6.
  • the cloud server uses the agreed second key derivation algorithm to process the random number 4, the random number 5, and the random number 6 to obtain the communication key.
  • the cloud server and the information processing unit establish a first secure channel
  • the electronic control unit needs to communicate securely with the cloud server, only the information processing unit and the cloud server need to agree on the first key derivation algorithm, and the electronic control unit and the cloud server
  • the server agrees on the second deduction algorithm, and the information processing unit and the cloud server can use the first key deduction algorithm to process the security information of the first secure channel and the identification of the electronic control unit to obtain the first key.
  • the electronic control unit and the cloud server can use the second key derivation algorithm to process the first key to obtain the communication key.
  • a second secure channel can be established between the electronic control unit and the cloud server based on the communication key. That is, the electronic control unit and the cloud server can perform secure communication based on the communication key.
  • the second key derivation algorithm may be a key derivation algorithm in the TLS protocol.
  • a TLS connection can be established between the electronic control unit and the cloud server based on the first key to ensure the communication security between the electronic control unit and the cloud server.
  • the electronic control unit and the cloud server may also use the first key as the session key of the second secure channel.
  • the electronic control unit uses the first key to encrypt the data sent to the cloud server and uses the first key to decrypt the data received from the cloud server.
  • the cloud server uses the first key to encrypt data sent to the electronic control unit and uses the first key to decrypt data received from the electronic control unit.
  • the first key derived from the security information of the first secure channel and the identification of the electronic control unit is used as the session key for the communication between the electronic control unit and the cloud server.
  • a second secure channel is established between the cloud server and the electronic control unit based on the first key. In this way, the process of establishing the second secure channel between the electronic control unit and the cloud server can be effectively simplified.
  • FIG. 7 is a schematic diagram of modules of a cloud server according to an embodiment of the application.
  • the embodiment of the present application provides a cloud server 700, including:
  • the transceiver module 701 is configured to receive a first request message sent by the information processing unit through the first secure channel, where the first request message includes the identifier of the electronic control unit of the vehicle;
  • the processing module 702 is configured to obtain a first key according to the identifier and the security information of the first secure channel; and establish a second secure channel according to the first key and the electronic control unit, where the second secure channel is used for the cloud server and the electronic control unit. Control unit communication.
  • the first key can be obtained according to the security information of the first secure channel between the cloud server and the information processing unit, and the first key can be used to establish the second key with the electronic control unit.
  • the second secure channel there is no need to pre-configure the certificate for the electronic control unit, which can save the storage resources of the electronic control unit, and can also reduce the cost of the electronic control unit manufacturer or the vehicle manufacturer.
  • the security information includes the session key of the first secure channel.
  • the security information further includes at least one of the following information: the identity of the cloud server, the session identity of the first secure channel, or the identity of the information processing unit.
  • processing module 702 is specifically configured to establish the second secure channel as follows:
  • a communication key is generated according to the first key, and the communication key is used to encrypt data sent by the cloud server to the electronic control unit, or used to decrypt data received from the electronic control unit.
  • processing module 702 is also used to:
  • the first secure channel is established with the information processing unit.
  • processing module 702 is also used to:
  • the first secure channel is established with the information processing unit based on the session key, where the session key is used to encrypt data sent to the information processing unit or used to decrypt data received from the information processing unit.
  • the information processing unit is a vehicle box or a vehicle gateway.
  • the electronic control unit is a vehicle controller, a micro control unit, or a body control module of the vehicle.
  • the cloud server 700 of this embodiment can be implemented by the device 1000 shown in FIG. 10.
  • the transceiver module 701 may be implemented by the transceiver 1020 of the device 1000.
  • the processing module 702 may be implemented by the processor 1010 of the device 1000.
  • FIG. 8 is a schematic diagram of modules of an information processing unit according to an embodiment of the application.
  • the embodiment of the present application further provides an information processing unit 800, including:
  • the sending unit 801 is configured to send a first request message to the cloud server through the first secure channel, where the first request message includes the identifier of the electronic control unit of the vehicle;
  • the processing unit 802 is configured to obtain the first key according to the identifier and the security information of the first secure channel;
  • the sending unit 801 is further configured to send a first key to the electronic control unit, where the first key is used for the electronic control unit to establish a second secure channel with the cloud server.
  • the information processing unit can obtain the first key according to the security information of the first secure channel between the cloud server and the information processing unit, and send the first key to the electronic control unit The first key.
  • the electronic control unit can use the first key to establish a second secure channel with the cloud server.
  • there is no need to pre-configure the certificate for the electronic control unit which can save the storage resources of the electronic control unit, and can also reduce the cost of the electronic control unit manufacturer or the vehicle manufacturer.
  • the security information includes the session key of the first secure channel.
  • the security information further includes at least one of the following information: the identity of the cloud server, the session identity of the first secure channel, or the identity of the information processing unit.
  • processing unit 802 is further configured to:
  • the first secure channel is established with the cloud server based on the session key, where the session key is used to encrypt data sent to the cloud server or used to decrypt data received from the cloud server.
  • the information processing unit 800 further includes a receiving unit, and the processor 802 is further configured to negotiate a session key with the cloud server through the sending unit 801 and the receiving unit.
  • processing unit 802 is further configured to:
  • the first secure channel is established with the cloud server.
  • the information processing unit 800 is a vehicle box or a vehicle gateway.
  • the electronic control unit is a vehicle controller, a micro control unit, or a body control module of the vehicle.
  • the information processing unit 800 of this embodiment can be implemented by the device 1100 shown in FIG. 11.
  • the sending unit 801 may be implemented by a transmitter of the transceiver 1120 of the device 1100.
  • the processing unit 802 may be implemented by the processor 1110 of the device 1100.
  • the receiving unit may be implemented by the receiver of the transceiver 1120 of the device 1100.
  • FIG. 9 is a schematic diagram of a module of an electronic control unit according to an embodiment of the application.
  • the embodiment of the present application also provides an electronic control unit 900, including:
  • the sending unit 901 is configured to send a first request message to the information processing unit, where the first request message includes an identification of the electronic control unit;
  • the receiving unit 902 is configured to receive the first key sent by the information processing unit, the first key is obtained by the information processing unit according to the identifier and the security information of the first secure channel, and the first secure channel is used for the cloud server and the information processing unit Communication between
  • the processing unit 903 is configured to establish a second secure channel with the cloud server according to the first key, where the second secure channel is used for communication between the cloud server and the electronic control unit.
  • the electronic control unit when it needs to establish a secure channel with the cloud server, it can send a first request message containing the identifier of the electronic control unit to the information processing unit, and use the first secure channel established by the information processing unit and the cloud server to communicate with the cloud.
  • the server sends the first request message.
  • the electronic control unit can receive the first key obtained by the information processing unit according to the security information of the first secure channel and the identification of the electronic control unit from the information processing unit, and establish a second secure channel with the cloud server according to the first key.
  • there is no need to pre-configure the certificate for the electronic control unit which can save the storage resources of the electronic control unit, and can also reduce the cost of the electronic control unit manufacturer or the vehicle manufacturer.
  • the security information includes the session key of the first secure channel.
  • the security information further includes at least one of the following information: the identity of the cloud server, the session identity of the first secure channel, or the identity of the information processing unit.
  • the processing unit 903 specifically establishes the second secure channel as follows:
  • a communication key is generated according to the first key, and the communication key is used to encrypt data sent by the electronic control unit to the cloud server, or used to decrypt data received by the electronic control unit from the cloud server.
  • the information processing unit is a vehicle box or a vehicle gateway.
  • the electronic control unit 900 is a vehicle controller, a micro control unit, or a body control module of the vehicle.
  • the electronic control unit 900 of this embodiment can be implemented by the device 1200 shown in FIG. 12.
  • the sending unit 901 may be implemented by a transmitter of the transceiver 1220 of the device 1200.
  • the receiving unit 902 may be implemented by the receiver of the transceiver 1220 of the device 1200.
  • the processing unit 903 may be implemented by the processor 1210 of the device 1200.
  • FIG. 10 is a schematic structural diagram of a device 1000 provided by an embodiment of the present application.
  • the device 1000 may be a processing chip in a cloud server.
  • the device 1000 includes a processor 1010 and an input/output interface.
  • the device 1000 may also be a cloud server.
  • the device 1000 may include a transceiver 1020 and a memory 1030.
  • the processor 1010, the transceiver 1020, and the memory 1030 may be connected to each other through a bus 1040.
  • the processor 1010 in the device 1000 is configured to read related instructions to perform the following operations:
  • a second secure channel is established with the electronic control unit according to the first key, and the second secure channel is used for communication between the cloud server and the electronic control unit.
  • the foregoing operation of receiving the first request message can be understood as an operation of reading the message through an input/output interface, and can also be understood as an operation of demodulating data to obtain the content of the first request message.
  • FIG. 11 is a schematic structural diagram of another device 1100 provided in an embodiment of the present application.
  • the device 1100 may be a processing chip in the information processing unit 210.
  • the device 1100 includes a processor 1110 and an input/output interface.
  • the device 1100 may also be the information processing unit 210.
  • the device 1100 may include a transceiver 1120 and a memory 1130.
  • the processor 1110, the transceiver 1120, and the memory 1130 may be connected to each other through a bus 1140.
  • the processor 1110 in the device 1100 is configured to read related instructions and perform the following operations:
  • the foregoing sending operation can be understood as an operation of outputting a message or the first key through an input/output interface.
  • the foregoing sending operation can be understood as an operation of sending a message or the first key through the transceiver 1120.
  • FIG. 12 is a schematic structural diagram of another device 1200 according to an embodiment of the present application.
  • the device 1200 may be a processing chip in the electronic control unit 220.
  • the device 1200 includes a processor 1210 and an input/output interface.
  • the device 1200 may also be the electronic control unit 220.
  • the device 1200 may include a transceiver 1220 and a memory 1230.
  • the processor 1210, the transceiver 1220, and the memory 1230 may be connected to each other through a bus 1240.
  • the processor 1210 in the device 1200 is configured to read related instructions to perform the following operations:
  • the first key is obtained by the information processing unit according to the identifier and the security information of the first secure channel, and the first secure channel is used for communication between the cloud server and the information processing unit;
  • a second secure channel is established with the cloud server according to the first key, and the second secure channel is used for communication between the cloud server and the electronic control unit.
  • the present application provides a computer-readable storage medium in which computer instructions are stored, and the computer instructions instruct the server to execute the communication method provided in any of the above-mentioned embodiments.
  • the processor mentioned in the embodiment of the present application may be a central processing unit (Central Processing Unit, CPU), or may be other general-purpose processors, digital signal processors (Digital Signal Processors, DSPs), and application specific integrated circuits Application Specific Integrated Circuit (ASIC), ready-made programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.
  • the memory mentioned in the embodiments of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory.
  • the non-volatile memory can be read-only memory (Read-Only Memory, ROM), programmable read-only memory (Programmable ROM, PROM), erasable programmable read-only memory (Erasable PROM, EPROM), and electrically available Erase programmable read-only memory (Electrically EPROM, EEPROM) or flash memory.
  • the volatile memory may be a random access memory (Random Access Memory, RAM), which is used as an external cache.
  • RAM static random access memory
  • DRAM dynamic random access memory
  • DRAM synchronous dynamic random access memory
  • DDR SDRAM Double Data Rate Synchronous Dynamic Random Access Memory
  • Enhanced SDRAM, ESDRAM Enhanced Synchronous Dynamic Random Access Memory
  • Synchronous Link Dynamic Random Access Memory Synchronous Link Dynamic Random Access Memory
  • DR RAM Direct Rambus RAM
  • the processor is a general-purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic device, or discrete hardware component
  • the memory storage module
  • the size of the sequence number of the above-mentioned processes does not mean the order of execution, and the execution order of each process should be determined by its function and internal logic, and should not correspond to the embodiments of the present application.
  • the implementation process constitutes any limitation.
  • the disclosed system, device, and method can be implemented in other ways.
  • the device embodiments described above are merely illustrative, for example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined or It can be integrated into another system, or some features can be ignored or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of the present application essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program code .
  • the modules in the device of the embodiment of the present application may be combined, divided, and deleted according to actual needs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Small-Scale Networks (AREA)

