WO2022151478A1 - Vehicle key management method, device, and system - Google Patents

Vehicle key management method, device, and system Download PDF

Info

Publication number
WO2022151478A1
WO2022151478A1 PCT/CN2021/072509 CN2021072509W WO2022151478A1 WO 2022151478 A1 WO2022151478 A1 WO 2022151478A1 CN 2021072509 W CN2021072509 W CN 2021072509W WO 2022151478 A1 WO2022151478 A1 WO 2022151478A1
Authority
WO
WIPO (PCT)
Prior art keywords
vehicle
key
ecu
information
node
Prior art date
Application number
PCT/CN2021/072509
Other languages
French (fr)
Chinese (zh)
Inventor
李�泳
段立
耿峰
易平平
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2021/072509 priority Critical patent/WO2022151478A1/en
Priority to CN202180000129.0A priority patent/CN112840683B/en
Publication of WO2022151478A1 publication Critical patent/WO2022151478A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Definitions

  • the present application relates to the field of Internet of Vehicles, and in particular, to a vehicle key management method, device and system thereof.
  • the vehicle key can be used to identify each vehicle in the vehicle network, so as to perform operations such as inter-vehicle communication and saving sensitive data in the vehicle. Therefore, in the related art, it is necessary to establish a secure key management system, which can distribute vehicle keys for each vehicle.
  • the key management system (KMS) of the original equipment manufacturer (OEM) is usually responsible for the vehicle keys of all the vehicles it manufactures, including sending the keys to the various production lines related to the vehicles. OEMs/equipment manufacturers distribute vehicle keys, etc., which will place a great burden on the OEM KMS, thereby reducing management efficiency and security.
  • the embodiments of the present application propose a vehicle key management method, device, and system, which are used to improve the management efficiency and security of vehicle keys.
  • an embodiment of the present application provides a vehicle key management system, the system comprising: an off-vehicle key management device configured to generate a vehicle key of the vehicle, wherein the vehicle key corresponds to multiple send the vehicle key to a vehicle key management device, the vehicle key management device is used to receive the vehicle key from the off-vehicle key management device; use the vehicle key to generate and The vehicle's unique corresponding master key.
  • the vehicle key management device and the off-vehicle key management device jointly generate the master key of the vehicle, thereby reducing the device pressure of only using the parking space key management device.
  • the vehicle key management device When the off-vehicle key management device generates vehicle keys for multiple vehicles, the vehicle key management device is used to generate a unique master key for the vehicle according to the vehicle key, thereby reducing the need for the off-vehicle key management device. The uniqueness of the master key is guaranteed and the security is improved under the pressure.
  • an embodiment of the present application provides a vehicle key management method, the method includes receiving a vehicle key corresponding to the vehicle from an off-vehicle key management device; using the vehicle key to generate a vehicle key corresponding to the vehicle The vehicle's unique corresponding master key.
  • the master key for the vehicle is generated by the vehicle key management device, that is, the operation of generating the master key is delegated to the vehicle, so that the vehicle participates in the generation of the master key and The uniqueness of the master key is guaranteed.
  • the method further includes: using the master key to determine a first ECU key corresponding to an electronic control unit ECU in the vehicle.
  • the method can use the master key to realize one key for one ECU under the condition of realizing one encryption for one vehicle, thereby improving the security between each ECU.
  • the method further includes: sending the first ECU key to the ECU.
  • the vehicle key management device is not only responsible for generating ECU keys but also responsible for distributing each ECU key.
  • the method further includes: sending a second ECU key to the ECU, where the second ECU key is a key generated after updating the first ECU key.
  • the method can not only realize the generation of the ECU key, but also can update the ECU key, which further improves the security.
  • the method before sending the second ECU key to the ECU, the method further includes: sending first verification information to the ECU, wherein the first verification information is a pair of keys using the first ECU key Information generated after the first information is encrypted.
  • the method further includes: receiving second verification information from the ECU.
  • the ECU In the process of verifying the security of the communication, the ECU also needs to perform a verification operation on the vehicle key management device. Therefore, the ECU sends the second verification information to the vehicle key management device.
  • the method further includes: performing a decryption operation on the second verification information by using the first ECU key to obtain the decrypted second verification information.
  • the vehicle key management device In the process of verifying communication security, if the vehicle key management device can successfully decrypt the second verification information by using the first ECU key, the described vehicle key management device passes the verification.
  • the method further includes: when it is determined that the decrypted second verification information includes the first information, using the first ECU key to pair the decrypted second verification information with the second ECU key
  • the encryption key is used to perform encryption operations to generate third verification information.
  • encryption of the ECU key to be updated may be performed using the existing ECU key (first ECU key) for security.
  • the method further includes: sending third verification information to the ECU.
  • the method can send the encrypted second ECU key to the ECU, so that the ECU can obtain the second ECU key while ensuring communication security.
  • the first ECU key is at least related to the master key and the identification information of the first ECU.
  • the first ECU key is related to the master key and the identification information of the first ECU, which not only ensures that the ECU key is related to the vehicle in which it is located, but also ensures the uniqueness of each ECU in the vehicle.
  • the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
  • the first ECU key can also be related to version information in addition to the master key and identification information.
  • using the master key to determine the first ECU key corresponding to an electronic control unit (ECU) in the vehicle includes: using the master key and the encryption key of the ECU key The triplet composed of the key version information and the identification information of the ECU is used as the first ECU key.
  • the first EUC key may be constructed in the form of a triplet.
  • the master key is at least related to the vehicle key and the identification information of the vehicle.
  • the master key may be associated with identification information of the vehicle.
  • the master key is related to the vehicle key, key version information of the master key, and identification information of the vehicle.
  • the master key may also be associated with key version information.
  • using the vehicle key to generate a master key uniquely corresponding to the vehicle includes: using the vehicle key, key version information of the master key, and the vehicle The triplet composed of the identification information is used as the master key of the vehicle.
  • the master key may be constructed by using the vehicle key, the key version information of the master key, and the identification information of the vehicle in the form of a triplet.
  • an embodiment of the present application provides a vehicle key management method comprising: determining a vehicle attribute node of the vehicle in a vehicle attribute structure; using the vehicle attribute node to obtain a parent key corresponding to the vehicle ; Use the parent key and the vehicle attribute information corresponding to the vehicle attribute node to generate the vehicle key of the vehicle; send the vehicle key to the vehicle, wherein the vehicle key can be encrypted by the vehicle
  • the key management device is used to generate a master key uniquely corresponding to the vehicle.
  • the vehicle key of the vehicle can be generated. In this way, the generation operation of the vehicle key can be delegated to each intermediary that manufactures the vehicle. Thereby reducing the pressure on the OEM KMS.
  • the vehicle key is also related to version information of the vehicle key.
  • the vehicle key may be associated with version information.
  • the method further includes: generating the vehicle attribute structure according to the vehicle attributes according to the parent-child relationship, wherein the vehicle attribute structure includes a plurality of vehicle attribute nodes, which are located at the upper node of the vehicle attribute nodes Indicates a parent attribute node of the vehicle attribute node; generating a vehicle key structure that is structurally identical to the vehicle attribute structure, wherein the vehicle key structure includes a plurality of vehicle key nodes located in the vehicle key The upper key of the key node indicates the parent key of the vehicle key node.
  • the method can determine the vehicle key structure under the condition that the vehicle attribute structure is generated according to the vehicle attributes, so that in the process of generating the vehicle key, the final vehicle key can be generated through the layer-by-layer operation through this layered structure.
  • using the vehicle attribute node to obtain the parent key corresponding to the vehicle includes: determining the node position of the vehicle attribute node in the vehicle attribute structure; using the node position, Determine the vehicle key node of the vehicle in the vehicle key structure; obtain the parent key of the vehicle key node.
  • the method may use the vehicle attribute node to determine the node location where the vehicle is located, and then utilize the node location to determine the parent key, thereby generating the vehicle key.
  • embodiments of the present application provide a vehicle key management method, the method comprising: receiving a first ECU key from a vehicle key management device, wherein the first ECU key is the vehicle key management The device generates a master key uniquely corresponding to the vehicle using a vehicle key of the vehicle, the vehicle key being a key received from an off-vehicle management device.
  • the method uses the master key to generate an ECU key unique to the ECU, and implements one ECU one key.
  • the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
  • the first ECU key may be related to the master key, key version information and identification information.
  • the method further includes: receiving first verification information from the vehicle key management device.
  • a verification operation needs to be performed on the ECU, so the first verification information can be sent to the ECU.
  • the method further includes: decrypting the first verification information by using the first ECU key to obtain the first information.
  • the ECU successfully decrypts the first verification information by using its existing ECU key (the first ECU key), it means that the ECU has passed the verification.
  • the method further includes: sending second verification information to the vehicle key management device, wherein the second verification information is the use of the first ECU key to perform the first information and the second information. Information generated after encryption.
  • the ECU needs to authenticate the sender (vehicle management device) before executing the update of the ECU key, so the second authentication information can be generated using the existing ECU key (the first ECU key), and send it to the sender.
  • the method further includes: receiving third verification information from the vehicle key management device.
  • the ECU may receive the third verification information.
  • the method further includes: performing a decryption operation on the third verification information by using the first ECU key to obtain the decrypted third verification information.
  • a new ECU key can be decrypted using the existing ECU key.
  • the method further includes: when it is determined that the decrypted third verification information includes the second information, updating the first ECU key to the first ECU key included in the decrypted third verification information 2. ECU key.
  • the key update operation of the ECU After passing the verification, the key update operation of the ECU can be performed.
  • an embodiment of the present application provides a vehicle key management device, including: a processor; a memory for storing instructions executable by the processor; wherein the processor is configured to implement the first step when executing the instructions Any method of the second aspect to the fourth aspect.
  • embodiments of the present application provide a non-volatile computer-readable storage medium on which computer program instructions are stored, and when the computer program instructions are executed by a processor, implement any of the second to fourth aspects. a method.
  • embodiments of the present application provide a computer program product, which is characterized by comprising computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are
  • the processor in the electronic device executes any of the methods of the second to fourth aspects.
  • an embodiment of the present application provides a vehicle key management device, the vehicle key management device includes a communication module for receiving a vehicle key corresponding to the vehicle from an off-vehicle key management device; a master key A key generation module is used for generating a master key uniquely corresponding to the vehicle by using the vehicle key.
  • the device may further include: a determination module, configured to use the master key to determine the first ECU key corresponding to the electronic control unit ECU in the vehicle.
  • the communication module is further configured to send the first ECU key to the ECU.
  • the communication module is further configured to send a second ECU key to the ECU, where the second ECU key is a key generated after updating the first ECU key.
  • the communication module further sends first verification information to the ECU before sending the second ECU key to the ECU, wherein the first verification information is to use the first ECU key to verify the first verification information.
  • Information generated by encrypting a message is to use the first ECU key to verify the first verification information.
  • the communication module is further configured to receive second verification information from the ECU.
  • the device further includes: a decryption module, configured to perform a decryption operation on the second verification information by using the first ECU key to obtain the decrypted second verification information.
  • a decryption module configured to perform a decryption operation on the second verification information by using the first ECU key to obtain the decrypted second verification information.
  • the device further includes: a third verification information generation module, configured to use the first ECU key to pair the decrypted second verification information with the first ECU key when it is determined that the decrypted second verification information includes the first information.
  • the second verification information and the second ECU key are encrypted to generate the third verification information.
  • the communication module is further configured to send third verification information to the ECU.
  • the first ECU key is at least related to the master key and the identification information of the first ECU.
  • the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
  • the determining module is specifically configured to use a triplet composed of the master key, the key version information of the ECU key, and the identification information of the ECU as the first ECU key .
  • the master key is at least related to the vehicle key and the identification information of the vehicle.
  • the master key is related to the vehicle key, key version information of the master key, and identification information of the vehicle.
  • the master key generation module is specifically configured to use a triplet composed of the vehicle key, the key version information of the master key, and the identification information of the vehicle as the The vehicle's master key.
  • an embodiment of the present application provides a vehicle key management device, the vehicle key management device includes a determination module for determining a vehicle attribute node of the vehicle in a vehicle attribute structure; a parent key acquisition module, is used to obtain the parent key corresponding to the vehicle by using the vehicle attribute node; a vehicle key generation module is used to generate the vehicle by using the parent key and the vehicle attribute information corresponding to the vehicle attribute node The vehicle key; a communication module for sending the vehicle key to the vehicle, wherein the vehicle key can be used by a vehicle key management device to generate a uniquely corresponding master key for the vehicle.
  • the vehicle key is also related to version information of the vehicle key.
  • the device further includes: a vehicle attribute structure generation module, configured to generate the vehicle attribute structure according to the vehicle attributes according to the parent-child relationship, wherein the vehicle attribute structure includes a plurality of vehicle attribute nodes, located in The upper node of the vehicle attribute node indicates the parent attribute node of the vehicle attribute node; a vehicle key structure that is structurally identical to the vehicle attribute structure is generated, wherein the vehicle key structure includes a plurality of vehicle key structures. key node, the upper key located at the vehicle key node indicates the parent key of the vehicle key node.
  • the parent key acquisition module is specifically configured to use the vehicle attribute node to determine the node position of the vehicle attribute node in the vehicle attribute structure; use the node position to determine the vehicle attribute the vehicle key node in the vehicle key structure; obtain the parent key of the vehicle key node.
  • an embodiment of the present application provides a vehicle key management device, the vehicle management device comprising: a communication module configured to receive a first ECU key from the vehicle key management device, wherein the first ECU key is The vehicle key management device generates a master key uniquely corresponding to the vehicle using a vehicle key of the vehicle, the vehicle key being a key received from an off-vehicle management device.
  • the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
  • the communication module is further configured to receive first verification information from the vehicle key management device.
  • the device further includes: a first information acquisition module, configured to perform a decryption operation on the first verification information by using the first ECU key to acquire the first information.
  • the communication module is further configured to send second verification information to the vehicle key management device, wherein the second verification information is a pair of the first information and the second information using the first ECU key Information generated after encryption.
  • the communication module is further configured to receive third verification information from the vehicle key management device.
  • the device further includes: a third verification information obtaining module, configured to perform a decryption operation on the third verification information by using the first ECU key to obtain the decrypted third verification information.
  • a third verification information obtaining module configured to perform a decryption operation on the third verification information by using the first ECU key to obtain the decrypted third verification information.
  • the device further includes: an update module configured to update the first ECU key to the decrypted third verification information under the condition that it is determined that the decrypted third verification information includes the second information The second ECU key included in the message.
  • FIG. 1 shows a diagram of a vehicle key management system according to an embodiment of the present application
  • FIG. 2 shows an operation diagram of a vehicle key management system according to an embodiment of the present application
  • FIG. 3 shows a flow chart of steps of a vehicle key management system according to an embodiment of the present application
  • FIG. 4 shows a diagram of a vehicle attribute structure 400 according to an embodiment of the present application
  • FIG. 5 shows a diagram of a vehicle attribute structure 500 according to an embodiment of the present application
  • FIG. 6 shows a diagram of generating a vehicle key according to an embodiment of the present application
  • FIG. 7 shows a diagram of generating a master key according to an embodiment of the present application.
  • FIG. 8 shows a diagram of generating an ECU key according to an embodiment of the present application.
  • FIG. 9 shows a flowchart of updating an ECU key according to an embodiment of the present application.
  • FIG. 10 shows a diagram of an electronic device according to an embodiment of the present application.
  • “/” may indicate that the objects associated before and after are an “or” relationship, for example, A/B may indicate A or B; “and/or” may be used to describe that there are three types of associated objects A relationship, for example, A and/or B, can mean that A exists alone, A and B exist at the same time, and B exists alone, where A and B can be singular or plural.
  • words such as “first” and “second” may be used to distinguish technical features with the same or similar functions. The words “first”, “second” and the like do not limit the quantity and execution order, and the words “first”, “second” and the like do not limit the difference.
  • words such as “exemplary” or “for example” are used to represent examples, illustrations or illustrations, and any embodiment or design solution described as “exemplary” or “for example” should not be construed are preferred or advantageous over other embodiments or designs.
  • the use of words such as “exemplary” or “such as” is intended to present the relevant concepts in a specific manner to facilitate understanding.
  • the vehicle key is applied inside the vehicle and outside the vehicle, wherein the application inside the vehicle may include a single electronic control unit (Electronic Control Unit, ECU) applied in the vehicle and/or multiple ECUs in the vehicle.
  • ECU Electronic Control Unit
  • the vehicle key can be applied to safely start the ECU, flash the ECU (also known as data filling), protect configuration files, protect software/hardware IP, etc. time), the vehicle key can be applied to identity authentication, secure communication, etc. between multiple ECUs.
  • the vehicle key can also be applied outside the vehicle.
  • the application of the vehicle key to the outside of the vehicle may include identity authentication applied to the vehicle, access control, and performing various communications with external devices (eg, other vehicles) (including but not limited to wireless communications, wired communications, API interface access, V2X communication, human-computer interaction, etc.) and remote services, such as remote control and commands, subscription fee-based services, etc.
  • external devices eg, other vehicles
  • remote services such as remote control and commands, subscription fee-based services, etc.
  • an original equipment manufacturer (OEM) key management system may be a system composed of multiple computing devices in a preset manner (eg, distributed).
  • OEM KMS may indicate a company that manufactures parts or even entire equipment for a branded product, and in the case of a vehicle, an OEM KMS may indicate the original equipment manufacturer of the vehicle brand.
  • the OEM KMS can generate and distribute vehicle keys for individual vehicles according to the existing key generation methods.
  • the OEM KMS can generate and distribute the corresponding vehicle key for each model.
  • the OEM KMS can generate the same or different vehicle keys for different car models, for example, the OEM KMS can assign the same vehicle key to each vehicle belonging to the same model.
  • the OEM KMS can centrally manage the vehicle keys, including the generation, distribution, update and/or cancellation (obsolete) of the vehicle keys.
  • the OEM KMS can provide the production vehicle It can be seen that OEM KMS needs to manage a large number of vehicle keys, so it needs to More complex hardware support.
  • the existing vehicle key management system is based on a vehicle, that is to say, a vehicle determines and uses a vehicle key, which makes each ECU in the vehicle share the same vehicle key. After the used vehicle key is cracked, the vehicle key of the entire vehicle can be obtained, and the security is relatively low, which is not conducive to the expansion of new security services.
  • the vehicle key management system may include an off-vehicle KMS 100 and vehicle KMS 101 and KMS 102.
  • the off-vehicle KMS 101 indicates an OEM KMS outside the vehicle, that is, in order to assist the vehicle in generating the corresponding vehicle key
  • the external device is referred to as the off-vehicle KMS 100, and in implementation, it may also be referred to as an external KMS or the like.
  • any one of the off-vehicle KMS 100, the vehicle KMS 101, or the vehicle KMS 102 indicates a device that generates and manages vehicle keys, which can indicate a single hardware device, or a hardware cluster for realizing the above functions, or a chip system.
  • the chip system may be composed of chips, or may include chips and other discrete devices.
  • Vehicle KMS is an internal device for each vehicle to generate its own vehicle key. As shown in FIG. 1 , the vehicle 110 corresponds to the vehicle KMS 101 , and the vehicle 120 corresponds to the vehicle KMS 102 .
