WO2024040564A1 - Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur - Google Patents

Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur Download PDF

Info

Publication number
WO2024040564A1
WO2024040564A1 PCT/CN2022/115093 CN2022115093W WO2024040564A1 WO 2024040564 A1 WO2024040564 A1 WO 2024040564A1 CN 2022115093 W CN2022115093 W CN 2022115093W WO 2024040564 A1 WO2024040564 A1 WO 2024040564A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
information
vehicle
public key
communication method
Prior art date
Application number
PCT/CN2022/115093
Other languages
English (en)
Chinese (zh)
Inventor
乔光军
Original Assignee
北京小米移动软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京小米移动软件有限公司 filed Critical 北京小米移动软件有限公司
Priority to PCT/CN2022/115093 priority Critical patent/WO2024040564A1/fr
Priority to CN202280003138.XA priority patent/CN117941316A/zh
Publication of WO2024040564A1 publication Critical patent/WO2024040564A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present disclosure relates to the field of communication technology, specifically, to a key sharing method, a key sharing device, a terminal and a computer-readable storage medium.
  • embodiments of the present disclosure propose a key sharing method, a key sharing device, a terminal and a computer-readable storage medium to solve technical problems in related technologies.
  • a key sharing method is proposed, which is executed by a first device.
  • the method includes: receiving digital key sharing information sent by a second device through a first communication method, wherein the digital key
  • the shared information includes the vehicle public key of the vehicle; sending the first public key of the first device to the second device through the first communication method; receiving the first public key sent by the second device through the first communication method.
  • Signature information wherein the signature information is determined by the second device signing the first public key through the second private key of the second device; wherein the first communication method includes short-range wireless communication Method; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  • a key sharing method is proposed, which is executed by a second device.
  • the method includes: sending digital key sharing information to the first device through a first communication method, wherein the digital key
  • the shared information includes the vehicle public key of the vehicle; receiving the first public key of the first device sent by the first device through the first communication method; and pairing the first public key of the first device with the second private key of the second device.
  • Sign with a public key to determine the signature information send the signature information to the first device through the first communication method; wherein the first communication method includes a short-range wireless communication method; the vehicle public key The key and the first public key are used to generate a digital key for the vehicle and the first device.
  • a key sharing device which is executed by the first device.
  • the device includes:
  • the communication module is configured to receive the digital key sharing information sent by the second device through the first communication method, wherein the digital key sharing information includes the vehicle public key of the vehicle; and transmit the first public key of the first device through the Send the first communication method to the second device; receive the signature information sent by the second device through the first communication method, wherein the signature information is sent by the second device through the second device.
  • the second private key signs and determines the first public key; wherein the first communication method includes a short-range wireless communication method; the vehicle public key and the first public key are used for the vehicle and the The first device generates a digital key.
  • a key sharing device is proposed, which is executed by a second device.
  • the device includes: a first communication module configured to send digital key sharing information to the first communication module through a first communication method.
  • the digital key sharing information includes a vehicle public key of the vehicle; receiving the first public key of the first device sent by the first device through the first communication method; and a processing module configured to The second private key of the second device signs the first public key to determine the signature information; a second communication module is configured to send the signature information to the third through the first communication method.
  • a communication device including: a processor; a memory for storing instructions executable by the processor; wherein the processor is configured to execute the above key executed by the first device Share how.
  • a computer-readable storage medium for storing a computer program, which when executed by a processor implements the steps in the key sharing method executed by the first device.
  • a communication device including: a processor; a memory for storing instructions executable by the processor; wherein the processor is configured to execute the above key executed by the second device Share how.
  • a computer-readable storage medium for storing a computer program, which when executed by a processor implements the steps in the key sharing method executed by the second device.
  • the first device in a scenario where the first device and the second device are close to each other, can receive the digital key sharing information sent by the second device through short-range wireless communication to obtain the vehicle public key of the vehicle. . After receiving the digital key sharing information, it can send its first public key to the second device through short-range wireless communication, and receive the signature information sent by the second device that is determined by signing the first public key. , so that the vehicle determines the first public key of the first device based on the signature information, and realizes that the first device and the vehicle generate a digital key between the first device and the vehicle based on each other's public key.