Abstract

本申请提供一种通信方法及相关产品。通信方法包括:接收信息处理单元通过第一安全通道发送的第一请求消息,第一请求消息包括车辆的电子控制单元的标识;根据标识和第一安全通道的安全信息得到第一密钥;根据第一密钥与电子控制单元建立第二安全通道,第二安全通道用于云服务器与电子控制单元通信。如此,在云服务器需要与电子控制单元建立安全通道时,可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,利用该第一密钥与电子控制单元建立第二安全通道。在这样的方案中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。

Description

通信方法及相关产品
本申请要求于2019年12月23日提交中国专利局、申请号为201911343068.9、申请名称为“通信方法及相关产品”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及车辆通信技术领域,尤其涉及一种通信方法及相关产品。
背景技术
在很多场景下车辆内的部件需要和云服务器进行安全通信。车辆的部件包括汽车盒子、网关和其他电子控制单元。汽车盒子和网关一般会配置证书。汽车盒子或网关与云端进行安全通信的时候,可使用证书完成身份认证,与云服务器建立传输层安全性协议(transport layer security,TLS)安全通道。汽车的电子控制单元(electronic control unit,ECU),与云端进行安全通信时,也需要基于证书和云服务器建立TLS安全通道。这样配置证书会占用ECU的存储资源,配置证书的过程也会增加ECU的生产成本。而且,有些ECU也不具备配置证书的条件。
发明内容
本申请实施例提供了一种通信方法及相关产品,能够实现电子控制单元与云服务器进行安全通信,同时也能够节省电子控制单元的存储资源。
第一方面提供一种通信方法。该方法可以由云服务器实现,也可以由云服务器上的处理芯片实现。为了方便描述,本实施例以云服务器执行该方法为例进行描述。该方法中,云服务器接收信息处理单元通过第一安全通道发送的第一请求消息,该第一请求消息包括车辆的电子控制单元的标识。进一步的,云服务器根据所述标识和所述第一安全通道的安全信息得到第一密钥,然后云服务器根据所述第一密钥与所述电子控制单元建立第二安全通道,所述第二安全通道用于云服务器与所述电子控制单元通信。
相应的,第二方面还提供一种通信方法。该方法可以由信息处理单元实现,也可以由信息处理单元上的处理芯片实现。为了方便描述,本实施例以信息处理单元执行该方法为例进行描述。该方法中,信息处理单元通过第一安全通道向云服务器发送第一请求消息,所述第一请求消息包括车辆的电子控制单元的标识。该信息处理单元根据所述标识和所述第一安全通道的安全信息得到第一密钥,进一步的,信息处理单元向所述电子控制单元发送所述第一密钥,所述第一密钥用于所述电子控制单元与所述云服务器建立第二安全通道。需要说明的是,本实施例并不限定各个步骤的先后顺序。
相应的,第三方面还提供一种通信方法,该方法可以由电子控制单元实现,也可以由电子控制单元上的处理芯片实现。为了方便描述,本实施例以电子控制单元执行该方法为例进行描述。该方法中,电子控制单元向信息处理单元发送第一请求消息,所述第一请求消息包括电子控制单元的标识;进一步的,电子控制单元接收所述信息处理单元发送的第 一密钥,所述第一密钥是所述信息处理单元根据所述标识和第一安全通道的安全信息得到的,所述第一安全通道用于云服务器与所述信息处理单元之间的通信;进而,该电子控制单元根据所述第一密钥与所述云服务器建立第二安全通道,所述第二安全通道用于所述云服务器与所述电子控制单元通信。
上述方案中,在云服务器需要与电子控制单元建立安全通道时,可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,利用该第一密钥与电子控制单元建立云服务器与电子控制单元之间的第二安全通道,从而使得云服务器和电子控制单元能够进行安全通信。在这样的方案中,不需要为电子控制单元预配置证书,即电子控制单元无需预先存储证书,从而能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
可选的,所述云服务器根据所述第一密钥与所述电子控制单元建立第二安全通道,包括:所述云服务器根据所述第一密钥生成通信密钥,所述通信密钥用于加密云服务器向所述电子控制单元发送的数据,或用于解密从所述电子控制单元接收的数据。相应的,所述电子控制单元根据所述第一密钥与所述云服务器建立第二安全通道包括:电子控制单元根据所述第一密钥生成通信密钥,所述通信密钥用于加密向所述云服务器发送的数据,或用于解密从所述云服务器接收的数据。
这样云服务器和电子控制单元通过利用第一密钥得到的通信密钥建立第二安全通道,能够隔离第一安全通道和第二安全通道,降低第一安全通道的安全性受到影响时,对第二安全通道的影响。
可选的,所述云服务器接收信息处理单元通过第一安全通道发送的第一请求消息之前,所述方法还包括:验证所述信息处理单元的证书;当所述证书合法时,与所述信息处理单元建立所述第一安全通道。
可选的,所述信息处理单元通过第一安全通道向云服务器发送第一请求消息之前,所述方法还包括:所述信息处理单元验证所述云服务器的证书;当所述证书合法时,所述信息处理单元与所述云服务器建立所述第一安全通道。
通过上述可选方案,云服务器验证信息处理单元的证书和/或信息处理单元验证服务器的证书,能够保证第一安全通道的安全性。由于本申请实施例中,电子控制单元与云服务器之间的第二安全通道也是基于该第一安全通道的安全信息建立的,那么保证第一安全通道的安全性,也能够提升第二安全通道的安全性。
在某些实施方式中,所述接收信息处理单元通过第一安全通道发送的第一请求消息之前,所述方法还包括:与所述信息处理单元协商会话密钥;与所述信息处理单元基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述信息处理单元发送的数据或用于解密从所述信息处理单元接收的数据。相应的,所述信息处理单元通过第一安全通道向云服务器发送第一请求消息之前,所述方法还包括:所述信息处理单元与所述云服务器协商会话密钥;以及所述信息处理单元与所述云服务器基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述云服务器发送的数据或用于解密从所述云服务器接收的数据。这样信息处理单元不需要预配置的证书,也能够实现与云服务器建立第一安全通道,可节省信息处理单元的存储资源,也能够节省信息处理单元厂商或 车辆厂商的成本。
这样信息处理单元不需要预配置的证书,也能够实现与云服务器建立第一安全通道,可节省信息处理单元的存储资源,也能够节省信息处理单元厂商或车辆厂商的成本。
在某些实施方式中,所述信息处理单元为车辆盒子或车辆网关。由于信息处理单元或车辆盒子与车辆的多个电子控制单元连接,使得电子控制单元可以利用信息处理单元与云服务器之间的第一安全通道,向云服务器发送第一请求消息,实现与云服务器建立第二安全通道。
在某些实施方式中,所述电子控制单元为所述车辆的整车控制器、所述车辆的微控制单元、或所述车辆的车身控制模块。如此,能够实现车辆的整车控制器、所述车辆的微控制单元、或所述车辆的车身控制模块与云服务器建立第二安全通道。
第四方面,本申请实施方式提供一种云服务器,包括:
收发模块,用于接收信息处理单元通过第一安全通道发送的第一请求消息,其中,所述第一请求消息包括车辆的电子控制单元的标识;
处理模块,用于根据所述标识和所述第一安全通道的安全信息得到第一密钥;以及根据所述第一密钥与所述电子控制单元建立第二安全通道,其中,所述第二安全通道用于所述云服务器与所述电子控制单元通信。
如此,在云服务器需要与电子控制单元建立安全通道时,可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,利用该第一密钥与电子控制单元建立第二安全通道。在这样的方案中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在可选实施方式中,所述处理模块具体用于按如下方式建立所述第二安全通道:
根据所述第一密钥生成通信密钥,所述通信密钥用于加密云服务器向所述电子控制单元发送的数据,或用于解密从所述电子控制单元接收的数据。
在可选实施方式中,所述处理模块还用于:
用于验证所述信息处理单元的证书;和
当所述证书合法时,与所述信息处理单元建立所述第一安全通道。
在可选实施方式中,所述处理模块还用于:
通过所述收发模块与所述信息处理单元协商会话密钥;以及
与所述信息处理单元基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述信息处理单元发送的数据或用于解密从所述信息处理单元接收的数据。
需要说明的是,上述第一方面的通信方法的技术效果也适用于本实施方式的云服务器,为避免冗余,在此不再赘述。
第五方面,本申请实施方式还提供一种信息处理单元,包括:
发送单元,用于通过第一安全通道向云服务器发送第一请求消息,其中,所述第一请求消息包括车辆的电子控制单元的标识;