  • the vehicle key management system in FIG. 1 includes only two vehicles 110 and 120 , and each vehicle includes corresponding vehicle KMSs 101 and 102 inside.
  • the key management system may correspond to more vehicles, that is, the OEM KMS 100 may cooperate with more vehicle KMSs to provide vehicle keys for more vehicles.
  • the off-board KMS 100 may correspond to multiple vehicle KMSs including the vehicle KMS 101 and KMS 102, that is, the off-board KMS 101 may provide vehicle keys to multiple KMSs (not limited to KMS 101 and KMS 102) .
  • the off-vehicle KMS may indicate the OEM KMS
  • the vehicle KMS 210 and the vehicle KMS 220 may respectively correspond to different vehicles.
  • the OEM KMS 200 can firstly stratify vehicles according to vehicle attributes, obtain the vehicle attribute structure, and then use the vehicle attribute structure to determine the vehicle key structure.
  • the vehicle key structure has been determined, use the parent key of the upper level to determine the child key of the current level, and then use the child key of the current level to generate the parent key of the next level, that is, by layer by layer
  • the generation method is to generate a corresponding vehicle key for each vehicle, and the vehicle attribute structure and the vehicle key structure will be described in detail below with reference to FIG. 4 and FIG. 5 .
  • the vehicle KMS 210 or the vehicle KMS 220 can be involved, that is, the vehicle's KMS 200 and the vehicle KMS 210 or the vehicle KMS 220 jointly generate the vehicle's KMS 200.
  • master key As shown in FIG. 2 , after generating the vehicle key of each vehicle, the OEM KMS 200 can send each vehicle key to the vehicle KMS of the vehicle (KMS 210 and KMS 220 in FIG. 2 ). Subsequently, the vehicle KMS 210 and/or the vehicle KMS 220 respectively generate the master key of the respective vehicle according to the obtained vehicle key, thereby realizing one key per vehicle.
  • the vehicle KMS 210 and/or the vehicle KMS 220 can use the respective master keys to generate the ECU keys of each ECU in the vehicle (for example, ECU 211, ECU 221), and send each ECU 211 or ECU 221 in the vehicle to each ECU 211 or ECU 221. Distribute and update the corresponding ECU key, thereby realizing one key.
  • the off-vehicle KMS 301 shown in FIG. 3 indicates a KMS outside the vehicle.
  • the off-board KMS 301 may be an OEM KMS, that is, a vehicle key management system that manages vehicle keys for all vehicles.
  • the off-vehicle KMS 301 may also be an intermediate processing plant, for example, the off-vehicle KMS 301 may be a computing node of the processing plant responsible for generating the vehicle key.
  • the vehicle KMS 302 refers to the vehicle KMS inside the vehicle, which will be described below with the vehicle KMS 302 .
  • the off-vehicle KMS 301 may also cooperate with the vehicle KMS other than the vehicle KMS 302 to generate more vehicle keys for more vehicles, which will not be discussed here.
  • the off-vehicle KMS 301 may determine the vehicle key structure by using the vehicle attribute structure, wherein the vehicle attribute structure refers to a structure diagram generated by layering the vehicle by using the vehicle attribute of the vehicle.
  • the vehicle attribute structure may be a tree structure.
  • the vehicle attribute structure 400 shown in FIG. 4 is an abstract structure with hierarchical data, and each element in the vehicle attribute structure 400 may be referred to as a vehicle attribute node, for example, a vehicle attribute node 411, a vehicle attribute node 421, a vehicle attribute Node 431 etc.
  • these nodes may be named individually according to their location information, for example, the vehicle attribute node 411 is located at the top of the vehicle attribute structure 400 and may be referred to as the root vehicle attribute node, and the vehicle attribute node 431 is located at the bottom of the vehicle attribute structure 400 , can be called a leaf vehicle attribute node, the vehicle attribute node 411 is located in the upper layer of the vehicle attribute node 421, and can be called the parent attribute node of the vehicle attribute node 421, meanwhile, the vehicle attribute node 421 can be called the vehicle attribute node 411 The child property node of . The positions of these nodes depend on the attribution relationship of vehicle attributes.
  • any two nodes are connected by only one path, for example, the vehicle attribute node 411 to the vehicle attribute node 431 has and only There is a path, that is, the path from the vehicle attribute node 411 to the vehicle attribute node 431 through the vehicle attribute node 421 .
  • the vehicle attribute determined as the parent attribute node can be called As the parent attribute
  • the vehicle attribute determined as the child attribute node is called the child attribute.
  • a 1.4-liter vehicle is a child of a small vehicle
  • a small car is a parent of a 1.4-liter vehicle.
  • the vehicle attribute structure includes parent attributes as parent attribute nodes and child attributes as child attribute nodes.
  • the root node 411 may indicate an OEM KMS, which may be a key management system used by a vehicle manufacturer of a certain vehicle brand.
  • the OEM KMS can divide the vehicles it manages into the vehicle attribute structure shown in FIG. 4 according to the vehicle attributes. For example, if the OEM KMS is a vehicle The vehicle attributes are divided into the vehicle attribute structure shown in FIG. 4 .
  • the vehicle attributes may include vehicle model, vehicle family, powertrain, color, and/or vehicle configuration. In an implementation, a combination of one or more of the vehicle attributes may be used to generate a vehicle attribute structure as shown in FIG. 4 .
  • vehicles may be classified into miniature cars, small cars, compact cars, mid-sized cars, medium-sized cars, and large-sized cars according to their vehicle types.
  • These vehicle models may correspond to the parent attribute node 421, the parent attribute node 422, and the parent attribute node 42m in FIG. 4, respectively.
  • each vehicle corresponds to each sub-level attribute node 431 to sub-level attribute node 43n according to the vehicle type to which each vehicle belongs. For example, a certain vehicle may correspond to child attribute node 431 .
  • a vehicle key structure 500 may be generated.
  • Each element in the vehicle key structure 500 may be referred to as a vehicle key node, eg, vehicle key node 511, vehicle key node 521, vehicle key node 531, and the like.
  • Vehicle keys in the vehicle key structure 500 at the same position as the vehicle attribute structure 400 correspond to vehicle attributes.
  • the vehicle on the vehicle attribute node 431 has the vehicle key on the vehicle key node 531 .
  • each vehicle key node is associated with the parent key of the parent node, that is, the next level of vehicle key nodes can be generated using the parent key.
  • a parent key 521 may be generated from the root key 511
  • a child key 531 may be generated from the parent key 521 .
  • each vehicle attribute node may correspond to vehicle attributes of one or more vehicles, therefore, each vehicle key node may also correspond to vehicle keys of one or more vehicles, which is not limited in this application.
  • step S310 can be executed to determine the vehicle attribute structure. Then, a corresponding vehicle key structure is determined using the vehicle attribute structure.
  • the off-board KMS 301 may perform step S320, that is, the off-board KMS 301 uses the The vehicle attribute node obtains the parent key corresponding to the vehicle.
  • the off-board KMS 301 may obtain the parent key from the KMS of its parent attribute node.
  • the off-vehicle KMS 301 may determine the node position of the vehicle attribute node in the vehicle attribute structure. Then, using the node location, the vehicle key node of the vehicle in the vehicle key structure is determined; the parent key of the vehicle key node is obtained.
  • the off-vehicle KMS 301 may determine the node position of the vehicle attribute node 431 in the vehicle attribute structure. Then, according to the node position, the vehicle key node 531 of the vehicle in the vehicle attribute structure 500 is determined. At this time, in order to obtain the vehicle key corresponding to the vehicle key node 531, the parent key 521 of the vehicle key node 531 needs to be obtained.
  • step S330 the off-vehicle KMS 301 uses the parent key and the vehicle attribute information corresponding to the vehicle attribute node to generate the vehicle key of the vehicle.
  • the off-vehicle KMS 301 may use the parent key and the vehicle attribute of the vehicle at the current level (ie, the vehicle attribute corresponding to the The vehicle key for the vehicle.
  • the vehicle key can be generated using the acquired parent key and the vehicle attributes of the vehicle at the current level.
  • a two-tuple may be generated using vehicle attributes and a parent key, for example, (vehicle attribute, parent key) or (parent key, vehicle attribute).
  • the method may pre- Sets the position of each element in this 2-tuple.
  • the key length of the output vehicle key and the output key format can be preset, for example, the key format can be determined as "Sub Root Key:", and the output vehicle key can be determined.
  • the key is a 32-bit string.
  • the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
  • the key version information may be involved in generating the vehicle key. That is, a corresponding triplet (key version information, vehicle attribute, parent key) can be generated using the key version information, the vehicle attribute, and the parent key. It should be noted that the order of each element within the triplet may be in a predetermined order. Finally, the triplet is encrypted using the key generation algorithm to generate a vehicle key.
  • the vehicle key generated by the off-vehicle KMS 301 is used as the parent key, and the vehicle attribute of the child attribute node and the parent key are used according to In the manner shown in FIG. 6 , the vehicle key for the child-level attribute node is generated until the node corresponding to the KMS 301 outside the vehicle is the leaf-level attribute node.
  • step S340 the vehicle key is sent to the vehicle KMS 302.
  • the vehicle KMS 302 After receiving the vehicle key, the vehicle KMS 302 uses the vehicle key to generate a master key uniquely corresponding to the vehicle in step S350.
  • the process of generating the master key will be exemplarily explained below with reference to FIG. 7 .
  • the master key of the vehicle may be jointly generated in combination with the identification information of the vehicle. That is, the master key is at least related to the identification information of the vehicle.
  • the identification information refers to information that can uniquely identify the vehicle.
  • the identification information may be a unique identification assigned to the vehicle by the manufacturer during the manufacture of the vehicle.
  • the identification information may also include but is not limited to a vehicle identification number (Vehicle Identification Number, VIN), Equivalent to the "identity card" of the vehicle in question.
  • the master key can be generated using the acquired vehicle key and identification information of the vehicle.
  • the identification information and the vehicle key may be used to generate a two-tuple, for example, (identification information, vehicle key) or (vehicle key, identification information), and in the process of generating the two-tuple, the method may pre- Sets the position of each element in this 2-tuple.
  • the key length of the output master key and the output key format can be preset, for example, the key format can be determined to be "MasterKey:", and the key of the output master key can be determined is a 32-bit string.
  • the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
  • the key version information may be involved in generating the master key. That is to say, a corresponding triple (key version information, identification information, vehicle key) can be generated by using the key version information, the identification information and the vehicle key. It should be noted that each element in the triple The order can follow the preset order. Finally, the triplet is encrypted using the key generation algorithm to generate a master key.
  • the vehicle KMS 302 and the off-vehicle KMS 301 jointly generate the master key of the vehicle, thereby reducing the device pressure of using only the parking key management device. Further, in the case of using the off-vehicle KMS 301 and the vehicle KMS 302 to generate vehicle keys for multiple vehicles, the vehicle KMS 302 uses the vehicle key management device to generate a unique master key for the vehicle according to the vehicle key. This ensures the uniqueness of the master key and improves security while reducing the pressure on off-vehicle key management devices.
  • the vehicle KMS 302 may also perform step S360, and use the master key to determine the ECU key of the ECU.
  • the process of generating the ECU key of the ECU will be exemplarily explained below with reference to FIG. 8 .
  • ECUs are included inside the vehicle, for example, the vehicle interior includes telematics box, keyless entry and start (passive entry passive start, PEPS), etc.
  • PEPS passive entry passive start
  • different ECUs can be assigned different ECU key.
  • the vehicle KMS 302 can use the master key and the identification information of the ECU to generate the ECU key, wherein the identification information of the ECU is the unique identification information set for the ECU before leaving the factory .
  • the identification information of the ECU and the master key can be used to generate a two-tuple, for example, (the identification information of the ECU, the master key) or (the master key, the identification information of the ECU), in the process of generating the two-tuple , the method can preset the position of each element in the binary.
  • the key length of the output ECU key and the output key format can be preset, for example, the key format can be determined to be "ECUKey:", and the key of the output ECU key can be determined is a 32-bit string.
  • the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
  • the key version information can be involved in generating the ECU key. That is to say, the corresponding triplet (key version information, ECU identification information, master key) can be generated by using the key version information, the identification information and the vehicle key. It should be noted that each The order of the elements can be in a preset order. Finally, the triplet is encrypted using the key generation algorithm to generate an ECU key.
  • the vehicle KMS 302 may distribute the corresponding ECU key to each ECU inside the vehicle.
  • the key generation algorithm is used in the process of generating the vehicle key, the master key and the ECU key, but the key generation algorithm used in the above process may be the same or different. There is no restriction on the application.
  • the method can realize one key per ECU by using the master key in the vehicle KMS 302 under the condition of realizing one key for one vehicle, thereby improving the security between each ECU.
  • the vehicle KMS 302 can generate the ECU key of the new ECU according to the master key and the identification information of the new ECU.
  • the vehicle key management method of the exemplary embodiment of the present application also involves updating each ECU key inside the vehicle, and the process of updating the ECU key will be described below with reference to FIG. 9 .
  • the ECU key generated for the ECU in FIG. 3 is referred to as the first ECU key
  • the key obtained after updating the first ECU key is referred to as the second ECU key.
  • the second ECU key may be generated by updating the version information in the above-mentioned triplet.
  • the vehicle KMS 901 can generate and manage ECU keys for multiple ECUs, which will be described below for a single ECU.
  • the vehicle KMS 901 and the ECU 902 need to be verified respectively. Only after passing the verification, the existing ECU key of the ECU 902 can be updated to The new ECU key, in the process, as long as the verification fails, the operation is terminated, as follows:
  • the vehicle KMS 901 may generate first verification information, wherein the first verification information is information generated after encrypting the first information with the first ECU key, wherein the first information may be randomly generated
  • the random number may also be specific information set according to user requirements, which is not limited in this application.
  • step S9020 the vehicle KMS 901 sends the first verification information to the ECU 902.
  • the ECU 902 After receiving the first verification information, the ECU 902 performs the verification operation. Specifically, in step S9030, the ECU 902 decrypts the first verification information, and if the decryption is successful, the verification is passed. In implementation, the first verification information can be decrypted only when the ECU key stored in the ECU 902 is the first ECU key. In step S9030, the ECU 902 decrypts the first verification information using the first ECU key to obtain the first information.
  • the ECU 902 can perform step S9040 to generate the second verification information. Specifically, the ECU 902 can generate the second information, wherein the second information can be a random number generated randomly, or it can be a random number generated according to the user The specific information required to be set is not limited in this application. Subsequently, the ECU 902 may encrypt the first information and the second information using the first ECU key to generate the second verification information.
  • step S9050 the ECU 902 may transmit the second verification information to the vehicle KMS 901.
  • step S9060 after receiving the second verification information, the vehicle KMS 901 can use the first ECU key to decrypt the second verification information, and determine that the decrypted second verification information includes the first information. If there is no information, it is determined that the verification is successful.
  • step S9070 the vehicle KMS 901 encrypts the first information, the second information and the second ECU key by using the first ECU key to generate third verification information.
  • step S9080 the vehicle KMS 901 sends the third verification information to the ECU 902.
  • step S9090 the ECU 902 decrypts the third verification information by using the first ECU key. If the decryption is successful, it proves that the verification is passed, and after the decryption is successful, the first information, the second information and the second ECU key are obtained. .
  • step S9100 the ECU 902 may update the first ECU key to the second ECU key.
  • the ECU may first verify the vehicle KMS that initiates the data update process, and after the verification is passed, the vehicle KMS may The ECUs that update the data are verified, and after the verifications are passed, the updated ECU keys are transmitted to the ECUs in a mutually verifiable manner, thereby ensuring the authenticity of the data and the security of communication.
  • the electronic device of the exemplary embodiment of the present application may have a structure as shown in FIG. 10 , wherein the vehicle key management device may perform the functions performed by the off-vehicle KMS 301 in FIG. The functions performed by the vehicle KMS 301 and the vehicle KMS 901 in FIG. 9 , or the functions performed by the ECU 902 in FIG. 9 .
  • the electronic device may include a processing module 1010 and a communication module 1020 .
  • the processing module 1010 may determine the vehicle attribute node of the vehicle in the vehicle attribute structure; using the vehicle attribute node, Obtain the parent key corresponding to the vehicle; and generate the vehicle key of the vehicle by using the parent key and the vehicle attribute information corresponding to the vehicle attribute node.
  • the communication module 1020 may be configured to send the vehicle key to the vehicle, wherein the vehicle key can be used by a vehicle key management device to generate a master key uniquely corresponding to the vehicle.
  • the communication module 1020 may be configured to receive a vehicle key corresponding to the vehicle from an off-vehicle key management device.
  • the processing module 1010 may be configured to use the vehicle key to generate a master key uniquely corresponding to the vehicle.
  • the communication module 1010 may receive a first ECU key from a vehicle key management device, wherein the first ECU key is the master key uniquely corresponding to the vehicle generated by the vehicle key management device using the vehicle key of the vehicle, the vehicle key being the key received from the outside vehicle management device.
  • Embodiments of the present application provide a vehicle key management device, comprising: a processor and a memory for storing instructions executable by the processor; wherein the processor is configured to implement the above method when executing the instructions.
  • Embodiments of the present application provide a non-volatile computer-readable storage medium on which computer program instructions are stored, and when the computer program instructions are executed by a processor, implement the above method.
  • Embodiments of the present application provide a computer program product, including computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are stored in a processor of an electronic device When running in the electronic device, the processor in the electronic device executes the above method.
  • a computer-readable storage medium may be a tangible device that can hold and store instructions for use by the instruction execution device.
  • the computer-readable storage medium may be, for example, but not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
  • Computer-readable storage media include: portable computer disks, hard disks, random access memory (RAM), read only memory (ROM), erasable programmable read-only memory (Electrically Programmable Read-Only-Memory, EPROM or flash memory), static random access memory (Static Random-Access Memory, SRAM), portable compact disk read-only memory (Compact Disc Read-Only Memory, CD - ROM), Digital Video Disc (DVD), memory sticks, floppy disks, mechanically encoded devices, such as punch cards or raised structures in grooves on which instructions are stored, and any suitable combination of the foregoing .
  • RAM random access memory
  • ROM read only memory
  • EPROM erasable programmable read-only memory
  • EPROM Errically Programmable Read-Only-Memory
  • SRAM static random access memory
  • portable compact disk read-only memory Compact Disc Read-Only Memory
  • CD - ROM Compact Disc Read-Only Memory
  • DVD Digital Video Disc
  • memory sticks floppy disks
  • Computer readable program instructions or code described herein may be downloaded to various computing/processing devices from a computer readable storage medium, or to an external computer or external storage device over a network such as the Internet, a local area network, a wide area network and/or a wireless network.
  • the network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers.
  • a network adapter card or network interface in each computing/processing device receives computer-readable program instructions from a network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .
  • the computer program instructions used to perform the operations of the present application may be assembly instructions, Instruction Set Architecture (ISA) instructions, machine instructions, machine-related instructions, microcode, firmware instructions, state setting data, or in one or more source or object code written in any combination of programming languages, including object-oriented programming languages such as Smalltalk, C++, etc., and conventional procedural programming languages such as the "C" language or similar programming languages.
  • the computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement.
  • the remote computer may be connected to the user's computer through any kind of network—including a Local Area Network (LAN) or a Wide Area Network (WAN)—or, may be connected to an external computer (eg, use an internet service provider to connect via the internet).
  • electronic circuits such as programmable logic circuits, Field-Programmable Gate Arrays (FPGA), or Programmable Logic Arrays (Programmable Logic Arrays), are personalized by utilizing state information of computer-readable program instructions.
  • Logic Array, PLA the electronic circuit can execute computer readable program instructions to implement various aspects of the present application.
  • These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer or other programmable data processing apparatus to produce a machine that causes the instructions when executed by the processor of the computer or other programmable data processing apparatus , resulting in means for implementing the functions/acts specified in one or more blocks of the flowchart and/or block diagrams.
  • These computer readable program instructions can also be stored in a computer readable storage medium, these instructions cause a computer, programmable data processing apparatus and/or other equipment to operate in a specific manner, so that the computer readable medium on which the instructions are stored includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks of the flowchart and/or block diagrams.
  • Computer readable program instructions can also be loaded onto a computer, other programmable data processing apparatus, or other equipment to cause a series of operational steps to be performed on the computer, other programmable data processing apparatus, or other equipment to produce a computer-implemented process , thereby causing instructions executing on a computer, other programmable data processing apparatus, or other device to implement the functions/acts specified in one or more blocks of the flowcharts and/or block diagrams.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more functions for implementing the specified logical function(s) executable instructions.
  • the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations can be implemented in hardware (eg, circuits or ASICs (Application) that perform the corresponding functions or actions. Specific Integrated Circuit, application-specific integrated circuit)), or can be implemented by a combination of hardware and software, such as firmware.

Abstract

Embodiments of the present application relate to a vehicle key management method, device, and system. The system comprises: a vehicle external key management device, which is used to generate a vehicle key of a vehicle, wherein the vehicle key corresponds to a plurality of vehicles; the vehicle key is sent to a vehicle key management device, the vehicle key management device being used to receive the vehicle key from the vehicle external key management device; and the vehicle key is used to generate a master key uniquely corresponding to the vehicle. By using the present application, a vehicle external key management device cooperates with a vehicle key management device to generate a master key of a vehicle, thereby reducing the pressure of the vehicle external key management device and improving the security of a vehicle key.

Description

车辆密钥管理方法、设备及其系统Vehicle key management method, device and system 技术领域technical field
本申请涉及车联网领域,尤其涉及一种车辆密钥管理方法、设备及其系统。The present application relates to the field of Internet of Vehicles, and in particular, to a vehicle key management method, device and system thereof.
背景技术Background technique
随着汽车电子、信息技术和网络的快速发展,出现在互联网等领域的传统信息安全问题渐渐对车联网络内的车辆带来威胁,严重的阻碍了传统汽车向智能网联化方向发展。这其中,车辆密钥的安全问题尤为重要,车辆密钥可用于标识车联网络内的每个车辆,从而执行车间通信、保存车内敏感数据等操作。因此,相关技术中需要建立一个安全的密钥管理系统,该密钥管理系统能够为各个车辆分配车辆密钥。With the rapid development of automotive electronics, information technology and networks, traditional information security problems in the Internet and other fields have gradually threatened the vehicles in the connected car network, seriously hindering the development of traditional cars in the direction of intelligent network connection. Among them, the security of the vehicle key is particularly important. The vehicle key can be used to identify each vehicle in the vehicle network, so as to perform operations such as inter-vehicle communication and saving sensitive data in the vehicle. Therefore, in the related art, it is necessary to establish a secure key management system, which can distribute vehicle keys for each vehicle.
在相关技术中,通常由原始设备制造商(original equipment manufacturer,OEM)密钥管理系统(key management system,KMS)集中负责其制造的所有车辆的车辆密钥,包括向车辆相关的各个产线中的代工厂/设备生产厂分发车辆密钥等,这样会对OEM KMS造成很大的负担,从而降低了管理效率和安全性。In the related art, the key management system (KMS) of the original equipment manufacturer (OEM) is usually responsible for the vehicle keys of all the vehicles it manufactures, including sending the keys to the various production lines related to the vehicles. OEMs/equipment manufacturers distribute vehicle keys, etc., which will place a great burden on the OEM KMS, thereby reducing management efficiency and security.
发明内容SUMMARY OF THE INVENTION
本申请实施例提出了一种车辆密钥管理方法、设备及其系统,用于提高车辆密钥的管理效率和安全性。The embodiments of the present application propose a vehicle key management method, device, and system, which are used to improve the management efficiency and security of vehicle keys.
第一方面,本申请实施例提供一种车辆密钥管理系统,所述系统包括:车外密钥管理设备,用于生成所述车辆的车辆密钥,其中,所述车辆密钥对应于多辆车辆;将所述车辆密钥发送到车辆密钥管理设备,车辆密钥管理设备,用于从车外密钥管理设备接收所述车辆密钥;利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。In a first aspect, an embodiment of the present application provides a vehicle key management system, the system comprising: an off-vehicle key management device configured to generate a vehicle key of the vehicle, wherein the vehicle key corresponds to multiple send the vehicle key to a vehicle key management device, the vehicle key management device is used to receive the vehicle key from the off-vehicle key management device; use the vehicle key to generate and The vehicle's unique corresponding master key.
在所述系统中,车辆密钥管理设备与车外密钥管理设备共同生成车辆的主密钥,从而减轻了仅采用车位密钥管理设备的设备压力,此外,在所述系统中,在利用所述车外密钥管理设备生成针对多辆车辆的车辆密钥的情况下,利用车辆密钥管理设备根据该车辆密钥生成针对车辆唯一的主密钥,从而在减轻车外密钥管理设备的压力的情况下保证了主密钥的唯一性并提高了安全性。In the system, the vehicle key management device and the off-vehicle key management device jointly generate the master key of the vehicle, thereby reducing the device pressure of only using the parking space key management device. When the off-vehicle key management device generates vehicle keys for multiple vehicles, the vehicle key management device is used to generate a unique master key for the vehicle according to the vehicle key, thereby reducing the need for the off-vehicle key management device. The uniqueness of the master key is guaranteed and the security is improved under the pressure.
第二方面,本申请实施例提供一种车辆密钥管理方法,所述方法包括从车外密钥管理设备接收与所述车辆对应的车辆密钥;利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。In a second aspect, an embodiment of the present application provides a vehicle key management method, the method includes receiving a vehicle key corresponding to the vehicle from an off-vehicle key management device; using the vehicle key to generate a vehicle key corresponding to the vehicle The vehicle's unique corresponding master key.
在所述方法中,针对车辆的主密钥是由车辆密钥管理设备所生成的,也就是说,将主密钥的生成操作下放到车辆,使车辆参与到主密钥的生成中来并保证了主密钥的唯一性。In the method, the master key for the vehicle is generated by the vehicle key management device, that is, the operation of generating the master key is delegated to the vehicle, so that the vehicle participates in the generation of the master key and The uniqueness of the master key is guaranteed.
在一种可能的设计中,所述方法还包括:利用所述主密钥,确定所述车辆内的电子控制单元ECU对应的第一ECU密钥。In a possible design, the method further includes: using the master key to determine a first ECU key corresponding to an electronic control unit ECU in the vehicle.
所述方法可在实现一车一密的情况下,利用所述主密钥,实现一ECU一密钥,提 高了各ECU之间的安全性。The method can use the master key to realize one key for one ECU under the condition of realizing one encryption for one vehicle, thereby improving the security between each ECU.
在一种可能的设计中,所述方法还包括:向所述ECU发送第一ECU密钥。In a possible design, the method further includes: sending the first ECU key to the ECU.
也就是说,所述车辆密钥管理设备不仅负责生成ECU密钥还负责对各个ECU密钥进行分发。That is, the vehicle key management device is not only responsible for generating ECU keys but also responsible for distributing each ECU key.
在一种可能的设计中,所述方法还包括:向所述ECU发送第二ECU密钥,其中,第二ECU密钥是对第一ECU密钥更新后生成的密钥。In a possible design, the method further includes: sending a second ECU key to the ECU, where the second ECU key is a key generated after updating the first ECU key.
所述方法不仅可实现ECU密钥的生成,还可对ECU密钥进行更新,进一步提高了安全性。The method can not only realize the generation of the ECU key, but also can update the ECU key, which further improves the security.
在一种可能的设计中,所述方法在向所述ECU发送第二ECU密钥之前还包括:向所述ECU发送第一验证信息,其中,第一验证信息是利用第一ECU密钥对第一信息进行加密后生成的信息。In a possible design, before sending the second ECU key to the ECU, the method further includes: sending first verification information to the ECU, wherein the first verification information is a pair of keys using the first ECU key Information generated after the first information is encrypted.
为了保证安全性,可在对ECU密钥执行更新前,分别验证ECU与车辆密钥管理设备的通信是否是安全的,如上所述,可向ECU发送利用第一ECU密钥执行加密的第一验证信息。In order to ensure security, it is possible to separately verify whether the communication between the ECU and the vehicle key management device is secure before performing the update of the ECU key. verify message.
在一种可能的设计中,所述方法还包括:从所述ECU接收第二验证信息。In a possible design, the method further includes: receiving second verification information from the ECU.
在验证通信安全的过程中,ECU还需要对车辆密钥管理设备执行验证操作,因此,ECU向车辆密钥管理设备发送第二验证信息。In the process of verifying the security of the communication, the ECU also needs to perform a verification operation on the vehicle key management device. Therefore, the ECU sends the second verification information to the vehicle key management device.
在一种可能的设计中,所述方法还包括:利用第一ECU密钥对第二验证信息进行解密操作,获取解密后的第二验证信息。In a possible design, the method further includes: performing a decryption operation on the second verification information by using the first ECU key to obtain the decrypted second verification information.
在验证通信安全的过程中,若车辆密钥管理设备可利用第一ECU密钥对第二验证信息执行成功解密,则所说明车辆密钥管理设备验证通过。In the process of verifying communication security, if the vehicle key management device can successfully decrypt the second verification information by using the first ECU key, the described vehicle key management device passes the verification.
在一种可能的设计中,所述方法还包括:在确定解密后的第二验证信息包括第一信息的情况下,利用第一ECU密钥对解密后的第二验证信息和第二ECU密钥执行加密操作,生成第三验证信息。In a possible design, the method further includes: when it is determined that the decrypted second verification information includes the first information, using the first ECU key to pair the decrypted second verification information with the second ECU key The encryption key is used to perform encryption operations to generate third verification information.
在通过以上验证操作后,为了安全起见,可利用现有的ECU密钥(第一ECU密钥)对将更新的ECU密钥(第二ECU密钥)执行加密。After passing the above verification operation, encryption of the ECU key to be updated (second ECU key) may be performed using the existing ECU key (first ECU key) for security.
在一种可能的设计中,所述方法还包括:将第三验证信息发送到所述ECU。In a possible design, the method further includes: sending third verification information to the ECU.
所述方法可将经过加密后的第二ECU密钥发送到ECU,这样可保证通信安全性的同时使ECU获取第二ECU密钥。The method can send the encrypted second ECU key to the ECU, so that the ECU can obtain the second ECU key while ensuring communication security.
在一种可能的设计中,第一ECU密钥至少与所述主密钥以及第一ECU的标识信息相关。In a possible design, the first ECU key is at least related to the master key and the identification information of the first ECU.
第一ECU密钥与主密钥以及第一ECU的标识信息相关,既保证了该ECU密钥与所在车辆相关又保证了车内各个ECU的唯一性。The first ECU key is related to the master key and the identification information of the first ECU, which not only ensures that the ECU key is related to the vehicle in which it is located, but also ensures the uniqueness of each ECU in the vehicle.
在一种可能的设计中,第一ECU密钥与所述主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。In a possible design, the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
考虑到需要对ECU密钥执行更新操作,因此,所述第一ECU密钥在与主密钥和标识信息相关之外还可与版本信息相关。Considering that an update operation needs to be performed on the ECU key, the first ECU key can also be related to version information in addition to the master key and identification information.
在一种可能的设计中,利用所述主密钥,确定所述车辆内的电子控制单元(ECU)对应的第一ECU密钥包括:利用所述主密钥、所述ECU密钥的密钥版本信息以及所 述ECU的标识信息构成的三元组作为第一ECU密钥。In a possible design, using the master key to determine the first ECU key corresponding to an electronic control unit (ECU) in the vehicle includes: using the master key and the encryption key of the ECU key The triplet composed of the key version information and the identification information of the ECU is used as the first ECU key.
在实施中,可通过三元组的形式构建第一EUC密钥。In an implementation, the first EUC key may be constructed in the form of a triplet.
在一种可能的设计中,所述主密钥至少与所述车辆密钥所述车辆的标识信息相关。In a possible design, the master key is at least related to the vehicle key and the identification information of the vehicle.
为了使所述主密钥与车辆唯一对应,所述主密钥可与该车辆的标识信息相关。In order for the master key to uniquely correspond to a vehicle, the master key may be associated with identification information of the vehicle.
在一种可能的设计中,所述主密钥与所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息相关。In a possible design, the master key is related to the vehicle key, key version information of the master key, and identification information of the vehicle.
为了能够对所述主密钥执行更新,所述主密钥还可与密钥版本信息相关。In order to be able to perform an update on the master key, the master key may also be associated with key version information.
在一种可能的设计中,利用所述车辆密钥,生成与所述车辆唯一对应的主密钥,包括:利用所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息构成的三元组作为所述车辆的主密钥。In a possible design, using the vehicle key to generate a master key uniquely corresponding to the vehicle includes: using the vehicle key, key version information of the master key, and the vehicle The triplet composed of the identification information is used as the master key of the vehicle.
在实施中,可将所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息通过三元组的形式构建所述主密钥。In implementation, the master key may be constructed by using the vehicle key, the key version information of the master key, and the identification information of the vehicle in the form of a triplet.
在第三方面,本申请实施例提供一种车辆密钥管理方法包括:确定所述车辆在车辆属性结构中的车辆属性节点;利用所述车辆属性节点,获取与所述车辆对应的父密钥;利用所述父密钥以及所述车辆属性节点对应的车辆属性信息,生成所述车辆的车辆密钥;向所述车辆发送所述车辆密钥,其中,所述车辆密钥能够被车辆密钥管理设备用于生成所述车辆唯一对应的主密钥。In a third aspect, an embodiment of the present application provides a vehicle key management method comprising: determining a vehicle attribute node of the vehicle in a vehicle attribute structure; using the vehicle attribute node to obtain a parent key corresponding to the vehicle ; Use the parent key and the vehicle attribute information corresponding to the vehicle attribute node to generate the vehicle key of the vehicle; send the vehicle key to the vehicle, wherein the vehicle key can be encrypted by the vehicle The key management device is used to generate a master key uniquely corresponding to the vehicle.
在所述方法中,在确定所述车辆的父密钥以及车辆属性信息,可生成所述车辆的车辆密钥,这种方式能够将车辆密钥的生成操作下放到制造车辆的各个中间商,从而减轻了OEM KMS的压力。In the method, after determining the parent key of the vehicle and the vehicle attribute information, the vehicle key of the vehicle can be generated. In this way, the generation operation of the vehicle key can be delegated to each intermediary that manufactures the vehicle. Thereby reducing the pressure on the OEM KMS.
在一种可能的设计中,所述车辆密钥还与车辆密钥的版本信息相关。In a possible design, the vehicle key is also related to version information of the vehicle key.
为了能够实现车辆密钥更新,所述车辆密钥可与版本信息相关。In order to enable vehicle key update, the vehicle key may be associated with version information.
在一种可能的设计中,所述方法还包括:将车辆属性按照父子关系生成所述车辆属性结构,其中,所述车辆属性结构包括多个车辆属性节点,位于所述车辆属性节点的上层节点指示所述车辆属性节点的父级属性节点;生成与所述车辆属性结构在结构上相同的车辆密钥结构,其中,所述车辆密钥结构包括多个车辆密钥节点,位于所述车辆密钥节点的上层密钥指示所述车辆密钥节点的父密钥。In a possible design, the method further includes: generating the vehicle attribute structure according to the vehicle attributes according to the parent-child relationship, wherein the vehicle attribute structure includes a plurality of vehicle attribute nodes, which are located at the upper node of the vehicle attribute nodes Indicates a parent attribute node of the vehicle attribute node; generating a vehicle key structure that is structurally identical to the vehicle attribute structure, wherein the vehicle key structure includes a plurality of vehicle key nodes located in the vehicle key The upper key of the key node indicates the parent key of the vehicle key node.
所述方法可按照车辆属性生成车辆属性结构的情况下,确定车辆密钥结构,这样在生成车辆密钥的过程中可通过这种分层结构逐层操作,生成最终的车辆密钥,减轻了OEM KMS的数据处理量。The method can determine the vehicle key structure under the condition that the vehicle attribute structure is generated according to the vehicle attributes, so that in the process of generating the vehicle key, the final vehicle key can be generated through the layer-by-layer operation through this layered structure. Data processing volume of OEM KMS.
在一种可能的设计中,利用所述车辆属性节点,获取与所述车辆对应的父密钥包括:确定所述车辆属性节点在所述车辆属性结构中的节点位置;利用所述节点位置,确定所述车辆在所述车辆密钥结构中的车辆密钥节点;获取所述车辆密钥节点的父密钥。In a possible design, using the vehicle attribute node to obtain the parent key corresponding to the vehicle includes: determining the node position of the vehicle attribute node in the vehicle attribute structure; using the node position, Determine the vehicle key node of the vehicle in the vehicle key structure; obtain the parent key of the vehicle key node.
在实施中,所述方法可利用车辆属性节点在确定车辆所在的节点位置后,利用该节点位置确定父密钥,从而生成车辆密钥。In implementation, the method may use the vehicle attribute node to determine the node location where the vehicle is located, and then utilize the node location to determine the parent key, thereby generating the vehicle key.
在第四方面,本申请实施例提供一种车辆密钥管理方法,所述方法包括:从车辆密钥管理设备接收第一ECU密钥,其中,第一ECU密钥是所述车辆密钥管理设备利用所述车辆的车辆密钥生成的与所述车辆唯一对应的主密钥,所述车辆密钥是从车外 管理设备接收的密钥。In a fourth aspect, embodiments of the present application provide a vehicle key management method, the method comprising: receiving a first ECU key from a vehicle key management device, wherein the first ECU key is the vehicle key management The device generates a master key uniquely corresponding to the vehicle using a vehicle key of the vehicle, the vehicle key being a key received from an off-vehicle management device.
所述方法利用所述主密钥生成了ECU所独有的ECU密钥,实现了一ECU一密钥。The method uses the master key to generate an ECU key unique to the ECU, and implements one ECU one key.
在一种可能的设计中,第一ECU密钥与主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。In a possible design, the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
为了能够保证每个ECU具备与其对应唯一的ECU密钥并且能够对该ECU密钥执行更新操作,所述第一ECU密钥可与主密钥、密钥版本信息以及标识信息相关。In order to ensure that each ECU has its corresponding unique ECU key and can perform an update operation on the ECU key, the first ECU key may be related to the master key, key version information and identification information.
在一种可能的设计中,所述方法还包括:从所述车辆密钥管理设备接收第一验证信息。In a possible design, the method further includes: receiving first verification information from the vehicle key management device.
在实施中,在对ECU执行密钥更新前,需要对该ECU执行验证操作,因此,可向该ECU发送第一验证信息。In implementation, before the key update is performed on the ECU, a verification operation needs to be performed on the ECU, so the first verification information can be sent to the ECU.
在一种可能的设计中,所述方法还包括:利用第一ECU密钥对第一验证信息进行解密操作,获取第一信息。In a possible design, the method further includes: decrypting the first verification information by using the first ECU key to obtain the first information.
也就是说,在ECU利用其现有的ECU密钥(第一ECU密钥)对第一验证信息成功解密后,说明ECU通过了验证。That is to say, after the ECU successfully decrypts the first verification information by using its existing ECU key (the first ECU key), it means that the ECU has passed the verification.
在一种可能的设计中,所述方法还包括:向所述车辆密钥管理设备发送第二验证信息,其中,第二验证信息是利用第一ECU密钥对第一信息和第二信息进行加密后生成的信息。In a possible design, the method further includes: sending second verification information to the vehicle key management device, wherein the second verification information is the use of the first ECU key to perform the first information and the second information. Information generated after encryption.
也就是说,ECU在对ECU密钥执行更新前,需要对发送方(车辆管理设备)进行验证,因此,可利用现有的ECU密钥(第一ECU密钥)生成第二验证信息,并将其发送到发送方。That is, the ECU needs to authenticate the sender (vehicle management device) before executing the update of the ECU key, so the second authentication information can be generated using the existing ECU key (the first ECU key), and send it to the sender.
在一种可能的设计中,所述方法还包括:从所述车辆密钥管理设备接收第三验证信息。In a possible design, the method further includes: receiving third verification information from the vehicle key management device.
在通过以上验证操作后,ECU可接收到第三验证信息。After passing the above verification operation, the ECU may receive the third verification information.
在一种可能的设计中,所述方法还包括:利用第一ECU密钥对第三验证信息进行解密操作,获取解密后的第三验证信息。In a possible design, the method further includes: performing a decryption operation on the third verification information by using the first ECU key to obtain the decrypted third verification information.
在实施中,可利用现有的ECU密钥解密出新的ECU密钥。In implementation, a new ECU key can be decrypted using the existing ECU key.
在一种可能的设计中,所述方法还包括:在确定解密后的第三验证信息包括第二信息的情况下,将第一ECU密钥更新为解密后的第三验证信息内包括的第二ECU密钥。In a possible design, the method further includes: when it is determined that the decrypted third verification information includes the second information, updating the first ECU key to the first ECU key included in the decrypted third verification information 2. ECU key.
在通过验证后,可执行ECU的密钥更新操作。After passing the verification, the key update operation of the ECU can be performed.
在第五方面,本申请实施例提供一种车辆密钥管理设备,包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器被配置为执行所述指令时实现第二方面至第四方面的任一方法。In a fifth aspect, an embodiment of the present application provides a vehicle key management device, including: a processor; a memory for storing instructions executable by the processor; wherein the processor is configured to implement the first step when executing the instructions Any method of the second aspect to the fourth aspect.
在第六方面,本申请实施例提供一种非易失性计算机可读存储介质,其上存储有计算机程序指令,所述计算机程序指令被处理器执行时实现第二方面至第四方面的任一方法。In a sixth aspect, embodiments of the present application provide a non-volatile computer-readable storage medium on which computer program instructions are stored, and when the computer program instructions are executed by a processor, implement any of the second to fourth aspects. a method.
在第七方面,本申请实施例提供一种计算机程序产品,其特征在于,包括计算机可读代码,或者承载有计算机可读代码的非易失性计算机可读存储介质,当所述计算机可读代码在电子设备的处理器中运行时,所述电子设备中的处理器执行第二方面至 第四方面的任一方法。In a seventh aspect, embodiments of the present application provide a computer program product, which is characterized by comprising computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are When the code is run in the processor of the electronic device, the processor in the electronic device executes any of the methods of the second to fourth aspects.