处理单元,用于根据所述标识和所述第一安全通道的安全信息得到第一密钥;
所述发送单元还用于向所述电子控制单元发送所述第一密钥,其中,所述第一密钥用于所述电子控制单元与所述云服务器建立第二安全通道。
如此,在电子控制单元需要与云服务器需要云服务器建立安全通道时,信息处理单元可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,并向电子控制单元发送第一密钥。这样电子控制单元能够利用该第一密钥与云服务器建立第二安全通道。在这样的方案中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在可选实施方式中,所述处理单元还用于:
通过所述发送单元与所述云服务器协商会话密钥;和
与所述云服务器基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述云服务器发送的数据或用于解密从所述云服务器接收的数据。
在可选实施方式中,所述处理单元还用于:
验证所述云服务器的证书;和
当所述证书合法时,与所述云服务器建立所述第一安全通道。
需要说明的是,上述第二方面的通信方法的技术效果也适用于本实施方式的信息处理单元,为避免冗余,在此不再赘述。
第六方面,本申请实施方式还提供一种电子控制单元,包括:
发送单元,用于向信息处理单元发送第一请求消息,其中,所述第一请求消息包括所述电子控制单元的标识;
接收单元,用于接收所述信息处理单元发送的第一密钥,所述第一密钥是所述信息处理单元根据所述标识和第一安全通道的安全信息得到的,所述第一安全通道用于云服务器与所述信息处理单元之间的通信;
处理单元,用于根据所述第一密钥与所述云服务器建立第二安全通道,其中,所述第二安全通道用于所述云服务器与所述电子控制单元通信。
如此,在电子控制单元需要与云服务器建立安全通道时,可向信息处理单元发送包含有电子控制单元的标识的第一请求消息,并利用信息处理单元与云服务器建立的第一安全通道向云服务器发送第一请求消息。这样电子控制单元能够从信息处理单元接收信息处理单元根据第一安全通道的安全信息和电子控制单元的标识得到的第一密钥,并根据第一密钥与云服务器建立第二安全通道。在这样的方案中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在某些实施方式中,所述处理单元具体按如下方式建立所述第二安全通道:
根据所述第一密钥生成通信密钥,所述通信密钥用于加密所述电子控制单元向所述云服务器发送的数据,或用于解密所述电子控制单元从所述云服务器接收的数据。
需要说明的是,上述第三方面的通信方法的技术效果也适用于本实施方式的电子控制单元,为避免冗余,在此不再赘述。
第七方面,本申请实施方式还提供一种设备,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行上述第一方面任一实施方式所述的通信方法。
第八方面,本申请实施方式还提供一种设备,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行 上述第二方面任一实施方式所述的通信方法。
第九方面,本申请实施方式还提供一种设备,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行上述第三方面任一实施方式所述的通信方法。
第十方面,本申请实施方式还提供一种车辆,包括上述第八方面所述的设备和第九方面所述的设备。
第十一方面,本申请实施方式还提供一种计算机可读存储介质,所述计算机可读存储介质用于存储设备可执行的程序代码,所述程序代码被所述设备执行时,用于实现上述第一方面的任一实施方式提供的通信方法,或上述第二方面的任一实施方式提供的通信方法,或上述第三方面任一实施方式的通信方法。
上述实施例还可以包括如下可选方案。
可选的,信息处理单元例如可以是车辆盒子或车辆网关。电子控制单元例如可以是车辆的整车控制器、微控制单元、或车身控制模块。但是本实施例不限于此。由于信息处理单元或车辆盒子与车辆的多个电子控制单元连接,使得电子控制单元可以利用信息处理单元与云服务器之间的第一安全通道,向云服务器发送第一请求消息,实现与云服务器建立第二安全通道。
可选的,所述安全信息包括所述第一安全通道的会话密钥。这样,当云服务器与信息处理单元建立第一安全通道之后,云服务器可以基于该第一安全通道的会话密钥和电子控制单元的标识得到第一密钥,并根据该第一密钥与车辆的电子控制单元建立安全通道,实现电子控制单元与云服务器的安全通信。
可选的,所述安全信息还包括以下信息中的至少一种:所述云服务器的标识、所述第一安全通道的会话标识、或所述信息处理单元的标识。如此,能够增加第一密钥计算的复杂程度,保障电子控制单元与云服务器之间的通信安全。
附图说明
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍。
图1为本申请实施例涉及的通信系统的网络架构示意图;
图2为通信系统的网络结构示意图;
图3为GBA的架构示意图;
图4为通信系统的另一网络架构示意图;
图5为本申请实施例的通信方法涉及的网络架构示意图;
图6为本申请实施例的通信方法的流程示意图;
图7为本申请实施例的云服务器的模块示意图;
图8为本申请实施例的信息处理单元的模块示意图;
图9为本申请实施例的电子控制单元的模块示意图;
图10为本申请实施例的设备的结构示意图;
图11为本申请实施例的设备的另一结构示意图;
图12为本申请实施例的设备的又一结构示意图。
具体实施方式
下面将结合附图,对本申请中的技术方案进行描述。
图1为本申请实施例涉及的通信系统的网络架构示意图。该通信系统包括云服务器100和车辆200。本申请实施例的车辆200可以是但不限于燃料汽车、电动汽车、两轮车辆、三轮车辆等。车辆200包括信息处理单元210和一个或多个电子控制单元220。信息处理单元210和电子控制单元220可通过无线通信的方式与云服务器100进行通信。信息处理单元210为能够与车辆200的各个电子控制单元220进行数据传输的数据交互枢纽。信息处理单元210例如可以是但不限于车辆盒子(Telematics BOX,T-BOX)或车辆网关(Gateway)。电子控制单元220为车辆的具备处理或控制能力的电子控制器。车辆200可包括一个或多个电子控制单元220。例如图1中的车辆200包括多个电子控制单元220,分别为电子控制单元1,电子控制单元2,……,电子控制单元n。电子控制单元例如可以是但不限于车辆的整车控制器(Vehicle control unit,VCU)、微控制单元(Microcontroller Unit,MCU)、车身控制模块(Body control module,BCM)。
传输层安全性协议(TLS)是一种安全协议,用于在两个通信应用程序之间提供保密性和数据完整性。TLS是建立在传输层TCP协议之上的协议,服务于应用层。当通信双方需要基于TLS进行安全通信时,通信双方先约定所支持的TLS最高协议版本号和所支持的加密算法集合。然后通信双方验证证书。验证证书之后,通信双方再约定通信密钥,并基于该通信密钥进行通信。
为了保障信息处理单元与云服务器之间的通信安全,信息处理单元可基于TLS与云服务器建立安全通道,以使得信息处理单元与云服务器之间通过该安全通道进行通信。信息处理单元基于TLS与云服务器建立安全通道时,信息处理单元需要预配置证书,云服务器验证信息处理单元的证书之后,再与信息处理单元建立安全通道。同样的,车辆的电子控制单元也可基于TLS与云服务器建立安全通道,以使得电子控制单元和云服务器之间通过该安全通道进行通信。那么,在电子控制单元基于TLS与云服务器建立安全通道时,也需要为电子控制单元预配置证书。当车辆包括多个需要与云服务器进行通信的电子控制单元时,需要分别为每个电子控制单元预配置证书,以使得每个电子控制单元能够分别基于TLS与云服务器建立安全通道,并通过建立的安全通道与云服务器进行通信。例如,如图2所示,当电子控制单元1需要与云服务器进行安全通信时,电子控制单元1基于在电子控制单元1预配置的证书与云服务器建立TLS安全通道;当电子控制单元2需要与云服务器进行安全通信时,电子控制单元2基于在电子控制单元2预配置的证书与云服务器建立TLS安全通道;当电子控制单元n需要与云服务器进行安全通信时,电子控制单元n基于在电子控制单元n预配置的证书与云服务器建立TLS安全通道。由此可见,若多个电子控制单元通过TLS的方式与云服务器进行通信,需要为多个电子控制单元中的每个电子控制单元都预配置证书,这样预配置证书一方面会增加厂商的成本,另一方面预配置的证书也会电子控制单元的存储资源。