第八方面,本申请实施例提供一种车辆密钥管理设备,所述车辆密钥管理设备包括通信模块,用于从车外密钥管理设备接收与所述车辆对应的车辆密钥;主密钥生成模块,用于利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。In an eighth aspect, an embodiment of the present application provides a vehicle key management device, the vehicle key management device includes a communication module for receiving a vehicle key corresponding to the vehicle from an off-vehicle key management device; a master key A key generation module is used for generating a master key uniquely corresponding to the vehicle by using the vehicle key.
在一种可能的设计中,所述设备还可包括:确定模块,用于利用所述主密钥,确定所述车辆内的电子控制单元ECU对应的第一ECU密钥。In a possible design, the device may further include: a determination module, configured to use the master key to determine the first ECU key corresponding to the electronic control unit ECU in the vehicle.
在一种可能的设计中,所述通信模块还用于向所述ECU发送第一ECU密钥。In a possible design, the communication module is further configured to send the first ECU key to the ECU.
在一种可能的设计中,所述通信模块还用于向所述ECU发送第二ECU密钥,其中,第二ECU密钥是对第一ECU密钥更新后生成的密钥。In a possible design, the communication module is further configured to send a second ECU key to the ECU, where the second ECU key is a key generated after updating the first ECU key.
在一种可能的设计中,所述通信模块在向所述ECU发送第二ECU密钥之前还向所述ECU发送第一验证信息,其中,第一验证信息是利用第一ECU密钥对第一信息进行加密后生成的信息。In a possible design, the communication module further sends first verification information to the ECU before sending the second ECU key to the ECU, wherein the first verification information is to use the first ECU key to verify the first verification information. Information generated by encrypting a message.
在一种可能的设计中,所述通信模块还用于从所述ECU接收第二验证信息。In a possible design, the communication module is further configured to receive second verification information from the ECU.
在一种可能的设计中,所述设备还包括:解密模块,用于利用第一ECU密钥对第二验证信息进行解密操作,获取解密后的第二验证信息。In a possible design, the device further includes: a decryption module, configured to perform a decryption operation on the second verification information by using the first ECU key to obtain the decrypted second verification information.
在一种可能的设计中,所述设备还包括:第三验证信息生成模块,用于在确定解密后的第二验证信息包括第一信息的情况下,利用第一ECU密钥对解密后的第二验证信息和第二ECU密钥执行加密操作,生成第三验证信息。In a possible design, the device further includes: a third verification information generation module, configured to use the first ECU key to pair the decrypted second verification information with the first ECU key when it is determined that the decrypted second verification information includes the first information. The second verification information and the second ECU key are encrypted to generate the third verification information.
在一种可能的设计中,所述通信模块还用于将第三验证信息发送到所述ECU。In a possible design, the communication module is further configured to send third verification information to the ECU.
在一种可能的设计中,第一ECU密钥至少与所述主密钥以及第一ECU的标识信息相关。In a possible design, the first ECU key is at least related to the master key and the identification information of the first ECU.
在一种可能的设计中,第一ECU密钥与所述主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。In a possible design, the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
在一种可能的设计中,所述确定模块具体用于利用所述主密钥、所述ECU密钥的密钥版本信息以及所述ECU的标识信息构成的三元组作为第一ECU密钥。In a possible design, the determining module is specifically configured to use a triplet composed of the master key, the key version information of the ECU key, and the identification information of the ECU as the first ECU key .
在一种可能的设计中,所述主密钥至少与所述车辆密钥所述车辆的标识信息相关。In a possible design, the master key is at least related to the vehicle key and the identification information of the vehicle.
在一种可能的设计中,所述主密钥与所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息相关。In a possible design, the master key is related to the vehicle key, key version information of the master key, and identification information of the vehicle.
在一种可能的设计中,所述主密钥生成模块具体用于利用所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息构成的三元组作为所述车辆的主密钥。In a possible design, the master key generation module is specifically configured to use a triplet composed of the vehicle key, the key version information of the master key, and the identification information of the vehicle as the The vehicle's master key.
第九方面,本申请实施例提供一种车辆密钥管理设备,所述车辆密钥管理设备包括确定模块,用于确定所述车辆在车辆属性结构中的车辆属性节点;父密钥获取模块,用于利用所述车辆属性节点,获取与所述车辆对应的父密钥;车辆密钥生成模块,用于利用所述父密钥以及所述车辆属性节点对应的车辆属性信息,生成所述车辆的车辆密钥;通信模块,用于向所述车辆发送所述车辆密钥,其中,所述车辆密钥能够被车辆密钥管理设备用于生成所述车辆唯一对应的主密钥。In a ninth aspect, an embodiment of the present application provides a vehicle key management device, the vehicle key management device includes a determination module for determining a vehicle attribute node of the vehicle in a vehicle attribute structure; a parent key acquisition module, is used to obtain the parent key corresponding to the vehicle by using the vehicle attribute node; a vehicle key generation module is used to generate the vehicle by using the parent key and the vehicle attribute information corresponding to the vehicle attribute node The vehicle key; a communication module for sending the vehicle key to the vehicle, wherein the vehicle key can be used by a vehicle key management device to generate a uniquely corresponding master key for the vehicle.
在一种可能的设计中,所述车辆密钥还与车辆密钥的版本信息相关。In a possible design, the vehicle key is also related to version information of the vehicle key.
在一种可能的设计中,所述设备还包括:车辆属性结构生成模块,用于将车辆属性按照父子关系生成所述车辆属性结构,其中,所述车辆属性结构包括多个车辆属性节点,位 于所述车辆属性节点的上层节点指示所述车辆属性节点的父级属性节点;生成与所述车辆属性结构在结构上相同的车辆密钥结构,其中,所述车辆密钥结构包括多个车辆密钥节点,位于所述车辆密钥节点的上层密钥指示所述车辆密钥节点的父密钥。In a possible design, the device further includes: a vehicle attribute structure generation module, configured to generate the vehicle attribute structure according to the vehicle attributes according to the parent-child relationship, wherein the vehicle attribute structure includes a plurality of vehicle attribute nodes, located in The upper node of the vehicle attribute node indicates the parent attribute node of the vehicle attribute node; a vehicle key structure that is structurally identical to the vehicle attribute structure is generated, wherein the vehicle key structure includes a plurality of vehicle key structures. key node, the upper key located at the vehicle key node indicates the parent key of the vehicle key node.
在一种可能的设计中,父密钥获取模块具体用于利用所述车辆属性节点,确定所述车辆属性节点在所述车辆属性结构中的节点位置;利用所述节点位置,确定所述车辆在所述车辆密钥结构中的车辆密钥节点;获取所述车辆密钥节点的父密钥。In a possible design, the parent key acquisition module is specifically configured to use the vehicle attribute node to determine the node position of the vehicle attribute node in the vehicle attribute structure; use the node position to determine the vehicle attribute the vehicle key node in the vehicle key structure; obtain the parent key of the vehicle key node.
第十方面,本申请实施例提供一种车辆密钥管理设备,所述车辆管理设备包括:通信模块,用于从车辆密钥管理设备接收第一ECU密钥,其中,第一ECU密钥是所述车辆密钥管理设备利用所述车辆的车辆密钥生成的与所述车辆唯一对应的主密钥,所述车辆密钥是从车外管理设备接收的密钥。In a tenth aspect, an embodiment of the present application provides a vehicle key management device, the vehicle management device comprising: a communication module configured to receive a first ECU key from the vehicle key management device, wherein the first ECU key is The vehicle key management device generates a master key uniquely corresponding to the vehicle using a vehicle key of the vehicle, the vehicle key being a key received from an off-vehicle management device.
在一种可能的设计中,第一ECU密钥与主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。In a possible design, the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
在一种可能的设计中,所述通信模块还用于从所述车辆密钥管理设备接收第一验证信息。In a possible design, the communication module is further configured to receive first verification information from the vehicle key management device.
在一种可能的设计中,所述设备还包括:第一信息获取模块,用于利用第一ECU密钥对第一验证信息进行解密操作,获取第一信息。In a possible design, the device further includes: a first information acquisition module, configured to perform a decryption operation on the first verification information by using the first ECU key to acquire the first information.
在一种可能的设计中,所述通信模块还用于向所述车辆密钥管理设备发送第二验证信息,其中,第二验证信息是利用第一ECU密钥对第一信息和第二信息进行加密后生成的信息。In a possible design, the communication module is further configured to send second verification information to the vehicle key management device, wherein the second verification information is a pair of the first information and the second information using the first ECU key Information generated after encryption.
在一种可能的设计中,所述通信模块还用于从所述车辆密钥管理设备接收第三验证信息。In a possible design, the communication module is further configured to receive third verification information from the vehicle key management device.
在一种可能的设计中,所述设备还包括:第三验证信息获取模块,用于利用第一ECU密钥对第三验证信息进行解密操作,获取解密后的第三验证信息。In a possible design, the device further includes: a third verification information obtaining module, configured to perform a decryption operation on the third verification information by using the first ECU key to obtain the decrypted third verification information.
在一种可能的设计中,所述设备还包括:更新模块,用于在确定解密后的第三验证信息包括第二信息的情况下,将第一ECU密钥更新为解密后的第三验证信息内包括的第二ECU密钥。In a possible design, the device further includes: an update module configured to update the first ECU key to the decrypted third verification information under the condition that it is determined that the decrypted third verification information includes the second information The second ECU key included in the message.
附图说明Description of drawings
包含在说明书中并且构成说明书的一部分的附图与说明书一起示出了本申请的示例性实施例、特征和方面,并且用于解释本申请的原理。The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate exemplary embodiments, features and aspects of the application and together with the description, serve to explain the principles of the application.
图1示出根据本申请一实施例的车辆密钥管理系统的示图;FIG. 1 shows a diagram of a vehicle key management system according to an embodiment of the present application;
图2示出根据本申请一实施例的车辆密钥管理系统的操作示图;FIG. 2 shows an operation diagram of a vehicle key management system according to an embodiment of the present application;
图3示出根据本申请一实施例的车辆密钥管理系统的步骤流程图;FIG. 3 shows a flow chart of steps of a vehicle key management system according to an embodiment of the present application;
图4示出根据本申请一实施例的车辆属性结构400的示图;FIG. 4 shows a diagram of a vehicle attribute structure 400 according to an embodiment of the present application;
图5示出根据本申请一实施例的车辆属性结构500的示图;FIG. 5 shows a diagram of a vehicle attribute structure 500 according to an embodiment of the present application;
图6示出根据本申请一实施例的生成车辆密钥的示图;FIG. 6 shows a diagram of generating a vehicle key according to an embodiment of the present application;
图7示出根据本申请一实施例的生成主密钥的示图;FIG. 7 shows a diagram of generating a master key according to an embodiment of the present application;
图8示出根据本申请一实施例的生成ECU密钥的示图;FIG. 8 shows a diagram of generating an ECU key according to an embodiment of the present application;
图9示出根据本申请一实施例的更新ECU密钥的流程图;FIG. 9 shows a flowchart of updating an ECU key according to an embodiment of the present application;
图10示出根据本申请一实施例的电子设备的示图。FIG. 10 shows a diagram of an electronic device according to an embodiment of the present application.
具体实施方式Detailed ways
以下将参考附图详细说明本申请的各种示例性实施例、特征和方面。附图中相同的附图标记表示功能相同或相似的元件。尽管在附图中示出了实施例的各种方面,但是除非特别指出,不必按比例绘制附图。Various exemplary embodiments, features and aspects of the present application will be described in detail below with reference to the accompanying drawings. The same reference numbers in the figures denote elements that have the same or similar functions. While various aspects of the embodiments are shown in the drawings, the drawings are not necessarily drawn to scale unless otherwise indicated.
在本申请实施例中,“/”可以表示前后关联的对象是一种“或”的关系,例如,A/B可以表示A或B;“和/或”可以用于描述关联对象存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况,其中A,B可以是单数或者复数。为了便于描述本申请实施例的技术方案,在本申请实施例中,可以采用“第一”、“第二”等字样对功能相同或相似的技术特征进行区分。该“第一”、“第二”等字样并不对数量和执行次序进行限定,并且“第一”、“第二”等字样也并不限定一定不同。在本申请实施例中,“示例性的”或者“例如”等词用于表示例子、例证或说明,被描述为“示例性的”或者“例如”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。使用“示例性的”或者“例如”等词旨在以具体方式呈现相关概念,便于理解。In this embodiment of the present application, "/" may indicate that the objects associated before and after are an "or" relationship, for example, A/B may indicate A or B; "and/or" may be used to describe that there are three types of associated objects A relationship, for example, A and/or B, can mean that A exists alone, A and B exist at the same time, and B exists alone, where A and B can be singular or plural. In order to facilitate the description of the technical solutions of the embodiments of the present application, in the embodiments of the present application, words such as "first" and "second" may be used to distinguish technical features with the same or similar functions. The words "first", "second" and the like do not limit the quantity and execution order, and the words "first", "second" and the like do not limit the difference. In the embodiments of the present application, words such as "exemplary" or "for example" are used to represent examples, illustrations or illustrations, and any embodiment or design solution described as "exemplary" or "for example" should not be construed are preferred or advantageous over other embodiments or designs. The use of words such as "exemplary" or "such as" is intended to present the relevant concepts in a specific manner to facilitate understanding.
另外,为了更好的说明本申请,在下文的具体实施方式中给出了众多的具体细节。本领域技术人员应当理解,没有某些具体细节,本申请同样可以实施。在一些实例中,对于本领域技术人员熟知的方法、手段、元件和电路未作详细描述,以便于凸显本申请的主旨。In addition, in order to better illustrate the present application, numerous specific details are given in the following detailed description. It should be understood by those skilled in the art that the present application may be practiced without certain specific details. In some instances, methods, means, components and circuits well known to those skilled in the art have not been described in detail so as not to obscure the subject matter of the present application.
在车联网领域,车辆密钥应用于车辆内部以及车辆外部,其中,应用于车辆内部可包括应用于车内的单个电子控制单元(Electronic Control Unit,ECU)和/或车内的多个ECU。在应用于单个ECU内时,所述车辆密钥可应用于安全启动ECU、刷写ECU(又称数据灌装)、保护配置文件、保护软/硬件IP等,在应用于多个ECU(ECU间)时,所述车辆密钥可应用于多个ECU之间的身份认证、安全通信等。In the field of Internet of Vehicles, the vehicle key is applied inside the vehicle and outside the vehicle, wherein the application inside the vehicle may include a single electronic control unit (Electronic Control Unit, ECU) applied in the vehicle and/or multiple ECUs in the vehicle. When applied to a single ECU, the vehicle key can be applied to safely start the ECU, flash the ECU (also known as data filling), protect configuration files, protect software/hardware IP, etc. time), the vehicle key can be applied to identity authentication, secure communication, etc. between multiple ECUs.
所述车辆密钥还可应用于车辆外部。在所述车辆密钥应用于车辆外部可包括应用于车辆的身份认证、访问控制以及与外部设备(例如,其它车辆)执行各种通信(包括而不限于无线通信、有线通信、API接口访问、V2X通信、人机交互等)以及远程服务,例如,远程控制和命令、订阅收费服务等。The vehicle key can also be applied outside the vehicle. The application of the vehicle key to the outside of the vehicle may include identity authentication applied to the vehicle, access control, and performing various communications with external devices (eg, other vehicles) (including but not limited to wireless communications, wired communications, API interface access, V2X communication, human-computer interaction, etc.) and remote services, such as remote control and commands, subscription fee-based services, etc.
在实施中,原始设备制造商(original equipment manufacturer,OEM)密钥管理系统(key management system,KMS)可以是由多个计算设备按照预设方式(例如,分布式)组合的系统。作为示例,OEM KMS可指示品牌产品制造部件甚至整个设备的公司,对于车辆来来说,OEM KMS可指示车辆品牌的原始设备制造商。在实施中,OEM KMS可按照已有的密钥生成方式为各个车辆生成并分发车辆密钥。In an implementation, an original equipment manufacturer (OEM) key management system (KMS) may be a system composed of multiple computing devices in a preset manner (eg, distributed). As an example, an OEM KMS may indicate a company that manufactures parts or even entire equipment for a branded product, and in the case of a vehicle, an OEM KMS may indicate the original equipment manufacturer of the vehicle brand. In implementation, the OEM KMS can generate and distribute vehicle keys for individual vehicles according to the existing key generation methods.
针对OEM KMS负责的车辆,OEM KMS可为每个车型生成并分发对应的车辆密钥。此外,OEM KMS可对不同的车型生成相同或不同的车辆密钥,例如,OEM KMS可向属于同一车型的各个车辆分配相同的车辆密钥。For vehicles for which the OEM KMS is responsible, the OEM KMS can generate and distribute the corresponding vehicle key for each model. In addition, the OEM KMS can generate the same or different vehicle keys for different car models, for example, the OEM KMS can assign the same vehicle key to each vehicle belonging to the same model.
在实施中,OEM KMS可统一管理车辆密钥,包括车辆密钥的生成、分发、更新和/或取消(作废),作为示例,OEM KMS可在已生成车辆密钥的情况下,向生产车 辆的各个部件的工厂、负责车辆维修以及保养的汽车销售服务店铺以及向车辆相关的供应商产线的工厂分发车辆密钥,由此可以看出,OEM KMS需要管理大量的车辆密钥,因此需要较为复杂的硬件支撑。In implementation, the OEM KMS can centrally manage the vehicle keys, including the generation, distribution, update and/or cancellation (obsolete) of the vehicle keys. As an example, the OEM KMS can provide the production vehicle It can be seen that OEM KMS needs to manage a large number of vehicle keys, so it needs to More complex hardware support.
此外,现有的车辆密钥管理系统是以车辆为单位的,也就是说,一辆车辆确定并使用一个车辆密钥,这使得车辆内的各个ECU共用同一车辆密钥,一旦某一ECU所使用的车辆密钥被破解后,整车的车辆密钥即可获得,安全性相对较低,不利于拓展新的安全业务。In addition, the existing vehicle key management system is based on a vehicle, that is to say, a vehicle determines and uses a vehicle key, which makes each ECU in the vehicle share the same vehicle key. After the used vehicle key is cracked, the vehicle key of the entire vehicle can be obtained, and the security is relatively low, which is not conducive to the expansion of new security services.
为了解决上述技术问题,本申请提供了一种新的车辆密钥管理系统。以下将参照图1至图7对此进行详细描述。如图1所示,车辆密钥管理系统可包括车外KMS 100以及车辆KMS 101和KMS 102,车外KMS 101指示车辆外部的OEM KMS,也就是说,为了协助车辆生成对应的车辆密钥的外部设备被称作车外KMS 100,在实施中,还可被称作外部KMS等。车外KMS 100、车辆KMS 101或车辆KMS 102中的任一设备均指示生成并管理车辆密钥的设备,其可以指示单个硬件设备,也可以指示为了实现以上功能的硬件集群,还可以是芯片系统。在本申请实施例中,芯片系统可以由芯片构成,也可以包含芯片和其他分立器件。车辆KMS则是每个车辆为了生成自身的车辆密钥的内部设备。如图1所示,车辆110对应车辆KMS 101,车辆120对应车辆KMS 102。In order to solve the above technical problems, the present application provides a new vehicle key management system. This will be described in detail below with reference to FIGS. 1 to 7 . As shown in FIG. 1, the vehicle key management system may include an off-vehicle KMS 100 and vehicle KMS 101 and KMS 102. The off-vehicle KMS 101 indicates an OEM KMS outside the vehicle, that is, in order to assist the vehicle in generating the corresponding vehicle key The external device is referred to as the off-vehicle KMS 100, and in implementation, it may also be referred to as an external KMS or the like. Any one of the off-vehicle KMS 100, the vehicle KMS 101, or the vehicle KMS 102 indicates a device that generates and manages vehicle keys, which can indicate a single hardware device, or a hardware cluster for realizing the above functions, or a chip system. In the embodiments of the present application, the chip system may be composed of chips, or may include chips and other discrete devices. Vehicle KMS is an internal device for each vehicle to generate its own vehicle key. As shown in FIG. 1 , the vehicle 110 corresponds to the vehicle KMS 101 , and the vehicle 120 corresponds to the vehicle KMS 102 .
作为示例,图1中的车辆密钥管理系统仅包括两辆车辆110和120,并且每个车辆内部包括对应的车辆KMS 101和102。但在实施中,所述密钥管理系统可对应于更多的车辆,也就是说,OEM KMS 100可与更多的车辆KMS配合,为更多的车辆提供车辆密钥。As an example, the vehicle key management system in FIG. 1 includes only two vehicles 110 and 120 , and each vehicle includes corresponding vehicle KMSs 101 and 102 inside. However, in implementation, the key management system may correspond to more vehicles, that is, the OEM KMS 100 may cooperate with more vehicle KMSs to provide vehicle keys for more vehicles.
在实施中,车外KMS 100可对应于包括车辆KMS 101和KMS 102的多个车辆KMS,也就是说,车外KMS 101可向多个KMS(不限于KMS 101和KMS 102)提供车辆密钥。In an implementation, the off-board KMS 100 may correspond to multiple vehicle KMSs including the vehicle KMS 101 and KMS 102, that is, the off-board KMS 101 may provide vehicle keys to multiple KMSs (not limited to KMS 101 and KMS 102) .
如图2所示,车外KMS可指示OEM KMS,车辆KMS 210与车辆KMS 220可分别对应于不同的车辆。为了减轻OEM KMS 200的负担,OEM KMS 200可先将车辆按照车辆属性进行分层,获取车辆属性结构,然后利用车辆属性结构确定车辆密钥结构。在已确定车辆密钥结构的情况下,利用上层的父密钥确定当前层级的子密钥,然后将当前层级的子密钥用于生成下一层级的的父密钥,即,通过逐层生成的方式,为每个车辆生成对应的车辆密钥,所述车辆属性结构与所述车辆密钥结构以下将参照图4和图5进行详细描述。As shown in FIG. 2 , the off-vehicle KMS may indicate the OEM KMS, and the vehicle KMS 210 and the vehicle KMS 220 may respectively correspond to different vehicles. In order to reduce the burden of the OEM KMS 200, the OEM KMS 200 can firstly stratify vehicles according to vehicle attributes, obtain the vehicle attribute structure, and then use the vehicle attribute structure to determine the vehicle key structure. When the vehicle key structure has been determined, use the parent key of the upper level to determine the child key of the current level, and then use the child key of the current level to generate the parent key of the next level, that is, by layer by layer The generation method is to generate a corresponding vehicle key for each vehicle, and the vehicle attribute structure and the vehicle key structure will be described in detail below with reference to FIG. 4 and FIG. 5 .
在此基础上,为了保证每个车辆的车辆密钥的独特性,可让车辆KMS 210或车辆KMS 220参与进来,也就是说,由OEM KMS 200和车辆KMS 210或车辆KMS 220共同生成车辆的主密钥。如图2所示,OEM KMS 200在生成每个车辆的车辆密钥后,可将各个车辆密钥发送到车辆的车辆KMS(如图2中的KMS 210与KMS 220)。随后,车辆KMS 210和/或车辆KMS 220分别根据获取的车辆密钥生成各自车辆的主密钥,由此实现一车一密。更进一步地,可由车辆KMS 210和/或车辆KMS 220,利用各自的主密钥生成车内各个ECU的ECU密钥(例如,ECU 211、ECU 221),向车内的各个ECU 211或ECU 221分配并更新对应的ECU密钥,由此实现一部一密。On this basis, in order to ensure the uniqueness of the vehicle key of each vehicle, the vehicle KMS 210 or the vehicle KMS 220 can be involved, that is, the vehicle's KMS 200 and the vehicle KMS 210 or the vehicle KMS 220 jointly generate the vehicle's KMS 200. master key. As shown in FIG. 2 , after generating the vehicle key of each vehicle, the OEM KMS 200 can send each vehicle key to the vehicle KMS of the vehicle (KMS 210 and KMS 220 in FIG. 2 ). Subsequently, the vehicle KMS 210 and/or the vehicle KMS 220 respectively generate the master key of the respective vehicle according to the obtained vehicle key, thereby realizing one key per vehicle. Further, the vehicle KMS 210 and/or the vehicle KMS 220 can use the respective master keys to generate the ECU keys of each ECU in the vehicle (for example, ECU 211, ECU 221), and send each ECU 211 or ECU 221 in the vehicle to each ECU 211 or ECU 221. Distribute and update the corresponding ECU key, thereby realizing one key.
为了便于理解,以下将参照图3对车外KMS与车辆KMS配合生成车辆的主密钥以及利用该主密钥生成各个ECU密钥的实施例进行详细描述。图3的描述是从单个车辆的角度去描述的,也就是说,站个单个车辆的角度上描述生成该车辆的车辆密钥的实施例。因此,图3中示出的车外KMS 301指示在该车辆外的KMS。在实施中,车外KMS 301可以是OEM KMS,也就是说,管理所有车辆的车辆密钥的车辆密钥管理系统。此外,车外KMS 301还可以是中间加工厂,例如,车外KMS 301可以是负责生成车辆密钥之前的加工厂的计算节点。For ease of understanding, an embodiment in which the external KMS and the vehicle KMS cooperate to generate the master key of the vehicle and use the master key to generate each ECU key will be described in detail below with reference to FIG. 3 . The description of FIG. 3 is described from the perspective of a single vehicle, that is, the embodiment of generating the vehicle key of the vehicle is described from the perspective of a single vehicle. Therefore, the off-vehicle KMS 301 shown in FIG. 3 indicates a KMS outside the vehicle. In an implementation, the off-board KMS 301 may be an OEM KMS, that is, a vehicle key management system that manages vehicle keys for all vehicles. In addition, the off-vehicle KMS 301 may also be an intermediate processing plant, for example, the off-vehicle KMS 301 may be a computing node of the processing plant responsible for generating the vehicle key.
车辆KMS 302是指车辆内部的车辆KMS,以下将用车辆KMS 302进行描述。在实施中,车外KMS 301还可与除车辆KMS 302外的车辆KMS配合,为更多的车辆生成更多的车辆密钥,在此将不再讨论。The vehicle KMS 302 refers to the vehicle KMS inside the vehicle, which will be described below with the vehicle KMS 302 . In implementation, the off-vehicle KMS 301 may also cooperate with the vehicle KMS other than the vehicle KMS 302 to generate more vehicle keys for more vehicles, which will not be discussed here.
在步骤S310,车外KMS 301可利用车辆属性结构确定车辆密钥结构,其中,所述车辆属性结构是指利用车辆的车辆属性对车辆进行分层后生成的结构图。在实施中,所述车辆属性结构可以是树形结构。In step S310, the off-vehicle KMS 301 may determine the vehicle key structure by using the vehicle attribute structure, wherein the vehicle attribute structure refers to a structure diagram generated by layering the vehicle by using the vehicle attribute of the vehicle. In an implementation, the vehicle attribute structure may be a tree structure.
在以下描述中,将在所述车辆属性结构为树形结构的设定下进行描述,但在实施中,所述车辆属性结构还可采用可对车辆进行分层的其它结构。如图4所示的车辆属性结构400是具有分层数据的抽象结构,该车辆属性结构400中的每个元素可称作车辆属性节点,例如,车辆属性节点411、车辆属性节点421、车辆属性节点431等。为了便于描述,可根据这些节点的位置信息对它们单独命名,例如,车辆属性节点411位于车辆属性结构400的顶部,可被称作根车辆属性节点,车辆属性节点431位于车辆属性结构400的底部,可被称作叶子车辆属性节点,车辆属性节点411位于车辆属性节点421的上层,可被称作车辆属性节点421的父级属性节点,同时,车辆属性节点421可被称作车辆属性节点411的子级属性节点。这些节点的位置取决于车辆属性的归属关系,此外,在该车辆属性结构400中,任意两个节点有且仅有唯一的一条路径连接,例如,车辆属性节点411到车辆属性节点431有且仅有一条路径,即车辆属性节点411经过车辆属性节点421至车辆属性节点431的路径。In the following description, the description will be made under the assumption that the vehicle attribute structure is a tree structure, but in practice, the vehicle attribute structure may also adopt other structures that can layer vehicles. The vehicle attribute structure 400 shown in FIG. 4 is an abstract structure with hierarchical data, and each element in the vehicle attribute structure 400 may be referred to as a vehicle attribute node, for example, a vehicle attribute node 411, a vehicle attribute node 421, a vehicle attribute Node 431 etc. For ease of description, these nodes may be named individually according to their location information, for example, the vehicle attribute node 411 is located at the top of the vehicle attribute structure 400 and may be referred to as the root vehicle attribute node, and the vehicle attribute node 431 is located at the bottom of the vehicle attribute structure 400 , can be called a leaf vehicle attribute node, the vehicle attribute node 411 is located in the upper layer of the vehicle attribute node 421, and can be called the parent attribute node of the vehicle attribute node 421, meanwhile, the vehicle attribute node 421 can be called the vehicle attribute node 411 The child property node of . The positions of these nodes depend on the attribution relationship of vehicle attributes. In addition, in the vehicle attribute structure 400, any two nodes are connected by only one path, for example, the vehicle attribute node 411 to the vehicle attribute node 431 has and only There is a path, that is, the path from the vehicle attribute node 411 to the vehicle attribute node 431 through the vehicle attribute node 421 .
如图4所示,在所述车辆属性结构中存在多个父子关系的节点,这些节点是父子关系是利用所述车辆属性所确定的,因此,可将确定为父级属性节点的车辆属性称作父级属性,并将确定为子级属性节点的车辆属性称作子级属性。例如,1.4升排量的车辆是小排量车辆的子级属性,而小排量汽车是1.4升排量的车辆的父级属性。简言之,所述车辆属性结构包括作为父级属性节点的父级属性以及子级属性节点的子级属性。As shown in FIG. 4 , there are multiple nodes with parent-child relationship in the vehicle attribute structure, and these nodes are the parent-child relationship determined by using the vehicle attribute. Therefore, the vehicle attribute determined as the parent attribute node can be called As the parent attribute, and the vehicle attribute determined as the child attribute node is called the child attribute. For example, a 1.4-liter vehicle is a child of a small vehicle, and a small car is a parent of a 1.4-liter vehicle. In short, the vehicle attribute structure includes parent attributes as parent attribute nodes and child attributes as child attribute nodes.
所述根节点411可指示OEM KMS,该OEM KMS可以是某个车辆品牌的车辆制造商所使用的密钥管理系统。在实施中,OEM KMS可将其管理的车辆按照车辆属性划分为图4中所示的车辆属性结构,例如,在所述OEM KMS为车辆制造商的情况下,可将该品牌的所有车辆按照车辆属性划分为图4所示的车辆属性结构。所述车辆属性可包括车型、车系、动力系统、颜色和/或车辆结构。在实施中,可利用所述车辆属性中的一种或多种的组合,生成如图4所示的车辆属性结构。The root node 411 may indicate an OEM KMS, which may be a key management system used by a vehicle manufacturer of a certain vehicle brand. In implementation, the OEM KMS can divide the vehicles it manages into the vehicle attribute structure shown in FIG. 4 according to the vehicle attributes. For example, if the OEM KMS is a vehicle The vehicle attributes are divided into the vehicle attribute structure shown in FIG. 4 . The vehicle attributes may include vehicle model, vehicle family, powertrain, color, and/or vehicle configuration. In an implementation, a combination of one or more of the vehicle attributes may be used to generate a vehicle attribute structure as shown in FIG. 4 .
作为另一示例,可将车辆按照车型划分为微型车、小型车、紧凑车型、中型车、中大型车、大型车。这些车型可分别对应于图4中的父级属性节点421、父级属性节点422直至父级属性节点42m。最后,根据每个车辆所属的车型,各个车辆对应于各 个子级属性节点431至子级属性节点43n。例如,某个车辆可对应于子级属性节点431。As another example, vehicles may be classified into miniature cars, small cars, compact cars, mid-sized cars, medium-sized cars, and large-sized cars according to their vehicle types. These vehicle models may correspond to the parent attribute node 421, the parent attribute node 422, and the parent attribute node 42m in FIG. 4, respectively. Finally, each vehicle corresponds to each sub-level attribute node 431 to sub-level attribute node 43n according to the vehicle type to which each vehicle belongs. For example, a certain vehicle may correspond to child attribute node 431 .
如图5所示,对应于车辆属性结构400,可生成车辆密钥结构500。该车辆密钥结构500中的每个元素可称作车辆密钥节点,例如,车辆密钥节点511、车辆密钥节点521、车辆密钥节点531等。在所述车辆密钥结构500中与车辆属性结构400相同的位置上的车辆密钥与车辆属性是对应的。例如,在车辆属性节点431上的车辆具备在车辆密钥节点531上的车辆密钥。As shown in FIG. 5, corresponding to the vehicle attribute structure 400, a vehicle key structure 500 may be generated. Each element in the vehicle key structure 500 may be referred to as a vehicle key node, eg, vehicle key node 511, vehicle key node 521, vehicle key node 531, and the like. Vehicle keys in the vehicle key structure 500 at the same position as the vehicle attribute structure 400 correspond to vehicle attributes. For example, the vehicle on the vehicle attribute node 431 has the vehicle key on the vehicle key node 531 .
在车辆密钥结构500中,每个车辆密钥节点均与父级节点的父密钥相关,也就是说,利用父密钥可生成下一层级的车辆密钥节点。作为示例,如图5所示,可根据根密钥511生成父密钥521,并根据父密钥521生成子密钥531。应注意,每个车辆属性节点可对应一辆或多辆车辆的车辆属性,因此,每个车辆密钥节点也可对应一辆或多辆车辆的车辆密钥,本申请对此不限制。In the vehicle key structure 500, each vehicle key node is associated with the parent key of the parent node, that is, the next level of vehicle key nodes can be generated using the parent key. As an example, as shown in FIG. 5 , a parent key 521 may be generated from the root key 511 , and a child key 531 may be generated from the parent key 521 . It should be noted that each vehicle attribute node may correspond to vehicle attributes of one or more vehicles, therefore, each vehicle key node may also correspond to vehicle keys of one or more vehicles, which is not limited in this application.
在车外KMS 301对应于OEM KMS的情况下,可执行步骤S310,确定车辆属性结构。然后,利用所述车辆属性结构确定对应的车辆密钥结构。当车外KMS 301不对应OEM KMS时,例如,所述车外KMS 301对应于中间制造商的KMS时,所述车外KMS 301可执行步骤S320,也就是说,车外KMS 301利用所述车辆属性节点,获取与所述车辆对应的父密钥。In the case that the off-vehicle KMS 301 corresponds to the OEM KMS, step S310 can be executed to determine the vehicle attribute structure. Then, a corresponding vehicle key structure is determined using the vehicle attribute structure. When the off-board KMS 301 does not correspond to the OEM KMS, for example, when the off-board KMS 301 corresponds to an intermediate manufacturer's KMS, the off-board KMS 301 may perform step S320, that is, the off-board KMS 301 uses the The vehicle attribute node obtains the parent key corresponding to the vehicle.
在实施中,车外KMS 301可从它的父级属性节点的KMS获取父密钥。在实施中,车外KMS 301可确定所述车辆属性节点在所述车辆属性结构中的节点位置。随后,利用所述节点位置,确定所述车辆在所述车辆密钥结构中的车辆密钥节点;获取所述车辆密钥节点的父密钥。In an implementation, the off-board KMS 301 may obtain the parent key from the KMS of its parent attribute node. In an implementation, the off-vehicle KMS 301 may determine the node position of the vehicle attribute node in the vehicle attribute structure. Then, using the node location, the vehicle key node of the vehicle in the vehicle key structure is determined; the parent key of the vehicle key node is obtained.
作为示例,车外KMS 301可确定所述车辆属性节点431在车辆属性结构中的节点位置。然后,根据该节点位置,确定所述车辆在车辆属性结构500中的车辆密钥节点531。此时,为了获取车辆密钥节点531对应的车辆密钥,则需要获取该车辆密钥节点531的父密钥521。As an example, the off-vehicle KMS 301 may determine the node position of the vehicle attribute node 431 in the vehicle attribute structure. Then, according to the node position, the vehicle key node 531 of the vehicle in the vehicle attribute structure 500 is determined. At this time, in order to obtain the vehicle key corresponding to the vehicle key node 531, the parent key 521 of the vehicle key node 531 needs to be obtained.
在步骤S330,车外KMS 301利用所述父密钥以及所述车辆属性节点对应的车辆属性信息,生成所述车辆的车辆密钥。在实施中,车外KMS 301为了能够体现车辆在属性层级的独特性,可利用所述父密钥与车辆在当前层级的车辆属性(即,车辆属性节点对应的车辆属性),生成针对所述车辆的车辆密钥。In step S330, the off-vehicle KMS 301 uses the parent key and the vehicle attribute information corresponding to the vehicle attribute node to generate the vehicle key of the vehicle. In implementation, in order to reflect the uniqueness of the vehicle at the attribute level, the off-vehicle KMS 301 may use the parent key and the vehicle attribute of the vehicle at the current level (ie, the vehicle attribute corresponding to the The vehicle key for the vehicle.
以下将参照图6具体描述根据本申请一实施例的生成车辆密钥的示图。如图6所示,可利用获取的父密钥以及车辆在当前层级的车辆属性来生成车辆密钥。作为示例,可利用车辆属性以及父密钥生成二元组,例如,(车辆属性,父密钥)或者(父密钥,车辆属性),在生成二元组的过程中,所述方法可预先设置该二元组中每个元素的位置。A diagram of generating a vehicle key according to an embodiment of the present application will be specifically described below with reference to FIG. 6 . As shown in FIG. 6 , the vehicle key can be generated using the acquired parent key and the vehicle attributes of the vehicle at the current level. As an example, a two-tuple may be generated using vehicle attributes and a parent key, for example, (vehicle attribute, parent key) or (parent key, vehicle attribute). In the process of generating the two-tuple, the method may pre- Sets the position of each element in this 2-tuple.
随后,利用密钥生成算法对该二元组执行加密,生成车辆密钥。在实施中,可预先设置所输出的车辆密钥的密钥长度以及所输出的密钥格式,例如,可确定所述密钥格式为“Sub Root Key:”,并且确定输出的车辆密钥的密钥为32位字符串。此外,所述密钥生成算法可以是相关技术中常见的密钥生成算法,例如,所述密钥生成算法可以是数据加密标准(Data Encryption Standard,DES)算法、RSA算法等。Then, encryption is performed on the two-tuple using a key generation algorithm to generate a vehicle key. In implementation, the key length of the output vehicle key and the output key format can be preset, for example, the key format can be determined as "Sub Root Key:", and the output vehicle key can be determined. The key is a 32-bit string. In addition, the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
作为示例,为了后续更新操作,可如图6所示,可让密钥版本信息参与生成所述 车辆密钥。也就是说,可利用密钥版本信息、车辆属性以及父密钥生成对应的三元组(密钥版本信息、车辆属性、父密钥)。应注意,所述三元组内的每个元素的顺序可按照预先设定的顺序。最后,利用所述密钥生成算法对该三元组进行加密,生成车辆密钥。As an example, for the subsequent update operation, as shown in FIG. 6, the key version information may be involved in generating the vehicle key. That is, a corresponding triplet (key version information, vehicle attribute, parent key) can be generated using the key version information, the vehicle attribute, and the parent key. It should be noted that the order of each element within the triplet may be in a predetermined order. Finally, the triplet is encrypted using the key generation algorithm to generate a vehicle key.
在实施中,若车外KMS 301所对应的节点还具有子级属性节点,则将车外KMS 301生成的车辆密钥作为父密钥,利用子级属性节点的车辆属性以及该父密钥按照图6所示的方式,生成针对子级属性节点的车辆密钥,直至车外KMS 301对应的节点为叶子级属性节点。In implementation, if the node corresponding to the off-vehicle KMS 301 also has a child attribute node, the vehicle key generated by the off-vehicle KMS 301 is used as the parent key, and the vehicle attribute of the child attribute node and the parent key are used according to In the manner shown in FIG. 6 , the vehicle key for the child-level attribute node is generated until the node corresponding to the KMS 301 outside the vehicle is the leaf-level attribute node.
在步骤S340,将所述车辆密钥发送到车辆KMS 302。In step S340, the vehicle key is sent to the vehicle KMS 302.
车辆KMS 302在接收到该车辆密钥后,在步骤S350,利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。以下将参照图7示例性地说明生成所述主密钥的过程。After receiving the vehicle key, the vehicle KMS 302 uses the vehicle key to generate a master key uniquely corresponding to the vehicle in step S350. The process of generating the master key will be exemplarily explained below with reference to FIG. 7 .
为了生成与所述车辆对应的主密钥,在获取到所述车辆密钥后,可结合所述车辆的标识信息共同生成所述车辆的主密钥。也就是说,所述主密钥至少与所述车辆的标识信息相关。所述标识信息是指可以唯一识别出车辆的信息。在实施中,所述标识信息可以是制造商在制造该车辆过程中分配给该车辆的唯一标识,作为示例,所述标识信息还可包括且不限于车辆标识码(Vehicle Identification Number,VIN),相当于所述车辆的“身份证”。In order to generate the master key corresponding to the vehicle, after the vehicle key is obtained, the master key of the vehicle may be jointly generated in combination with the identification information of the vehicle. That is, the master key is at least related to the identification information of the vehicle. The identification information refers to information that can uniquely identify the vehicle. In implementation, the identification information may be a unique identification assigned to the vehicle by the manufacturer during the manufacture of the vehicle. As an example, the identification information may also include but is not limited to a vehicle identification number (Vehicle Identification Number, VIN), Equivalent to the "identity card" of the vehicle in question.
如图7所示,可利用获取的车辆密钥以及该车辆的标识信息来生成主密钥。作为示例,可利用标识信息以及车辆密钥生成二元组,例如,(标识信息,车辆密钥)或者(车辆密钥,标识信息),在生成二元组的过程中,所述方法可预先设置该二元组中每个元素的位置。As shown in FIG. 7 , the master key can be generated using the acquired vehicle key and identification information of the vehicle. As an example, the identification information and the vehicle key may be used to generate a two-tuple, for example, (identification information, vehicle key) or (vehicle key, identification information), and in the process of generating the two-tuple, the method may pre- Sets the position of each element in this 2-tuple.
随后,利用密钥生成算法对该二元组执行加密,生成主密钥。在实施中,可预先设置所输出的主密钥的密钥长度以及所输出的密钥格式,例如,可确定所述密钥格式为“MasterKey:”,并且确定输出的主密钥的密钥为32位字符串。此外,所述密钥生成算法可以是相关技术中常见的密钥生成算法,例如,所述密钥生成算法可以是数据加密标准(Data Encryption Standard,DES)算法、RSA算法等。Then, encryption is performed on the two-tuple using a key generation algorithm to generate a master key. In implementation, the key length of the output master key and the output key format can be preset, for example, the key format can be determined to be "MasterKey:", and the key of the output master key can be determined is a 32-bit string. In addition, the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
作为示例,为了后续更新操作,可如图7所示,可让密钥版本信息参与生成所述主密钥。也就是说,可利用密钥版本信息、标识信息以及车辆密钥生成对应的三元组(密钥版本信息、标识信息、车辆密钥),应注意,所述三元组内的每个元素的顺序可按照预先设定的顺序。最后,利用所述密钥生成算法对该三元组进行加密,生成主密钥。As an example, for the subsequent update operation, as shown in FIG. 7 , the key version information may be involved in generating the master key. That is to say, a corresponding triple (key version information, identification information, vehicle key) can be generated by using the key version information, the identification information and the vehicle key. It should be noted that each element in the triple The order can follow the preset order. Finally, the triplet is encrypted using the key generation algorithm to generate a master key.
综上可述,车辆KMS 302与车外KMS 301共同生成车辆的主密钥,从而减轻了仅采用车位密钥管理设备的设备压力。更进一步地,在利用所述车外KMS 301与车辆KMS 302生成针对多辆车辆的车辆密钥的情况下,车辆KMS 302利用车辆密钥管理设备根据该车辆密钥生成针对车辆唯一的主密钥,从而在减轻车外密钥管理设备的压力的情况下保证了主密钥的唯一性并提高了安全性。To sum up, the vehicle KMS 302 and the off-vehicle KMS 301 jointly generate the master key of the vehicle, thereby reducing the device pressure of using only the parking key management device. Further, in the case of using the off-vehicle KMS 301 and the vehicle KMS 302 to generate vehicle keys for multiple vehicles, the vehicle KMS 302 uses the vehicle key management device to generate a unique master key for the vehicle according to the vehicle key. This ensures the uniqueness of the master key and improves security while reducing the pressure on off-vehicle key management devices.
在已生成车辆的主密钥的情况下,车辆KMS 302还可执行步骤S360,利用主密钥,确定ECU的ECU密钥。以下将参照图8示例性地说明生成ECU的ECU密钥的过程。In the case that the master key of the vehicle has been generated, the vehicle KMS 302 may also perform step S360, and use the master key to determine the ECU key of the ECU. The process of generating the ECU key of the ECU will be exemplarily explained below with reference to FIG. 8 .
在车辆内部包括多个ECU,例如,所述车辆内部包括远程信息处理器(telematics box)、无钥匙进入及启动(passive entry passive start,PEPS)等,为了提高安全性,可为各个ECU分配不同的ECU密钥。Multiple ECUs are included inside the vehicle, for example, the vehicle interior includes telematics box, keyless entry and start (passive entry passive start, PEPS), etc. In order to improve security, different ECUs can be assigned different ECU key.