通用引导构架(Generic Bootstrapping Architecture,GBA)为一种认证机制。通信双方 能够利用GBA获得一个双方认可的共享密钥。具体地,请参阅图3,图3为GBA的架构示意图。GBA包括引导服务功能(Bootstrapping Server Function,BSF)、用户设备(User Equipment,UE)、网络应用功能(Network application function,NAF)和归属用户服务器(Home Subscriber Server,HSS)。其中,BSF作为中间枢纽,通过Ub接口与UE交互,实现UE与BSF之间的认证。具体地,基于GBA可在UE与BSF之间协商共享密钥。基于GBA协商共享密钥的过程可以为,UE先发送UE的标识至BSF;BSF将该UE的标识转发至HSS;HSS根据UE的标识,确定UE的标识对应的根密钥,并计算得到认证向量(authentication vector,AV),AV=(RAND,AUTN,CK,IK,XRES),其中,RAND为随机数,AUTN为认证令牌(Authentication token),CK为加密密钥(Cipher Key),IK为完整性保护密钥(Integrity key),XRES为期望的用户响应(Expected user Response);HSS发送AV至BSF;BSF发送AV中RAND和AUTN至UE;UE验证AUTN,并计算得到CK、IK和RES,RES为用户响应(user Response);BSF对比XRES和RES,验证RES是否正确;若正确,则BSF计算Ks=CK||IK;BSF发送B-TID和Key lifetime至UE,其中,BSF基于RAND和BSF server name生成B-TID;UE计算得到Ks=CK||IK。这样UE和BSF之间就完成了密钥协商,获得了共享密钥Ks。
当信息处理单元需要与云服务器进行安全通信时,可将信息处理单元当做GBA中的UE,将云服务器当做GBA中的BSF。那么信息处理单元和云服务器之间可基于GBA,利用上述协商共享密钥的过程协商一个共享密钥,将协商得到的共享密钥作为会话密钥。然后信息处理单元与云服务器之间基于该会话密钥进行通信,以保证信息处理单元与云服务器之间的通信安全。如图4所示,图4为通信系统的另一网络架构示意图。当信息处理单元需要与云服务器进行安全通信时,信息处理单元与云服务器先基于GBA,协商会话密钥K0。然后信息处理单元与云服务器基于该协商的会话密钥K0进行通信。当电子控制单元需要与云服务器进行通信时,可将电子控制单元当做GBA中的UE,将云服务器当做GBA中的BSF。那么电子控制单元和云服务器之间可基于GBA,利用上述协商共享密钥的过程协商一个共享密钥,将该共享密钥作为会话密钥。然后电子控制单元与云服务器之间基于该会话密钥进行安全通信。继续参阅图4,当车辆包括需要与云服务器进行通信的多个电子控制单元(例如图4中的电子控制单元1-电子控制单元n)时,多个电子控制单元中的每个电子控制单元需要分别基于GBA与云服务器协商会话密钥。然后每个电子控制单元基于各自与云服务器协商的会话密钥与云服务器进行安全通信。当电子控制单元1需要与云服务器进行安全通信时,电子控制单元1与云服务器先基于GBA,协商会话密钥K1,然后电子控制单元1与云服务器基于该协商的会话密钥K1进行安全通信;当电子控制单元2需要与云服务器进行安全通信时,电子控制单元2和云服务器也需要先基于GBA,协商会话密钥K2,然后电子控制单元2与云服务器基于该协商的密钥K2进行安全通信;当电子控制单元n需要与云服务器进行安全通信时,电子控制单元n和云服务器也需要先基于GBA,协商会话密钥Kn,然后电子控制单元2与云服务器基于该协商的密钥Kn进行安全通信。可以看出,当多个电子控制单元都需要与云服务器进行安全通信时,多个电子控制单元中的每个电子控制单元都需要与云服务器通过上述基于GBA协商共享密钥的方式协商一次会话密钥,而上述基于GBA协商共享密钥的过程又十分复杂。这会导致车辆的各个 电子控制单元,与云服务器进行安全通信的过程较为繁琐。
本申请实施例提供一种通信方法。通信方法包括:车辆的电子控制单元向信息处理单元发送第一请求消息,该第一请求消息包括电子控制单元的标识;信息处理单元通过第一安全通道向云服务器发送该第一请求消息;云服务器根据该电子控制单元的标识和第一安全通道的安全信息得到第一密钥;信息处理单元根据该电子控制单元的标识和第一安全通道的安全信息得到第一密钥;信息处理单元向电子控制单元发送第一密钥;云服务器和电子控制单元基于该第一密钥建立第二安全通道。该第二安全通道用于云服务器与该电子控制单元通信。这样,电子控制单元与云服务器则可以利用该第二安全通道进行通信,以保证电子控制单元与云服务器之间的通信安全。请参阅图5,图5为本申请实施例的通信方法涉及的网络架构示意图。如图5所示的网络架构,云服务器与信息处理单元之间建立有第一安全通道。电子控制单元1可向信息处理单元发送包含有电子控制单元1的标识的第一请求消息。信息处理单元根据电子控制单元1的标识和第一安全通道的安全信息得到第一密钥,并将第一密钥发送给电子控制单元1。信息处理单元也向云服务器发送该第一请求。云服务器根据电子控制单元1的标识和第一安全通道的安全信息得到第一密钥。然后电子控制单元1与云服务器之间基于该第一密钥建立第二安全通道。同样的,若电子控制单元2需要与云服务器进行安全通信,也可以采用与上述电子控制单元1与云服务器建立安全通道的方式,实现电子控制单元2与云服务器之间建立安全通道,并利用该安全通道进行安全通信。
如此,在上述电子控制单元与云服务器建立用于通信的第二安全通道的过程中,在信息处理单元与云服务器建立有第一安全通道的情况下,信息处理单元和云服务器可根据第一安全通道的安全信息和电子控制单元的标识得到第一密钥。信息处理单元向电子控制单元发送该第一密钥。电子控制单元与云服务器则可基于该第一密钥建立第二安全连接。在这个过程中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源。由于省去了预配置证书的过程,也能够降低电子控制单元的生产成本。电子控制单元与云服务器也不需要基于GBA来协商会话密钥,使得电子控制单元与云服务器之间实现安全通信的过程更简单。
请参阅图6,图6为本申请实施例的通信方法的流程示意图。该通信方法可包括以下步骤:
S601、电子控制单元向信息处理单元发送第一请求消息,第一请求消息包括电子控制单元的标识。
电子控制单元可在需要与云服务器进行安全通信时,向信息处理单元发送第一请求消息。该第一请求消息用于请求电子控制单元与云服务器进行安全通信。
信息处理单元例如可以是但不限于车辆盒子或车辆网关。电子控制单元例如可以是但不限于车辆的整车控制器、微控制单元、或车身控制模块。
S602、信息处理单元通过第一安全通道向云服务器发送该第一请求消息。
信息处理单元接收到电子控制单元发送的第一请求消息之后,通过第一安全通道向云服务器发送该第一请求消息。第一安全通道为信息处理单元与云服务器之间的安全通道。该第一安全通道用于信息处理单元与云服务器之间的通信。该第一安全通道是在信息处理 单元向云服务器发送第一请求消息之前建立的。
S603、信息处理单元根据该电子控制单元的标识和第一安全通道的安全信息得到第一密钥。
信息处理单元利用信息处理单元与云服务器约定的第一密钥推演算法,对电子控制单元的标识和第一安全通道的安全信息进行处理,得到第一密钥。信息处理单元与云服务器可预先约定第一密钥推演算法。例如第一密钥推演算法可以为HMAC-SHA256、HMAC-MD5等。
S604、信息处理单元向电子控制单元发送第一密钥。
具体地,信息处理单元可基于车内网安全保护机制向电子控制单元发送该第一密钥。例如,信息处理单元可基于互联网协议安全(Internet Protocol Security,IPsec)或TLS向电子控制单元发送第一密钥。如此,能够避免第一密钥被窃取,保证云服务器与电子控制单元之间通信的安全性。
S605、云服务器接收第一请求消息,并根据第一安全通道的安全信息和第一请求消息中的电子控制单元的标识得到第一密钥。
云服务器从第一请求消息中获得电子控制单元的标识。云服务器利用上述信息处理单元与云服务器约定的第一密钥推演算法,对电子控制单元的标识和第一安全通道的安全信息进行处理,得到第一密钥。
S606、电子控制单元根据该第一密钥与云服务器建立第二安全通道,第二安全通道用于电子控制单元与云服务器通信。
本申请实施例的通信方法,云服务器和信息处理单元根据云服务器与信息处理单元之间的第一安全通的第一安全信息得到第一密钥。信息处理单元将该第一密钥发送给电子控制单元之后,电子控制单元与云服务器可基于该第一密钥建立第二安全通道。电子控制单元与云服务器基于该第二安全通道实现安全通信。在电子控制单元与云服务器之间建立用于安全通信的第二安全通道时,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。而且,电子控制单元与云服务器也不需要通过GBA的方式来协商会话密钥,简化了电子控制单元与云服务器之间实现安全通信的过程。
需要说明的是,在本申请实施例中,步骤S602、S603、S604、S605的执行顺序并不限于按照S602、S603、S604、S605的顺序依次执行。步骤S605需在步骤S602之后执行。步骤S604需在步骤S603之后执行。步骤S602可以在步骤S603之前执行,也可以在步骤S603之后执行,步骤S602与步骤S603也可以同时执行。关于S602、S603、S604、S605具体的执行顺序,在此不做限制。
在一些可选的实施例中,第一安全通道的安全信息包括第一安全通道的会话密钥。这样,云服务器和信息处理单元能够根据第一安全通道的会话密钥,得到第一密钥。如此,当云服务器与信息处理单元建立第一安全通道之后,车辆的电子控制单元和云服务器可以基于该第一安全通道的会话密钥和电子控制单元的标识得到第一密钥,并根据该第一密钥在电子控制单元与云服务器之间建立安全通道,实现电子控制单元与云服务器的安全通信。
进一步地,第一安全通道的安全信息还包括以下信息中的至少一种:云服务器的标识、 第一安全通道的会话标识、或信息处理单元的标识。如此,能够增加第一密钥计算的复杂程度,保障电子控制单元与云服务器之间的通信安全。
可以理解,第一安全通道的安全信息可仅包括第一安全通道的会话密钥。信息处理单元可仅根据第一安全通道的会话密钥得到第一密钥。第一安全通道的安全信息也可以包括云服务器的标识和第一安全通道的会话密钥;或者第一安全通道的安全性信息包括第一安全通道的会话标识和第一安全通道的会话密钥;或者第一安全通道的安全信息包括信息处理单元的标识和第一安全通道的会话密钥;或者第一安全通道的安全信息包括云服务器的标识、第一安全通道的会话标识和第一安全通道的会话密钥;或者第一安全通道的安全信息包括云服务器的标识、信息处理单元的标识和第一安全通道的会话密钥;或者第一安全通道的安全信息包括第一安全通道的会话标识、信息处理单元的标识和第一安全通道的会话密钥;或者第一安全通道的安全信息包括云服务器的标识、信息处理单元的标识、第一安全通道的会话标识和第一安全通道的会话密钥。
基于上述实施例,在某些可选的实施例中,在信息处理单元向云服务器发送第一请求消息之前,云服务器与信息处理单元建立第一安全通道。第一安全通道的建立方式可以为,云服务器验证信息处理单元的证书,信息处理单元验证云服务的证书;当云服务器确认信息处理单元的证书合法且信息处理单元确认云服务器的证书合法时,云服务器与信息处理单元建立第一安全通道。具体地,云服务器验证信息处理单元的证书合法、信息处理单元验证云服务器的证书合法之后,云服务器向信息处理单元发送随机数1。信息处理单元向云服务器发送随机数2。云服务器再向信息处理单元发送随机数3。云服务器基于约定的算法,根据随机数1、随机数2和随机数3得到会话密钥。信息处理单元也基于该约定的算法,根据随机数1、随机数2和随机数3得到会话密钥。这样信息处理单元与云服务器之间完成会话密钥的约定。云服务器与信息处理单元之间基于该会话密钥建立了第一安全通道。云服务器可利用该会话密钥加密向信息处理单元发送的数据和解密从信息处理单元接收的数据。信息处理单元可利用该会话密钥加密向云服务器发送的数据和解密从云服务器接收的数据。可选的,该约定的算法可以为TLS协议中的密钥推演算法。这样云服务器和信息处理单元之间的第一安全通道为TLS安全通道,保证了第一安全通道的安全性,也即更加有效地保证云服务器与信息处理单元之间的通信安全。由于本申请实施例中,电子控制单元与云服务器之间的第二安全通道也是基于该第一安全通道的安全信息建立的,那么保证第一安全通道的安全性,也能够提升第二安全通道的安全性。
第一安全通道的建立方式还可以为云服务器与信息处理单元协商会话密钥,云服务器与信息处理单元基于该会话密钥建立第一安全通道。云服务器可利用该会话密钥加密向信息处理单元发送的数据和解密从信息处理单元接收的数据。信息处理单元可利用该会话密钥加密向云服务器发送的数据和解密从云服务器接收的数据。具体地,云服务器与信息处理单元通过上述基于GBA协商共享密钥的方式协商会话密钥。这样信息处理单元不需要预配置的证书,也能够实现与云服务器建立第一安全通道,可节省信息处理单元的存储资源,也能够节省信息处理单元厂商或车辆厂商的成本。
进一步地,在某些可选的实施例中,步骤S606中,电子控制单元和云服务器可根据第一密钥,得到通信密钥。云服务器与电子控制单元之间基于该通信密钥建立第二安全通道。该通信密钥用于加密云服务器向电子控制单元发送的数据、解密云服务器从电子控制单元接收的数据、加密电子控制单元向云服务器发送的数据和解密电子控制单元从云服务器接收的数据。
具体地,电子控制单元和云服务器可利用约定的第二密钥推演算法对第一密钥进行处理,得到通信密钥。例如,电子控制单元生成随机数4并利用第一密钥加密该随机数4。然后电子控制单元向云服务器发送加密后的随机数4。云服务器生成随机数5并利用该第一密钥加密该随机数5。然后云服务器向电子控制单元发送该加密后的随机数5。电子控制单元再生成随机数6并利用第一密钥加密该随机数6。电子控制单元向云服务器发送该随机数6。电子控制单元利用第一密钥解密从云服务器接受的随机数5得到解密后的随机数5。电子控制单元利用与云服务器约定的第二密钥推演算法对随机数4、随机数5和随机数6进行处理得到通信密钥。云服务器利用第一密钥解密从电子控制单元接收的随机数4和随机数6得到解密的随机数4和随机数6。云服务器利用约定的第二密钥推演算法对随机数4、随机数5和随机数6进行处理,得到通信密钥。
如此,当云服务器与信息处理单元建立有第一安全通道时,若电子控制单元需要与云服务器进行安全通信,只需要信息处理单元与云服务器约定第一密钥推演算法,电子控制单元与云服务器约定第二推演算法,信息处理单元和云服务器就可以利用第一密钥推演算法对第一安全通道的安全信息和电子控制单元的标识进行处理,得到第一密钥。电子控制单元和云服务器即可利用第二密钥推演算法对据第一密钥进行处理,得到通信密钥。电子控制单元与云服务器之间则可以基于该通信密钥建立第二安全通道。也即,电子控制单元与云服务器之间可基于该通信密钥进行安全通信。
可选的,第二密钥推演算法可以为TLS协议中的密钥推演算法。如此,电子控制单元与云服务器之间可基于第一密钥建立TLS连接,保障电子控制单元与云服务器之间的通信安全。
在某些可选的实施例中,步骤S606中,电子控制单元和云服务器也可将第一密钥作为第二安全通道的会话密钥。电子控制单元利用第一密钥对向云服务器发送的数据加密和利用第一密钥解密从云服务器接收的数据。云服务器利用第一密钥加密向电子控制单元发送的数据和利用第一密钥解密从电子控制单元接收的数据。这样将根据第一安全通道的安全信息和电子控制单元的标识推演得到的第一密钥,作为电子控制单元与云服务器之间的通信的会话密钥。云服务器与电子控制单元之间基于该第一密钥建立了第二安全通道。如此,可以有效地简化电子控制单元与云服务器之间建立第二安全通道的过程。
请参阅图7,图7为本申请实施例的云服务器的模块示意图。本申请实施例提供一种云服务器700,包括:
收发模块701,用于接收信息处理单元通过第一安全通道发送的第一请求消息,其中,第一请求消息包括车辆的电子控制单元的标识;
处理模块702,用于根据标识和第一安全通道的安全信息得到第一密钥;以及根据第 一密钥与电子控制单元建立第二安全通道,其中,第二安全通道用于云服务器与电子控制单元通信。
如此,在云服务器需要与电子控制单元建立安全通道时,可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,利用该第一密钥与电子控制单元建立第二安全通道。在建立第二安全通道的过程中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在某些实施例中,安全信息包括第一安全通道的会话密钥。
在某些实施例中,安全信息还包括以下信息中的至少一种:云服务器的标识、第一安全通道的会话标识、或信息处理单元的标识。
在某些实施例中,处理模块702具体用于按如下方式建立第二安全通道:
根据第一密钥生成通信密钥,通信密钥用于加密云服务器向电子控制单元发送的数据,或用于解密从电子控制单元接收的数据。
在某些实施例中,处理模块702还用于:
验证信息处理单元的证书;和
当证书合法时,与信息处理单元建立第一安全通道。
在某些实施例中,处理模块702还用于:
通过收发模块701与信息处理单元协商会话密钥;以及
与信息处理单元基于会话密钥建立第一安全通道,其中,会话密钥用于加密向信息处理单元发送的数据或用于解密从信息处理单元接收的数据。
在某些实施例中,信息处理单元为车辆盒子或车辆网关。
在某些实施例中,电子控制单元为车辆的整车控制器、微控制单元、或车身控制模块。
需要说明的是,上述实施例的通信方法的解释说明及技术效果也适用于本实施例的云服务器,为避免冗余,在此不再赘述。
本实施例的云服务器700可由图10所示的设备1000实现。具体地,收发模块701可由设备1000的收发器1020实现。处理模块702可由设备1000的处理器1010实现。
请参阅图8,图8为本申请实施例的信息处理单元的模块示意图。本申请实施方式还提供一种信息处理单元800,包括:
发送单元801,用于通过第一安全通道向云服务器发送第一请求消息,其中,第一请求消息包括车辆的电子控制单元的标识;
处理单元802,用于根据标识和第一安全通道的安全信息得到第一密钥;
发送单元801还用于向电子控制单元发送第一密钥,其中,第一密钥用于电子控制单元与云服务器建立第二安全通道。
如此,在电子控制单元需要与云服务器需要云服务器建立安全通道时,信息处理单元可根据云服务器与信息处理单元的第一安全通道的安全信息得到第一密钥,并向电子控制单元发送该第一密钥。这样电子控制单元能够利用该第一密钥与云服务器建立第二安全通道。在建立第二安全通道的过程中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在某些实施例中,安全信息包括第一安全通道的会话密钥。