如图8所示,针对单个ECU,车辆KMS 302可利用主密钥以及该ECU的标识信息来生成ECU密钥,其中,该ECU的标识信息是该ECU在出厂前为其设置的唯一标识信息。As shown in FIG. 8 , for a single ECU, the vehicle KMS 302 can use the master key and the identification information of the ECU to generate the ECU key, wherein the identification information of the ECU is the unique identification information set for the ECU before leaving the factory .
作为示例,可利用该ECU的标识信息以及主密钥生成二元组,例如,(ECU的标识信息,主密钥)或者(主密钥,ECU的标识信息),在生成二元组的过程中,所述方法可预先设置该二元组中每个元素的位置。As an example, the identification information of the ECU and the master key can be used to generate a two-tuple, for example, (the identification information of the ECU, the master key) or (the master key, the identification information of the ECU), in the process of generating the two-tuple , the method can preset the position of each element in the binary.
随后,利用密钥生成算法对该二元组执行加密,生成主密钥。在实施中,可预先设置所输出的ECU密钥的密钥长度以及所输出的密钥格式,例如,可确定所述密钥格式为“ECUKey:”,并且确定输出的ECU密钥的密钥为32位字符串。此外,所述密钥生成算法可以是相关技术中常见的密钥生成算法,例如,所述密钥生成算法可以是数据加密标准(Data Encryption Standard,DES)算法、RSA算法等。Then, encryption is performed on the two-tuple using a key generation algorithm to generate a master key. In implementation, the key length of the output ECU key and the output key format can be preset, for example, the key format can be determined to be "ECUKey:", and the key of the output ECU key can be determined is a 32-bit string. In addition, the key generation algorithm may be a common key generation algorithm in the related art, for example, the key generation algorithm may be a Data Encryption Standard (Data Encryption Standard, DES) algorithm, an RSA algorithm, and the like.
作为示例,为了后续更新操作,可如图8所示,可让密钥版本信息参与生成所述ECU密钥。也就是说,可利用密钥版本信息、标识信息以及车辆密钥生成对应的三元组(密钥版本信息、ECU的标识信息、主密钥),应注意,所述三元组内的每个元素的顺序可按照预先设定的顺序。最后,利用所述密钥生成算法对该三元组进行加密,生成ECU密钥。As an example, for the subsequent update operation, as shown in FIG. 8 , the key version information can be involved in generating the ECU key. That is to say, the corresponding triplet (key version information, ECU identification information, master key) can be generated by using the key version information, the identification information and the vehicle key. It should be noted that each The order of the elements can be in a preset order. Finally, the triplet is encrypted using the key generation algorithm to generate an ECU key.
最后,在步骤S370,车辆KMS 302可向车辆内部的各个ECU分发对应的ECU密钥。Finally, in step S370, the vehicle KMS 302 may distribute the corresponding ECU key to each ECU inside the vehicle.
根据以上描述,在生成车辆密钥、主密钥以及ECU密钥的过程中均使用了密钥生成算法,但是以上过程中所使用的密钥生成算法可以是相同的也可以是不同的,本申请对此不做限制。According to the above description, the key generation algorithm is used in the process of generating the vehicle key, the master key and the ECU key, but the key generation algorithm used in the above process may be the same or different. There is no restriction on the application.
综上可述,所述方法可在实现一车一密的情况下,车辆KMS 302还可利用所述主密钥,实现一ECU一密钥,提高了各ECU之间的安全性。作为示例,当车辆需要增加和/或更换新ECU时,所述车辆KMS 302可根据主密钥以及新ECU的标识信息,即可生成新ECU的ECU密钥。To sum up, the method can realize one key per ECU by using the master key in the vehicle KMS 302 under the condition of realizing one key for one vehicle, thereby improving the security between each ECU. As an example, when the vehicle needs to add and/or replace a new ECU, the vehicle KMS 302 can generate the ECU key of the new ECU according to the master key and the identification information of the new ECU.
本申请的示例性实施例的车辆密钥管理方法还涉及对车辆内部的各个ECU密钥进行更新,以下将参照图9描述更新ECU密钥的过程。为了便于描述,将图3中针对ECU生成的ECU密钥成为第一ECU密钥,将对第一ECU密钥更新后获取的密钥称作第二ECU密钥。作为示例,可通过更新以上提及的三元组中的版本信息生成第二ECU密钥。此外,车辆KMS 901可生成并管理多个ECU的ECU密钥,以下将针对单个ECU进行描述。The vehicle key management method of the exemplary embodiment of the present application also involves updating each ECU key inside the vehicle, and the process of updating the ECU key will be described below with reference to FIG. 9 . For ease of description, the ECU key generated for the ECU in FIG. 3 is referred to as the first ECU key, and the key obtained after updating the first ECU key is referred to as the second ECU key. As an example, the second ECU key may be generated by updating the version information in the above-mentioned triplet. In addition, the vehicle KMS 901 can generate and manage ECU keys for multiple ECUs, which will be described below for a single ECU.
在将ECU 902的第一ECU密钥更新为第二ECU密钥的过程中,需要分别对车辆KMS 901以及ECU 902执行验证,只有通过验证后,才能将ECU 902已有的ECU密钥更新为新的ECU密钥,在此过程中,只要验证失败,则终止操作,具体如下:In the process of updating the first ECU key of the ECU 902 to the second ECU key, the vehicle KMS 901 and the ECU 902 need to be verified respectively. Only after passing the verification, the existing ECU key of the ECU 902 can be updated to The new ECU key, in the process, as long as the verification fails, the operation is terminated, as follows:
在步骤S9010,车辆KMS 901可生成第一验证信息,其中,所述第一验证信息是利用第一ECU密钥对第一信息进行加密后生成的信息,其中,第一信息可以是随机生 成的随机数,也可以是根据用户需求设置的特定信息,对此本申请不做限制。In step S9010, the vehicle KMS 901 may generate first verification information, wherein the first verification information is information generated after encrypting the first information with the first ECU key, wherein the first information may be randomly generated The random number may also be specific information set according to user requirements, which is not limited in this application.
在步骤S9020,车辆KMS 901将第一验证信息发送到ECU 902。In step S9020, the vehicle KMS 901 sends the first verification information to the ECU 902.
ECU 902在接收到第一验证信息后,执行验证操作,具体来说,在步骤S9030,ECU 902对第一验证信息执行解密,若解密成功,则通过验证。在实施中,只有在ECU 902内存储的ECU密钥为第一ECU密钥的情况下才能对第一验证信息进行解密。在步骤S9030,ECU 902利用第一ECU密钥对第一验证信息进行解密,获取到第一信息。After receiving the first verification information, the ECU 902 performs the verification operation. Specifically, in step S9030, the ECU 902 decrypts the first verification information, and if the decryption is successful, the verification is passed. In implementation, the first verification information can be decrypted only when the ECU key stored in the ECU 902 is the first ECU key. In step S9030, the ECU 902 decrypts the first verification information using the first ECU key to obtain the first information.
在获取第一信息后,ECU 902可执行步骤S9040,生成第二验证信息,具体来说,ECU 902可生成第二信息,其中,第二信息可以是随机生成的随机数,也可以是根据用户需求设置的特定信息,对此本申请不做限制。随后,ECU 902可利用第一ECU密钥对第一信息和第二信息进行加密,生成第二验证信息。After acquiring the first information, the ECU 902 can perform step S9040 to generate the second verification information. Specifically, the ECU 902 can generate the second information, wherein the second information can be a random number generated randomly, or it can be a random number generated according to the user The specific information required to be set is not limited in this application. Subsequently, the ECU 902 may encrypt the first information and the second information using the first ECU key to generate the second verification information.
在步骤S9050,ECU 902可将第二验证信息发送到车辆KMS 901。In step S9050, the ECU 902 may transmit the second verification information to the vehicle KMS 901.
在步骤S9060,车辆KMS 901可在接收到所述第二验证信息后,利用第一ECU密钥对第二验证信息进行解密,确定解密后的第二验证信息中包括第一信息,若包括第一信息,则确定验证成功。In step S9060, after receiving the second verification information, the vehicle KMS 901 can use the first ECU key to decrypt the second verification information, and determine that the decrypted second verification information includes the first information. If there is no information, it is determined that the verification is successful.
在验证成功的情况下,在步骤S9070,车辆KMS 901利用第一ECU密钥对第一信息、第二信息以及第二ECU密钥进行加密,生成第三验证信息。If the verification is successful, in step S9070, the vehicle KMS 901 encrypts the first information, the second information and the second ECU key by using the first ECU key to generate third verification information.
在步骤S9080,车辆KMS 901将第三验证信息发送到ECU 902。In step S9080, the vehicle KMS 901 sends the third verification information to the ECU 902.
在步骤S9090,ECU 902利用第一ECU密钥对第三验证信息进行解密,若解密成功,则证明验证通过,并在解密成功后,获取到第一信息、第二信息以及第二ECU密钥。In step S9090, the ECU 902 decrypts the third verification information by using the first ECU key. If the decryption is successful, it proves that the verification is passed, and after the decryption is successful, the first information, the second information and the second ECU key are obtained. .
在步骤S9100,ECU 902可将第一ECU密钥更新为第二ECU密钥。In step S9100, the ECU 902 may update the first ECU key to the second ECU key.
综上可述,根据本申请的示例性实施例的各个ECU在对ECU密钥执行更新前,ECU可先对发起数据更新处理的车辆KMS进行验证,并在验证通过后,车辆KMS可对接收更新数据的ECU进行验证,分别验证通过后,再将更新的ECU密钥利用彼此均可验证的方式传输到ECU,从而保证数据的真实性以及通信的安全性。To sum up, before each ECU according to the exemplary embodiment of the present application performs the update of the ECU key, the ECU may first verify the vehicle KMS that initiates the data update process, and after the verification is passed, the vehicle KMS may The ECUs that update the data are verified, and after the verifications are passed, the updated ECU keys are transmitted to the ECUs in a mutually verifiable manner, thereby ensuring the authenticity of the data and the security of communication.
此外,本申请的示例性实施例的电子设备可具有如图10所示的结构,其中,所述车辆密钥管理设备可以执行如图3中的车外KMS 301所执行的功能、图3中的车辆KMS 301以及图9中的车辆KMS 901所执行的功能,或者图9中的ECU 902执行的功能。In addition, the electronic device of the exemplary embodiment of the present application may have a structure as shown in FIG. 10 , wherein the vehicle key management device may perform the functions performed by the off-vehicle KMS 301 in FIG. The functions performed by the vehicle KMS 301 and the vehicle KMS 901 in FIG. 9 , or the functions performed by the ECU 902 in FIG. 9 .
如图10所示,所述电子设备可包括处理模块1010以及通信模块1020。As shown in FIG. 10 , the electronic device may include a processing module 1010 and a communication module 1020 .
作为示例,在所述电子设备用于实现车外KMS 301所执行的功能的情况下,所述处理模块1010可确定所述车辆在车辆属性结构中的车辆属性节点;利用所述车辆属性节点,获取与所述车辆对应的父密钥;利用所述父密钥以及所述车辆属性节点对应的车辆属性信息,生成所述车辆的车辆密钥。As an example, when the electronic device is used to implement the function performed by the off-vehicle KMS 301, the processing module 1010 may determine the vehicle attribute node of the vehicle in the vehicle attribute structure; using the vehicle attribute node, Obtain the parent key corresponding to the vehicle; and generate the vehicle key of the vehicle by using the parent key and the vehicle attribute information corresponding to the vehicle attribute node.
所述通信模块1020可用于向所述车辆发送所述车辆密钥,其中,所述车辆密钥能够被车辆密钥管理设备用于生成所述车辆唯一对应的主密钥。The communication module 1020 may be configured to send the vehicle key to the vehicle, wherein the vehicle key can be used by a vehicle key management device to generate a master key uniquely corresponding to the vehicle.
作为示例,在所述电子设备用于实现车辆KMS 301所执行的功能的情况下,所述通信模块1020可用于从车外密钥管理设备接收与所述车辆对应的车辆密钥。所述处理模块1010可用于利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。As an example, in the case where the electronic device is used to implement the function performed by the vehicle KMS 301, the communication module 1020 may be configured to receive a vehicle key corresponding to the vehicle from an off-vehicle key management device. The processing module 1010 may be configured to use the vehicle key to generate a master key uniquely corresponding to the vehicle.
作为示例,在所述电子设备用于实现图9中的ECU 902执行的功能的情况下,所述通信模块1010可从车辆密钥管理设备接收第一ECU密钥,其中,第一ECU密钥是所述车辆密钥管理设备利用所述车辆的车辆密钥生成的与所述车辆唯一对应的主密钥,所述车辆密钥是从车外管理设备接收的密钥。As an example, where the electronic device is used to implement the functions performed by the ECU 902 in FIG. 9 , the communication module 1010 may receive a first ECU key from a vehicle key management device, wherein the first ECU key is the master key uniquely corresponding to the vehicle generated by the vehicle key management device using the vehicle key of the vehicle, the vehicle key being the key received from the outside vehicle management device.
本申请的实施例提供了一种车辆密钥管理设备,包括:处理器以及用于存储处理器可执行指令的存储器;其中,所述处理器被配置为执行所述指令时实现上述方法。Embodiments of the present application provide a vehicle key management device, comprising: a processor and a memory for storing instructions executable by the processor; wherein the processor is configured to implement the above method when executing the instructions.
本申请的实施例提供了一种非易失性计算机可读存储介质,其上存储有计算机程序指令,所述计算机程序指令被处理器执行时实现上述方法。Embodiments of the present application provide a non-volatile computer-readable storage medium on which computer program instructions are stored, and when the computer program instructions are executed by a processor, implement the above method.
本申请的实施例提供了一种计算机程序产品,包括计算机可读代码,或者承载有计算机可读代码的非易失性计算机可读存储介质,当所述计算机可读代码在电子设备的处理器中运行时,所述电子设备中的处理器执行上述方法。Embodiments of the present application provide a computer program product, including computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are stored in a processor of an electronic device When running in the electronic device, the processor in the electronic device executes the above method.
计算机可读存储介质可以是可以保持和存储由指令执行设备使用的指令的有形设备。计算机可读存储介质例如可以是但不限于电存储设备、磁存储设备、光存储设备、电磁存储设备、半导体存储设备或者上述的任意合适的组合。计算机可读存储介质的更具体的例子(非穷举的列表)包括:便携式计算机盘、硬盘、随机存取存储器(Random Access Memory,RAM)、只读存储器(Read Only Memory,ROM)、可擦式可编程只读存储器(Electrically Programmable Read-Only-Memory,EPROM或闪存)、静态随机存取存储器(Static Random-Access Memory,SRAM)、便携式压缩盘只读存储器(Compact Disc Read-Only Memory,CD-ROM)、数字多功能盘(Digital Video Disc,DVD)、记忆棒、软盘、机械编码设备、例如其上存储有指令的打孔卡或凹槽内凸起结构、以及上述的任意合适的组合。A computer-readable storage medium may be a tangible device that can hold and store instructions for use by the instruction execution device. The computer-readable storage medium may be, for example, but not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of computer-readable storage media include: portable computer disks, hard disks, random access memory (RAM), read only memory (ROM), erasable programmable read-only memory (Electrically Programmable Read-Only-Memory, EPROM or flash memory), static random access memory (Static Random-Access Memory, SRAM), portable compact disk read-only memory (Compact Disc Read-Only Memory, CD - ROM), Digital Video Disc (DVD), memory sticks, floppy disks, mechanically encoded devices, such as punch cards or raised structures in grooves on which instructions are stored, and any suitable combination of the foregoing .
这里所描述的计算机可读程序指令或代码可以从计算机可读存储介质下载到各个计算/处理设备,或者通过网络、例如因特网、局域网、广域网和/或无线网下载到外部计算机或外部存储设备。网络可以包括铜传输电缆、光纤传输、无线传输、路由器、防火墙、交换机、网关计算机和/或边缘服务器。每个计算/处理设备中的网络适配卡或者网络接口从网络接收计算机可读程序指令,并转发该计算机可读程序指令,以供存储在各个计算/处理设备中的计算机可读存储介质中。Computer readable program instructions or code described herein may be downloaded to various computing/processing devices from a computer readable storage medium, or to an external computer or external storage device over a network such as the Internet, a local area network, a wide area network and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer-readable program instructions from a network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .
用于执行本申请操作的计算机程序指令可以是汇编指令、指令集架构(Instruction Set Architecture,ISA)指令、机器指令、机器相关指令、微代码、固件指令、状态设置数据、或者以一种或多种编程语言的任意组合编写的源代码或目标代码,所述编程语言包括面向对象的编程语言—诸如Smalltalk、C++等,以及常规的过程式编程语言—诸如“C”语言或类似的编程语言。计算机可读程序指令可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中,远程计算机可以通过任意种类的网络—包括局域网(Local Area Network,LAN)或广域网(Wide Area Network,WAN)—连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。在一些实施例中,通过利用计算机可读程序指令的状态信息来个性化定制电子电路,例如可编程逻辑电路、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或可编程逻辑阵列 (Programmable Logic Array,PLA),该电子电路可以执行计算机可读程序指令,从而实现本申请的各个方面。The computer program instructions used to perform the operations of the present application may be assembly instructions, Instruction Set Architecture (ISA) instructions, machine instructions, machine-related instructions, microcode, firmware instructions, state setting data, or in one or more source or object code written in any combination of programming languages, including object-oriented programming languages such as Smalltalk, C++, etc., and conventional procedural programming languages such as the "C" language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network—including a Local Area Network (LAN) or a Wide Area Network (WAN)—or, may be connected to an external computer (eg, use an internet service provider to connect via the internet). In some embodiments, electronic circuits, such as programmable logic circuits, Field-Programmable Gate Arrays (FPGA), or Programmable Logic Arrays (Programmable Logic Arrays), are personalized by utilizing state information of computer-readable program instructions. Logic Array, PLA), the electronic circuit can execute computer readable program instructions to implement various aspects of the present application.
这里参照根据本申请实施例的方法、装置(系统)和计算机程序产品的流程图和/或框图描述了本申请的各个方面。应当理解,流程图和/或框图的每个方框以及流程图和/或框图中各方框的组合,都可以由计算机可读程序指令实现。Aspects of the present application are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the present application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
这些计算机可读程序指令可以提供给通用计算机、专用计算机或其它可编程数据处理装置的处理器,从而生产出一种机器,使得这些指令在通过计算机或其它可编程数据处理装置的处理器执行时,产生了实现流程图和/或框图中的一个或多个方框中规定的功能/动作的装置。也可以把这些计算机可读程序指令存储在计算机可读存储介质中,这些指令使得计算机、可编程数据处理装置和/或其他设备以特定方式工作,从而,存储有指令的计算机可读介质则包括一个制造品,其包括实现流程图和/或框图中的一个或多个方框中规定的功能/动作的各个方面的指令。These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer or other programmable data processing apparatus to produce a machine that causes the instructions when executed by the processor of the computer or other programmable data processing apparatus , resulting in means for implementing the functions/acts specified in one or more blocks of the flowchart and/or block diagrams. These computer readable program instructions can also be stored in a computer readable storage medium, these instructions cause a computer, programmable data processing apparatus and/or other equipment to operate in a specific manner, so that the computer readable medium on which the instructions are stored includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks of the flowchart and/or block diagrams.
也可以把计算机可读程序指令加载到计算机、其它可编程数据处理装置、或其它设备上,使得在计算机、其它可编程数据处理装置或其它设备上执行一系列操作步骤,以产生计算机实现的过程,从而使得在计算机、其它可编程数据处理装置、或其它设备上执行的指令实现流程图和/或框图中的一个或多个方框中规定的功能/动作。Computer readable program instructions can also be loaded onto a computer, other programmable data processing apparatus, or other equipment to cause a series of operational steps to be performed on the computer, other programmable data processing apparatus, or other equipment to produce a computer-implemented process , thereby causing instructions executing on a computer, other programmable data processing apparatus, or other device to implement the functions/acts specified in one or more blocks of the flowcharts and/or block diagrams.
附图中的流程图和框图显示了根据本申请的多个实施例的装置、系统、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段或指令的一部分,所述模块、程序段或指令的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of apparatuses, systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more functions for implementing the specified logical function(s) executable instructions. In some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行相应的功能或动作的硬件(例如电路或ASIC(Application Specific Integrated Circuit,专用集成电路))来实现,或者可以用硬件和软件的组合,如固件等来实现。It is also noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented in hardware (eg, circuits or ASICs (Application) that perform the corresponding functions or actions. Specific Integrated Circuit, application-specific integrated circuit)), or can be implemented by a combination of hardware and software, such as firmware.
尽管在此结合各实施例对本发明进行了描述,然而,在实施所要求保护的本发明过程中,本领域技术人员通过查看所述附图、公开内容、以及所附权利要求书,可理解并实现所述公开实施例的其它变化。在权利要求中,“包括”(comprising)一词不排除其他组成部分或步骤,“一”或“一个”不排除多个的情况。单个处理器或其它单元可以实现权利要求中列举的若干项功能。相互不同的从属权利要求中记载了某些措施,但这并不表示这些措施不能组合起来产生良好的效果。While the invention has been described herein in connection with various embodiments, those skilled in the art will understand and understand from a review of the drawings, the disclosure, and the appended claims in practicing the claimed invention. Other variations of the disclosed embodiments are implemented. In the claims, the word "comprising" does not exclude other components or steps, and "a" or "an" does not exclude a plurality. A single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that these measures cannot be combined to advantage.
以上已经描述了本申请的各实施例,上述说明是示例性的,并非穷尽性的,并且也不限于所披露的各实施例。在不偏离所说明的各实施例的范围和精神的情况下,对于本技术领域的普通技术人员来说许多修改和变更都是显而易见的。本文中所用术语的选择,旨在最好地解释各实施例的原理、实际应用或对市场中的技术的改进,或者使本技术领域的其它普通技术人员能理解本文披露的各实施例。Various embodiments of the present application have been described above, and the foregoing descriptions are exemplary, not exhaustive, and not limiting of the disclosed embodiments. Numerous modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the various embodiments, the practical application or improvement over the technology in the marketplace, or to enable others of ordinary skill in the art to understand the various embodiments disclosed herein.