在某些实施例中,安全信息还包括以下信息中的至少一种:云服务器的标识、第一安全通道的会话标识、或信息处理单元的标识。
在某些实施例中,处理单元802还用于:
通过发送单元801与云服务器协商会话密钥;和
与云服务器基于会话密钥建立第一安全通道,其中,会话密钥用于加密向云服务器发送的数据或用于解密从云服务器接收的数据。
可选的,信息处理单元800还包括接收单元,处理器802还用于通过发送单元801和接收单元与云服务器协商会话密钥。
在某些实施例中,处理单元802还用于:
验证云服务器的证书;和
当证书合法时,与云服务器建立第一安全通道。
在某些实施例中,信息处理单元800为车辆盒子或车辆网关。
在某些实施例中,电子控制单元为车辆的整车控制器、微控制单元、或车身控制模块。
需要说明的是,上述实施例的通信方法的解释说明及技术效果也适用于本实施例的信息处理单元,为避免冗余,在此不再赘述。
本实施例的信息处理单元800可由图11所示的设备1100实现。具体地,发送单元801可由设备1100的收发器1120的发送器实现。处理单元802可由设备1100的处理器1110实现。接收单元可由设备1100的收发器1120的接收器实现。
请参阅图9,图9为本申请实施例的电子控制单元的模块示意图。本申请实施例还提供一种电子控制单元900,包括:
发送单元901,用于向信息处理单元发送第一请求消息,其中,第一请求消息包括电子控制单元的标识;
接收单元902,用于接收信息处理单元发送的第一密钥,第一密钥是信息处理单元根据标识和第一安全通道的安全信息得到的,第一安全通道用于云服务器与信息处理单元之间的通信;
处理单元903,用于根据第一密钥与云服务器建立第二安全通道,其中,第二安全通道用于云服务器与电子控制单元通信。
如此,在电子控制单元需要与云服务器建立安全通道时,可向信息处理单元发送包含有电子控制单元的标识的第一请求消息,并利用信息处理单元与云服务器建立的第一安全通道向云服务器发送第一请求消息。这样电子控制单元能够从信息处理单元接收信息处理单元根据第一安全通道的安全信息和电子控制单元的标识得到的第一密钥,并根据第一密钥与云服务器建立第二安全通道。在建立第二安全通道的过程中,并不需要为电子控制单元预配置证书,能够节省电子控制单元的存储资源,也能够降低电子控制单元厂商或车辆厂商的成本。
在某些实施例中,安全信息包括第一安全通道的会话密钥。
在某些实施例中,安全信息还包括以下信息中的至少一种:云服务器的标识、第一安全通道的会话标识、或信息处理单元的标识。
在某些实施例中,处理单元903具体按如下方式建立所述第二安全通道:
根据第一密钥生成通信密钥,通信密钥用于加密电子控制单元向云服务器发送的数据,或用于解密电子控制单元从云服务器接收的数据。
在某些实施例中,信息处理单元为车辆盒子或车辆网关。
在某些实施例中,电子控制单元900为车辆的整车控制器、微控制单元、或车身控制模块。
需要说明的是,上述实施例的通信方法的技术效果也适用于本实施例的电子控制单元,为避免冗余,在此不再赘述。
本实施例的电子控制单元900可由图12所示的设备1200实现。具体地,发送单元901可由设备1200的收发器1220的发送器实现。接收单元902可由设备1200的收发器1220的接收器实现。处理单元903可由设备1200的处理器1210实现。
请参见图10,图10是本申请实施例提供的一种设备1000的结构示意图,该设备1000可以是云服务器中的处理芯片,此时该设备1000包括处理器1010与输入输出接口。该设备1000可以还是云服务器,此时该设备1000可以包括收发器1020以及存储器1030。示例性的,处理器1010、收发器1020以及存储器1030可以通过总线1040相互连接。
该设备1000中的处理器1010用于读取相关指令执行以下操作:
接收信息处理单元通过第一安全通道发送的第一请求消息,第一请求消息包括车辆的电子控制单元的标识;
根据标识和第一安全通道的安全信息得到第一密钥;
根据第一密钥与电子控制单元建立第二安全通道,第二安全通道用于云服务器与电子控制单元通信。
上述设备1000执行的各种操作的具体实现可参照上述方法实施例中云服务器的具体操作,在此不再赘述。当该设备1000是处理芯片时,上述接收第一请求消息的操作可以理解为是通过输入输出接口读取消息的操作,也可以理解为是解调数据获取该第一请求消息的内容的操作。
请参见图11,图11是本申请实施例提供的另一种设备1100的结构示意图。该设备1100可以是信息处理单元210中的处理芯片,此时该设备1100包括处理器1110与输入输出接口。该设备1100可以还是信息处理单元210,此时该设备1100可以包括收发器1120以及存储器1130。示例性的,处理器1110、收发器1120以及存储器1130可以通过总线1140相互连接。
该设备1100中的处理器1110用于读取相关指令执行以下操作:
通过第一安全通道向云服务器发送第一请求消息,第一请求消息包括车辆的电子控制单元的标识;
根据标识和第一安全通道的安全信息得到第一密钥;
向电子控制单元发送第一密钥。
上述设备1100执行的各种操作的具体实现可参照上述方法实施例中信息处理单元的具体操作,在此不再赘述。当该设备1000是处理芯片时,上述发送的操作可以理解为是通过输入输出接口输出消息或第一密钥的操作。当该设备1000是信息处理单元时,上述发送的操作可以理解为是通过收发器1120发送消息或第一密钥的操作。
请参见图12,图12是本申请实施例提供的另一种设备1200的结构示意图。该设备1200可以是电子控制单元220中的处理芯片,此时该设备1200包括处理器1210与输入输出接口。该设备1200可以还是电子控制单元220,此时该设备1200可以包括收发器1220以及存储器1230。示例性的,处理器1210、收发器1220以及存储器1230可以通过总线1240相互连接。
该设备1200中的处理器1210用于读取相关指令执行以下操作:
向信息处理单元发送第一请求消息,第一请求消息包括电子控制单元的标识;
接收信息处理单元发送的第一密钥,第一密钥是信息处理单元根据标识和第一安全通道的安全信息得到的,第一安全通道用于云服务器与信息处理单元之间的通信;
根据第一密钥与云服务器建立第二安全通道,第二安全通道用于云服务器与电子控制单元通信。
上述设备1200执行的各种操作的具体实现可参照上述方法实施例中电子控制单元的具体操作,在此不再赘述。
本申请提供一种计算机可读存储介质,该计算机可读存储介质中存储有计算机指令,该计算机指令指示该服务器执行上述任一实施方式提供的通信方法。
应理解,本申请实施例中提及的处理器可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。
还应理解,本申请实施例中提及的存储器可以是易失性存储器或非易失性存储器,或可包括易失性和非易失性存储器两者。其中,非易失性存储器可以是只读存储器(Read-Only Memory,ROM)、可编程只读存储器(Programmable ROM,PROM)、可擦除可编程只读存储器(Erasable PROM,EPROM)、电可擦除可编程只读存储器(Electrically EPROM,EEPROM)或闪存。易失性存储器可以是随机存取存储器(Random Access Memory,RAM),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(Static RAM,SRAM)、动态随机存取存储器(Dynamic RAM,DRAM)、同步动态随机存取存储器(Synchronous DRAM,SDRAM)、双倍数据速率同步动态随机存取存储器(Double Data Rate SDRAM,DDR SDRAM)、增强型同步动态随机存取存储器(Enhanced SDRAM,ESDRAM)、同步连接动态随机存取存储器(Synchlink DRAM,SLDRAM)和直接内存总线随机存取存储器(Direct Rambus RAM,DR RAM)。
需要说明的是,当处理器为通用处理器、DSP、ASIC、FPGA或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件时,存储器(存储模块)集成在处理器中。
应注意,本文描述的存储器旨在包括但不限于这些和任意其它适合类型的存储器。
还应理解,本文中涉及的第一、第二、第三、第四以及各种数字编号仅为描述方便进行的区分,并不用来限制本申请的范围。
应理解,本文中术语“和/或”,仅仅是一种描述关联对象的关联关系,表示可以存在三 种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,本文中字符“/”,一般表示前后关联对象是一种“或”的关系。
应理解,在本申请的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。
本申请实施例方法中的步骤可以根据实际需要进行顺序调整、合并和删减。
本申请实施例装置中的模块可以根据实际需要进行合并、划分和删减。
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的范围。

Claims (27)

  1. 一种通信方法,其特征在于,包括:
    接收信息处理单元通过第一安全通道发送的第一请求消息,所述第一请求消息包括车辆的电子控制单元的标识;
    根据所述标识和所述第一安全通道的安全信息得到第一密钥;
    根据所述第一密钥与所述电子控制单元建立第二安全通道,所述第二安全通道用于云服务器与所述电子控制单元通信。
  2. 根据权利要求1所述的方法,其特征在于,所述安全信息包括所述第一安全通道的会话密钥。
  3. 根据权利要求2所述的方法,其特征在于,所述安全信息还包括以下信息中的至少一种:所述云服务器的标识、所述第一安全通道的会话标识、或所述信息处理单元的标识。
  4. 根据权利要求1至3中任一项所述的方法,其特征在于,所述根据所述第一密钥与所述电子控制单元建立第二安全通道,包括:
    根据所述第一密钥生成通信密钥,所述通信密钥用于加密云服务器向所述电子控制单元发送的数据,或用于解密从所述电子控制单元接收的数据。
  5. 根据权利要求1至4中任一项所述的方法,其特征在于,所述接收信息处理单元通过第一安全通道发送的第一请求消息之前,所述方法还包括:
    验证所述信息处理单元的证书;
    当所述证书合法时,与所述信息处理单元建立所述第一安全通道。
  6. 根据权利要求1至4中任一项所述的方法,其特征在于,所述接收信息处理单元通过第一安全通道发送的第一请求消息之前,所述方法还包括:
    与所述信息处理单元协商会话密钥;
    与所述信息处理单元基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述信息处理单元发送的数据或用于解密从所述信息处理单元接收的数据。
  7. 根据权利要求1至6中任一项所述的方法,其特征在于,所述信息处理单元为车辆盒子或车辆网关。
  8. 根据权利要求1至6中任一项所述的方法,其特征在于,所述电子控制单元为所述车辆的整车控制器、所述车辆的微控制单元、或所述车辆的车身控制模块。
  9. 一种通信方法,其特征在于,包括:
    通过第一安全通道向云服务器发送第一请求消息,所述第一请求消息包括车辆的电子控制单元的标识;
    根据所述标识和所述第一安全通道的安全信息得到第一密钥;
    向所述电子控制单元发送所述第一密钥,所述第一密钥用于所述电子控制单元与所述云服务器建立第二安全通道。
  10. 根据权利要求9所述的方法,其特征在于,所述安全信息包括所述第一安全通道的会话密钥。
  11. 根据权利要求10所述的方法,其特征在于,所述安全信息还包括以下信息中的至少一种:所述云服务器的标识、所述第一安全通道的会话标识、或信息处理单元的标识。
  12. 根据权利要求9-11任一项所述的方法,其特征在于,所述通过第一安全通道向云服务器发送第一请求消息之前,所述方法还包括:
    与所述云服务器协商会话密钥;
    与所述云服务器基于所述会话密钥建立所述第一安全通道,其中,所述会话密钥用于加密向所述云服务器发送的数据或用于解密从所述云服务器接收的数据。
  13. 根据权利要求9-11任一项所述的方法,其特征在于,所述通过第一安全通道向云服务器发送第一请求消息之前,所述方法还包括:
    验证所述云服务器的证书;
    当所述证书合法时,与所述云服务器建立所述第一安全通道。
  14. 根据权利要求9-13任一项所述的方法,其特征在于,所述信息处理单元为车辆盒子或车辆网关。
  15. 根据权利要求9-13任一项所述的方法,其特征在于,所述电子控制单元为所述车辆的整车控制器、所述车辆的微控制单元、或所述车辆的车身控制模块。
  16. 一种通信方法,其特征在于,包括:
    向信息处理单元发送第一请求消息,所述第一请求消息包括电子控制单元的标识;
    接收所述信息处理单元发送的第一密钥,所述第一密钥是根据所述标识和第一安全通道的安全信息得到的,所述第一安全通道用于云服务器与所述信息处理单元之间的通信;
    根据所述第一密钥与所述云服务器建立第二安全通道,所述第二安全通道用于所述云服务器与电子控制单元通信。
  17. 根据权利要求16所述的方法,其特征在于,所述安全信息包括第一安全通道的会话密钥。
  18. 根据权利要求17所述的方法,其特征在于,所述安全信息还包括以下信息中的至少一种:所述云服务器的标识、所述第一安全通道的会话标识、或所述信息处理单元的标识。
  19. 根据权利要求16-18任一项所述的方法,其特征在于,所述根据所述第一密钥与所述云服务器建立第二安全通道包括:
    根据所述第一密钥生成通信密钥,所述通信密钥用于加密向所述云服务器发送的数据,或用于解密从所述云服务器接收的数据。
  20. 根据权利要求16-19任一项所述的方法,其特征在于,所述信息处理单元为车辆盒子或车辆网关。
  21. 根据权利要求16-20任一项所述的方法,其特征在于,所述电子控制单元为所述车辆的整车控制器、所述车辆的微控制单元、或所述车辆的车身控制模块。
  22. 一种设备,其特征在于,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行权利要求1-8任一项所述的通信方法。
  23. 一种设备,其特征在于,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行权利要求9-15任一项所述的通信方法。
  24. 一种设备,其特征在于,所述设备包括处理器和存储器,所述存储器存储计算机指令;所述处理器执行所述存储器存储的计算机指令,使得所述设备执行权利要求16-21任一项所述的通信方法。
  25. 一种车辆,其特征在于,包括如权利要求24所述的设备。
  26. 根据权利要求25所述的车辆,其特征在于,所述车辆还包括如权利要求23所述的设备。
  27. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质用于存储可执行的程序代码,所述程序代码被所述设备执行时,用于实现如权利要求1-8任一项所述的方法、或用于实现权利要求9-15任一项所述的方法、或权利要求16-21任一项所述的方法。
PCT/CN2020/137200 2019-12-23 2020-12-17 通信方法及相关产品 WO2021129511A1 (zh)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP20904646.5A EP4068683A4 (en) 2019-12-23 2020-12-17 COMMUNICATION PROCESS AND ASSOCIATED PRODUCT
JP2022538694A JP7418584B2 (ja) 2019-12-23 2020-12-17 通信方法及び関連製品
US17/848,101 US20220329582A1 (en) 2019-12-23 2022-06-23 Communication method and related product