Claims (31)

  1. 一种车辆密钥管理系统,其特征在于,包括:A vehicle key management system, comprising:
    车外密钥管理设备,用于生成所述车辆的车辆密钥,其中,所述车辆密钥对应于多辆车辆;将所述车辆密钥发送到车辆密钥管理设备,an off-vehicle key management device for generating a vehicle key of the vehicle, wherein the vehicle key corresponds to a plurality of vehicles; sending the vehicle key to the vehicle key management device,
    车辆密钥管理设备,用于从车外密钥管理设备接收所述车辆密钥;利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。The vehicle key management device is used for receiving the vehicle key from the off-vehicle key management device; and using the vehicle key, a master key uniquely corresponding to the vehicle is generated.
  2. 一种车辆密钥管理方法,其特征在于,包括:A vehicle key management method, comprising:
    从车外密钥管理设备接收与所述车辆对应的车辆密钥;receiving a vehicle key corresponding to the vehicle from an off-vehicle key management device;
    利用所述车辆密钥,生成与所述车辆唯一对应的主密钥。Using the vehicle key, a master key uniquely corresponding to the vehicle is generated.
  3. 如权利要求2所述的方法,其特征在于,还包括:The method of claim 2, further comprising:
    利用所述主密钥,确定所述车辆内的电子控制单元ECU对应的第一ECU密钥。Using the master key, the first ECU key corresponding to the electronic control unit ECU in the vehicle is determined.
  4. 如权利要求3所述的方法,其特征在于,还包括:The method of claim 3, further comprising:
    向所述ECU发送第一ECU密钥。A first ECU key is sent to the ECU.
  5. 如权利要求4所述的方法,其特征在于,还包括:The method of claim 4, further comprising:
    向所述ECU发送第二ECU密钥,其中,第二ECU密钥是对第一ECU密钥更新后生成的密钥。A second ECU key is sent to the ECU, wherein the second ECU key is a key generated after updating the first ECU key.
  6. 如权利要求5所述的方法,其特征在于,向所述ECU发送第二ECU密钥之前,还包括:The method of claim 5, before sending the second ECU key to the ECU, further comprising:
    向所述ECU发送第一验证信息,其中,第一验证信息是利用第一ECU密钥对第一信息进行加密后生成的信息。Sending first verification information to the ECU, where the first verification information is information generated after encrypting the first information with a first ECU key.
  7. 如权利要求6所述的方法,其特征在于,还包括:The method of claim 6, further comprising:
    从所述ECU接收第二验证信息。Second verification information is received from the ECU.
  8. 如权利要求7所述的方法,其特征在于,还包括:The method of claim 7, further comprising:
    利用第一ECU密钥对第二验证信息进行解密操作,获取解密后的第二验证信息。The second verification information is decrypted by using the first ECU key to obtain the decrypted second verification information.
  9. 如权利要求8所述的方法,其特征在于,还包括:The method of claim 8, further comprising:
    在确定解密后的第二验证信息包括第一信息的情况下,利用第一ECU密钥对解密后的第二验证信息和第二ECU密钥执行加密操作,生成第三验证信息。When it is determined that the decrypted second verification information includes the first information, an encryption operation is performed on the decrypted second verification information and the second ECU key using the first ECU key to generate third verification information.
  10. 如权利要求9所述的方法,其特征在于,还包括:The method of claim 9, further comprising:
    将第三验证信息发送到所述ECU。Send third verification information to the ECU.
  11. 如权利要求3所述的方法,其特征在于,第一ECU密钥至少与所述主密钥以及第一ECU的标识信息相关。The method of claim 3, wherein the first ECU key is at least related to the master key and identification information of the first ECU.
  12. 如权利要求11所述的方法,其特征在于,第一ECU密钥与所述主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。The method of claim 11, wherein the first ECU key is related to the master key, key version information of the first ECU key, and identification information of the first ECU.
  13. 如权利要求12所述的方法,其特征在于,利用所述主密钥,确定所述车辆内的电子控制单元(ECU)对应的第一ECU密钥,包括:The method of claim 12, wherein using the master key to determine the first ECU key corresponding to an electronic control unit (ECU) in the vehicle comprises:
    利用所述主密钥、所述ECU密钥的密钥版本信息以及所述ECU的标识信息构成的三元组作为第一ECU密钥。A triplet composed of the master key, the key version information of the ECU key, and the identification information of the ECU is used as the first ECU key.
  14. 如权利要求2所述的方法,其特征在于,所述主密钥至少与所述车辆密钥所述车辆的标识信息相关。The method of claim 2, wherein the master key is at least related to the identification information of the vehicle in the vehicle key.
  15. 如权利要求14所述的方法,其特征在于,所述主密钥与所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息相关。15. The method of claim 14, wherein the master key is associated with the vehicle key, key version information of the master key, and identification information of the vehicle.
  16. 如权利要求15所述的方法,其特征在于,利用所述车辆密钥,生成与所述车辆唯一对应的主密钥,包括:The method of claim 15, wherein using the vehicle key to generate a master key uniquely corresponding to the vehicle, comprising:
    利用所述车辆密钥、所述主密钥的密钥版本信息以及所述车辆的标识信息构成的三元组作为所述车辆的主密钥。A triplet composed of the vehicle key, the key version information of the master key, and the identification information of the vehicle is used as the master key of the vehicle.
  17. 一种车辆密钥管理方法,其特征在于,包括:A vehicle key management method, comprising:
    确定所述车辆在车辆属性结构中的车辆属性节点;determining the vehicle attribute node of the vehicle in the vehicle attribute structure;
    利用所述车辆属性节点,获取与所述车辆对应的父密钥;Using the vehicle attribute node, obtain the parent key corresponding to the vehicle;
    利用所述父密钥以及所述车辆属性节点对应的车辆属性信息,生成所述车辆的车辆密钥;generating the vehicle key of the vehicle by using the parent key and the vehicle attribute information corresponding to the vehicle attribute node;
    向所述车辆发送所述车辆密钥,其中,所述车辆密钥能够被车辆密钥管理设备用于生成所述车辆唯一对应的主密钥。The vehicle key is sent to the vehicle, wherein the vehicle key can be used by a vehicle key management device to generate a uniquely corresponding master key for the vehicle.
  18. 如权利要求17所述的方法,其特征在于,所述车辆密钥还与车辆密钥的版本信息相关。The method of claim 17, wherein the vehicle key is further related to version information of the vehicle key.
  19. 如权利要求17所述的方法,其特征在于,还包括:The method of claim 17, further comprising:
    将车辆属性按照父子关系生成所述车辆属性结构,其中,所述车辆属性结构包括多个车辆属性节点,位于所述车辆属性节点的上层节点指示所述车辆属性节点的父级属性节点;The vehicle attribute structure is generated according to the parent-child relationship, wherein the vehicle attribute structure includes a plurality of vehicle attribute nodes, and the upper node located in the vehicle attribute node indicates the parent attribute node of the vehicle attribute node;
    生成与所述车辆属性结构在结构上相同的车辆密钥结构,其中,所述车辆密钥结构包括多个车辆密钥节点,位于所述车辆密钥节点的上层密钥指示所述车辆密钥节点的父密钥。generating a vehicle key structure that is structurally identical to the vehicle attribute structure, wherein the vehicle key structure includes a plurality of vehicle key nodes, an upper key located at the vehicle key node indicating the vehicle key The node's parent key.
  20. 如权利要求19所述的方法,其特征在于,利用所述车辆属性节点,获取与所述车辆对应的父密钥包括:The method of claim 19, wherein obtaining the parent key corresponding to the vehicle by using the vehicle attribute node comprises:
    确定所述车辆属性节点在所述车辆属性结构中的节点位置;determining the node position of the vehicle attribute node in the vehicle attribute structure;
    利用所述节点位置,确定所述车辆在所述车辆密钥结构中的车辆密钥节点;using the node location, determining a vehicle key node of the vehicle in the vehicle key structure;
    获取所述车辆密钥节点的父密钥。Get the parent key of the vehicle key node.
  21. 一种车辆密钥管理方法,其特征在于,包括:A vehicle key management method, comprising:
    从车辆密钥管理设备接收第一ECU密钥,其中,第一ECU密钥是所述车辆密钥管理设备利用所述车辆的车辆密钥生成的与所述车辆唯一对应的主密钥,所述车辆密钥是从车外管理设备接收的密钥。A first ECU key is received from a vehicle key management device, wherein the first ECU key is a master key uniquely corresponding to the vehicle generated by the vehicle key management device using the vehicle key of the vehicle, so The vehicle key is a key received from an off-vehicle management device.
  22. 如权利要求21所述的方法,其特征在于,第一ECU密钥与主密钥、第一ECU密钥的密钥版本信息以及第一ECU的标识信息相关。21. The method of claim 21, wherein the first ECU key is related to a master key, key version information of the first ECU key, and identification information of the first ECU.
  23. 如权利要求22所述的方法,其特征在于,还包括:The method of claim 22, further comprising:
    从所述车辆密钥管理设备接收第一验证信息。First verification information is received from the vehicle key management device.
  24. 如权利要求23所述的方法,其特征在于,还包括:The method of claim 23, further comprising:
    利用第一ECU密钥对第一验证信息进行解密操作,获取第一信息。The first verification information is decrypted by using the first ECU key to obtain the first information.
  25. 如权利要求24所述的方法,其特征在于,还包括:The method of claim 24, further comprising:
    向所述车辆密钥管理设备发送第二验证信息,其中,第二验证信息是利用第一ECU密钥对第一信息和第二信息进行加密后生成的信息。Sending second verification information to the vehicle key management device, wherein the second verification information is information generated by encrypting the first information and the second information with the first ECU key.
  26. 如权利要求25所述的方法,其特征在于,还包括:The method of claim 25, further comprising:
    从所述车辆密钥管理设备接收第三验证信息。Third verification information is received from the vehicle key management device.
  27. 如权利要求26所述的方法,其特征在于,还包括:The method of claim 26, further comprising:
    利用第一ECU密钥对第三验证信息进行解密操作,获取解密后的第三验证信息。The third verification information is decrypted by using the first ECU key to obtain the decrypted third verification information.
  28. 如权利要求27所述的方法,其特征在于,还包括:The method of claim 27, further comprising:
    在确定解密后的第三验证信息包括第二信息的情况下,将第一ECU密钥更新为解密后的第三验证信息内包括的第二ECU密钥。When it is determined that the decrypted third verification information includes the second information, the first ECU key is updated to the second ECU key included in the decrypted third verification information.
  29. 一种用于车辆的密钥生成设备,其特征在于,包括:A key generation device for a vehicle, comprising:
    处理器;processor;
    用于存储处理器可执行指令的存储器;memory for storing processor-executable instructions;
    其中,所述处理器被配置为执行所述指令时实现权利要求2-11任意一项所述的方法、权利要求17-20任意一项所述的方法或者权利要求21-28任意一项所述的方法。Wherein, the processor is configured to implement the method of any one of claims 2-11, the method of any one of claims 17-20, or the method of any one of claims 21-28 when executing the instructions. method described.
  30. 一种非易失性计算机可读存储介质,其上存储有计算机程序指令,其特征在于,所述计算机程序指令被处理器执行时实现权利要求2-11任意一项所述的方法、权利要求17-20任意一项所述的方法或者权利要求21-28任意一项所述的方法。A non-volatile computer-readable storage medium on which computer program instructions are stored, characterized in that, when the computer program instructions are executed by a processor, the method and claims described in any one of claims 2-11 are implemented The method of any one of 17-20 or the method of any one of claims 21-28.
  31. 一种计算机程序产品,其特征在于,包括计算机可读代码,或者承载有计算机可读代码的非易失性计算机可读存储介质,当所述计算机可读代码在电子设备的处理器中运行时,所述电子设备中的处理器执行权利要求2-11任意一项所述的方法、权利要求17-20任意一项所述的方法或者权利要求21-28任意一项所述的方法。A computer program product, characterized by comprising computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are executed in a processor of an electronic device , the processor in the electronic device executes the method described in any one of claims 2-11, the method described in any one of claims 17-20, or the method described in any one of claims 21-28.
PCT/CN2021/072509 2021-01-18 2021-01-18 Vehicle key management method, device, and system WO2022151478A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2021/072509 WO2022151478A1 (en) 2021-01-18 2021-01-18 Vehicle key management method, device, and system
CN202180000129.0A CN112840683B (en) 2021-01-18 2021-01-18 Vehicle key management method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/072509 WO2022151478A1 (en) 2021-01-18 2021-01-18 Vehicle key management method, device, and system

Publications (1)

Publication Number Publication Date
WO2022151478A1 true WO2022151478A1 (en) 2022-07-21

Family

ID=75929860

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/072509 WO2022151478A1 (en) 2021-01-18 2021-01-18 Vehicle key management method, device, and system

Country Status (2)

Country Link
CN (1) CN112840683B (en)
WO (1) WO2022151478A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024055303A1 (en) * 2022-09-16 2024-03-21 华为技术有限公司 Key management method, key usage apparatus and key management apparatus

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709104A (en) * 2021-07-19 2021-11-26 英博超算(南京)科技有限公司 Automobile fingerprint encryption identification method
CN115988488B (en) * 2023-03-21 2023-06-30 北京全路通信信号研究设计院集团有限公司 Method and device for on-line centralized updating of vehicle-mounted secret key

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106603470A (en) * 2015-10-16 2017-04-26 上海汽车集团股份有限公司 Vehicle control method, apparatus, vehicle key generation method and system
CN107925568A (en) * 2015-08-05 2018-04-17 Kddi株式会社 Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program
US20190028267A1 (en) * 2016-01-18 2019-01-24 Kddi Corporation In-vehicle computer system, vehicle, key generation device, management method, key generation method, and computer program
CN111147260A (en) * 2019-12-26 2020-05-12 国汽(北京)智能网联汽车研究院有限公司 Vehicle key generation and distribution method and device

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11127230B2 (en) * 2018-07-09 2021-09-21 Ikeyless, Llc Systems and methods for creating key backups by identifying and storing unique key information and for replicating unique keys from key backups
CN103138939B (en) * 2013-03-28 2015-09-16 武汉大学 Based on the key access times management method of credible platform module under cloud memory module
CN105187376B (en) * 2015-06-16 2018-04-17 西安电子科技大学 The safety communicating method of automotive interior network in car networking
WO2017022821A1 (en) * 2015-08-05 2017-02-09 Kddi株式会社 Management device, management system, key generation device, key generation system, key management system, vehicle, management method, key generation method, and computer program
DE102015220224A1 (en) * 2015-10-16 2017-04-20 Volkswagen Aktiengesellschaft Method for protected communication of a vehicle
CN107104791B (en) * 2017-03-29 2019-06-28 江苏大学 A kind of in-vehicle network one-time pad communication means hidden based on ECU identity
CN109391466A (en) * 2017-08-10 2019-02-26 比亚迪股份有限公司 Safety access method, the apparatus and system of vehicle electronic control unit
JP7187547B2 (en) * 2017-09-29 2022-12-12 ファーウェイ インターナショナル プライベート リミテッド Securing out-of-vehicle communications using IBC
US20190190899A1 (en) * 2017-12-18 2019-06-20 Thorsten Wilmer Secure storage of monotonic odo value inside a secure hardware elements update counter
CN108989024B (en) * 2018-06-29 2023-04-14 百度在线网络技术(北京)有限公司 Method, device and equipment for controlling communication between ECUs and corresponding vehicle
US11440107B2 (en) * 2019-06-10 2022-09-13 Ikeyless, Llc Systems and methods for creating replacement vehicle keys
CN111093169B (en) * 2019-12-26 2022-06-07 国汽(北京)智能网联汽车研究院有限公司 Communication establishing method and device
CN112182663A (en) * 2020-09-22 2021-01-05 一汽奔腾轿车有限公司 Two-stage safety access system of passenger car and access method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107925568A (en) * 2015-08-05 2018-04-17 Kddi株式会社 Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program
CN106603470A (en) * 2015-10-16 2017-04-26 上海汽车集团股份有限公司 Vehicle control method, apparatus, vehicle key generation method and system
US20190028267A1 (en) * 2016-01-18 2019-01-24 Kddi Corporation In-vehicle computer system, vehicle, key generation device, management method, key generation method, and computer program
CN111147260A (en) * 2019-12-26 2020-05-12 国汽(北京)智能网联汽车研究院有限公司 Vehicle key generation and distribution method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024055303A1 (en) * 2022-09-16 2024-03-21 华为技术有限公司 Key management method, key usage apparatus and key management apparatus

Also Published As

Publication number Publication date
CN112840683A (en) 2021-05-25
CN112840683B (en) 2022-04-22

Similar Documents

Publication Publication Date Title
WO2022151478A1 (en) Vehicle key management method, device, and system
US11115418B2 (en) Registration and authorization method device and system
CN108496322B (en) Vehicle-mounted computer system, vehicle, key generation device, management method, key generation method, and computer-readable recording medium
CN107925660B (en) Data access and ownership management
US9020149B1 (en) Protected storage for cryptographic materials
CN108337239A (en) The event of electronic equipment proves
US20200177561A1 (en) Techniques for improving security of encrypted vehicle software updates
CN108616504B (en) Sensor node identity authentication system and method based on Internet of things
US10193691B2 (en) Information processing device, server device, information processing system, moving object, and information processing method
KR102450811B1 (en) System for key control for in-vehicle network
CN113016201B (en) Key provisioning method and related product
JP6625293B2 (en) Key management device and communication equipment
EP4089978A1 (en) Authentication method and apparatus for vehicle-mounted device
CN114793184B (en) Security chip communication method and device based on third-party key management node
US11847201B2 (en) Authenticating a device using a remote host
CN106789987B (en) Method and system for single sign-on of multi-service interconnection APP (application) of mobile terminal
US11628788B2 (en) Vehicle accident management using peer-to-peer networks and systems
TW201638818A (en) Digital identity and authorization for machines with replaceable parts
CN114785532B (en) Security chip communication method and device based on bidirectional signature authentication
KR20190112959A (en) Operating method for machine learning model using encrypted data and apparatus based on machine learning model
CN115706668A (en) Equipment registration method and Internet of things system
US11968296B2 (en) Utilization of a memory device for per-user encryption
JP2017208731A (en) Management system, management device, on-vehicle computer, management method, and computer program
CN117201439A (en) Message processing method, device, equipment and medium
CN117915330A (en) Device registration method, system, apparatus, computer device, and readable storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21918678

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21918678

Country of ref document: EP

Kind code of ref document: A1