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911343068.9A CN113098830B (zh) 2019-12-23 2019-12-23 通信方法及相关产品
CN201911343068.9 2019-12-23

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/848,101 Continuation US20220329582A1 (en) 2019-12-23 2022-06-23 Communication method and related product

Publications (1)

Publication Number Publication Date
WO2021129511A1 true WO2021129511A1 (zh) 2021-07-01

Family

ID=76573667

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/137200 WO2021129511A1 (zh) 2019-12-23 2020-12-17 通信方法及相关产品

Country Status (5)

Country Link
US (1) US20220329582A1 (zh)
EP (1) EP4068683A4 (zh)
JP (1) JP7418584B2 (zh)
CN (2) CN113098830B (zh)
WO (1) WO2021129511A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2614272A (en) * 2021-12-23 2023-07-05 Continental Automotive Tech Gmbh Secure automotive system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114244630B (zh) * 2022-02-15 2022-06-03 北京指掌易科技有限公司 一种通信方法、装置、设备以及存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107925568A (zh) * 2015-08-05 2018-04-17 Kddi株式会社 管理装置、管理系统、密钥生成装置、密钥生成系统、密钥管理系统、车辆、管理方法、密钥生成方法以及计算机程序
CN207504909U (zh) * 2017-09-28 2018-06-15 郑州信大捷安信息技术股份有限公司 一种用于车辆安全远程控制与诊断的系统
CN109327307A (zh) * 2018-10-24 2019-02-12 东南(福建)汽车工业有限公司 基于can总线的汽车远程控制方法
CN109361508A (zh) * 2018-10-11 2019-02-19 深圳市捷恩斯威科技有限公司 数据传输方法、电子设备及计算机可读存储介质
CN208956085U (zh) * 2018-08-24 2019-06-07 北京汽车集团有限公司 车载网络安全认证系统和车辆
US20190265965A1 (en) * 2018-02-27 2019-08-29 Excelfore Corporation System and method for updating software in an electronic device

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6853894B1 (en) * 2000-04-24 2005-02-08 Usa Technologies, Inc. Global network based vehicle safety and security telematics
DE602004030534D1 (de) * 2003-01-28 2011-01-27 Cellport Systems Inc Ein System und ein Verfahren zum Steuern des Zugriffs von Anwendungen auf geschützte Mittel innerhalb eines sicheren Fahrzeugtelematiksystems
JP2012100206A (ja) * 2010-11-05 2012-05-24 Nec Corp 暗号通信中継システム、暗号通信中継方法および暗号通信中継用プログラム
US9365188B1 (en) * 2011-04-22 2016-06-14 Angel A. Penilla Methods and systems for using cloud services to assign e-keys to access vehicles
US9280653B2 (en) * 2011-10-28 2016-03-08 GM Global Technology Operations LLC Security access method for automotive electronic control units
KR20150074414A (ko) * 2013-12-24 2015-07-02 현대자동차주식회사 펌웨어 업그레이드 방법 및 그 시스템
US9460567B2 (en) * 2014-07-29 2016-10-04 GM Global Technology Operations LLC Establishing secure communication for vehicle diagnostic data
US9380044B2 (en) * 2014-09-10 2016-06-28 Cisco Technology, Inc. Supporting differentiated secure communications among heterogeneous electronic devices
CN106458112B (zh) * 2014-11-12 2019-08-13 松下电器(美国)知识产权公司 更新管理方法、更新管理系统以及计算机可读取的记录介质
CN105794146A (zh) * 2014-11-13 2016-07-20 松下电器(美国)知识产权公司 密钥管理方法、车载网络系统以及密钥管理装置
DE102015209108A1 (de) * 2015-05-19 2016-11-24 Robert Bosch Gmbh Verfahren und Entscheidungsgateway zum Autorisieren einer Funktion eines eingebetteten Steuergerätes
EP3353985A1 (en) * 2015-09-22 2018-08-01 BAE Systems PLC Cryptographic key distribution
JP6217728B2 (ja) * 2015-10-19 2017-10-25 トヨタ自動車株式会社 車両システムおよび認証方法
US20190028448A1 (en) * 2016-02-22 2019-01-24 Continental Automotive Systems, Inc, Method to establish and update keys for secure in-vehicle network communication
CN106027260B (zh) * 2016-05-12 2019-04-02 成都信息工程大学 基于密钥预分配的汽车ecu完整性验证和加密通信方法
CN109417480A (zh) * 2016-06-17 2019-03-01 Kddi株式会社 系统、认证站、车载计算机、车辆、公开密钥证书发行方法以及程序
US10403141B2 (en) * 2016-08-19 2019-09-03 Sony Corporation System and method for processing traffic sound data to provide driver assistance
JP6508188B2 (ja) * 2016-12-26 2019-05-08 トヨタ自動車株式会社 暗号通信システム
CN108347331B (zh) * 2017-01-25 2021-08-03 北京百度网讯科技有限公司 车联网系统中T_Box设备与ECU设备进行安全通信的方法与设备
US10491392B2 (en) * 2017-03-01 2019-11-26 Ford Global Technologies, Llc End-to-end vehicle secure ECU unlock in a semi-offline environment
US10009325B1 (en) * 2017-12-07 2018-06-26 Karamba Security End-to-end communication security
US11178158B2 (en) * 2018-01-29 2021-11-16 Nagravision S.A. Secure communication between in-vehicle electronic control units
CN109033862B (zh) * 2018-08-12 2019-04-30 吉林大学 一种分布式车载电子系统信息安全防护方法
CN109743283B (zh) * 2018-11-22 2021-06-15 深圳市元征科技股份有限公司 一种信息传输方法及设备
KR102450811B1 (ko) * 2018-11-26 2022-10-05 한국전자통신연구원 차량 내부 네트워크의 키 관리 시스템
US10991175B2 (en) * 2018-12-27 2021-04-27 Beijing Voyager Technology Co., Ltd. Repair management system for autonomous vehicle in a trusted platform

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107925568A (zh) * 2015-08-05 2018-04-17 Kddi株式会社 管理装置、管理系统、密钥生成装置、密钥生成系统、密钥管理系统、车辆、管理方法、密钥生成方法以及计算机程序
CN207504909U (zh) * 2017-09-28 2018-06-15 郑州信大捷安信息技术股份有限公司 一种用于车辆安全远程控制与诊断的系统
US20190265965A1 (en) * 2018-02-27 2019-08-29 Excelfore Corporation System and method for updating software in an electronic device
CN208956085U (zh) * 2018-08-24 2019-06-07 北京汽车集团有限公司 车载网络安全认证系统和车辆
CN109361508A (zh) * 2018-10-11 2019-02-19 深圳市捷恩斯威科技有限公司 数据传输方法、电子设备及计算机可读存储介质
CN109327307A (zh) * 2018-10-24 2019-02-12 东南(福建)汽车工业有限公司 基于can总线的汽车远程控制方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4068683A4

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2614272A (en) * 2021-12-23 2023-07-05 Continental Automotive Tech Gmbh Secure automotive system

Also Published As

Publication number Publication date
EP4068683A1 (en) 2022-10-05
US20220329582A1 (en) 2022-10-13
JP2023507224A (ja) 2023-02-21
CN113098830A (zh) 2021-07-09
CN113098830B (zh) 2022-05-17
EP4068683A4 (en) 2023-01-18
CN114884737A (zh) 2022-08-09
JP7418584B2 (ja) 2024-01-19

Similar Documents

Publication Publication Date Title
US11888594B2 (en) System access using a mobile device
CN110177354B (zh) 一种车辆的无线控制方法及系统
EP3723399A1 (en) Identity verification method and apparatus
EP3175597B1 (en) Apparatus and method for sharing a hardware security module interface in a collaborative network
US10516654B2 (en) System, apparatus and method for key provisioning delegation
CN111953705A (zh) 物联网身份认证方法、装置及电力物联网身份认证系统
CN111314274A (zh) 一种车载终端与中心平台双向认证方法及系统
WO2021109963A1 (zh) 初始安全配置方法、安全模块及终端
EP4155996A1 (en) Enclave interactions
US20220329582A1 (en) Communication method and related product
WO2021120924A1 (zh) 一种证书申请方法及设备
WO2022266845A1 (zh) 一种安全通信方法和装置
WO2023071751A1 (zh) 一种认证方法和通信装置
WO2023061029A1 (zh) 一种数字钥匙开通方法、设备及系统
CN113207322B (zh) 通信的方法和通信装置
WO2020030132A1 (zh) 智能门锁的控制方法、设备及存储介质
WO2021212516A1 (zh) 应用于短距离通信系统的配对方法和无线设备
EP4184857A1 (en) Bluetooth node pairing method and related apparatus
CN108966214A (zh) 无线网络的认证方法、无线网络安全通信方法及装置
CN116015906B (zh) 用于隐私计算的节点授权方法、节点通信方法和装置
US11785005B2 (en) Secure tunneling with implicit device identification
CN112751664B (zh) 一种物联网组网方法、装置和计算机可读存储介质
WO2022109941A1 (zh) 应用于WiFi的安全认证的方法和装置
WO2022109940A1 (zh) 应用于WiFi的安全认证的方法和装置
CN107911223B (zh) 一种交叉签名的方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20904646

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022538694

Country of ref document: JP

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2020904646

Country of ref document: EP

Effective date: 20220627

NENP Non-entry into the national phase

Ref country code: DE