  • first device and the second device in this embodiment communicate through short-range wireless communication. Therefore, when the first device and the second device share the key, they can avoid problems such as slow information transmission due to network delays in the mobile network or the Internet, or even inability to transmit information due to server failures on the Internet, improving the efficiency of the key sharing process. Efficiency and success rate of key sharing.
  • Figure 1 is a schematic flow chart of a key sharing method according to an embodiment of the present disclosure.
  • FIG. 2 is a schematic flow chart of another key sharing method according to an embodiment of the present disclosure.
  • Figure 3 is a schematic flow chart of yet another key sharing method according to an embodiment of the present disclosure.
  • Figure 4 is a schematic flow chart of a key sharing method according to an embodiment of the present disclosure.
  • Figure 5 is a schematic flow chart of another key sharing method according to an embodiment of the present disclosure.
  • Figure 6 is a schematic flow chart of yet another key sharing method according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic block diagram of a device for key sharing according to an embodiment of the present disclosure.
  • Figure 8 is a schematic block diagram of a device for key sharing according to an embodiment of the present disclosure.
  • Figure 9 is a schematic block diagram of a terminal for key sharing according to an embodiment of the present disclosure.
  • first, second, third, etc. may be used to describe various information in the embodiments of the present disclosure, the information should not be limited to these terms. These terms are only used to distinguish information of the same type from each other.
  • first information may also be called second information, and similarly, the second information may also be called first information.
  • word “if” as used herein may be interpreted as "when” or "when” or "in response to determining.”
  • the terms used in this article are “greater than” or “less than”, “higher than” or “lower than” when characterizing size relationships. But for those skilled in the art, it can be understood that: the term “greater than” also covers the meaning of “greater than or equal to”, and “less than” also covers the meaning of “less than or equal to”; the term “higher than” covers the meaning of “higher than or equal to”. “The meaning of “less than” also covers the meaning of "less than or equal to”.
  • All embodiments in this disclosure are mainly applied in near field communication scenarios, such as a scenario where a car owner is face to face with other users he wants to share with, and the second device held by the car owner is close to the first device held by other users.
  • NFC Near field communication
  • Bluetooth BT technology is an open global specification for wireless data communications. It is based on low-cost short-range wireless connections and establishes a special wireless connection for fixed and mobile device communication environments. Based on the use of near field communication technology or Bluetooth technology to share digital keys, the information transmitted in the process of sharing the digital key between the first device and the second device (such as digital key sharing information, first public key, signature information, etc.) can not go through other device forwarding, but can communicate directly between the first device and the second device, thereby realizing the digital key sharing process safely and conveniently.
  • digital key sharing information such as digital key sharing information, first public key, signature information, etc.
  • the first device and the second device When the first device and the second device are in the same wireless LAN WLAN environment, the first device and the second device can access the wireless LAN at the same time and communicate through the wireless LAN.
  • the first device held by other users needs to communicate with the second device held by the car owner to obtain the sharing of the second device digital key.
  • communication between the first device and the second device mainly relies on the mobile network or the Internet. Even in a scenario where the car owner is face-to-face with other users, when the first device obtains the digital key shared by the second device for controlling the vehicle, it still needs to interact with the car owner's second device through the mobile network or the Internet to share the digital key. Relevant information, such as the vehicle public key of the vehicle, the first public key of the first device, etc.
  • the mobile network or Internet server when communicating through a mobile network or Internet server, because the mobile network or Internet server needs to face a large number of terminals, it may need to process and transmit a large amount of data at the same time, so delays are prone to occur, and the servers in the Internet may also have failures. Due to maintenance and other situations, information exchange between the first device and the second device will not be possible in a timely manner. Even when the first device and the second device are waiting to receive data, they may fall into sleep due to a long waiting time, so that even if the data is received, the received data cannot be processed in time. As a result, other users' first devices will not be able to obtain the vehicle's digital key in time, making it impossible to control the vehicle.
  • Figure 1 is a schematic flow chart of a key sharing method according to an embodiment of the present disclosure.
  • the key method shown in this embodiment can be executed by a first device, and the first device can communicate with a second device.
  • the first device and the second device include but are not limited to mobile phones, tablet computers, wearable devices, and sensors. , Internet of Things equipment and other communication devices.
  • the key sharing method may include the following steps:
  • step S101 receive digital key sharing information sent by the second device through the first communication method, wherein the digital key sharing information includes the vehicle public key of the vehicle;
  • step S102 send the first public key of the first device to the second device through the first communication method
  • step S103 receive the signature information sent by the second device through the first communication method, wherein the signature information is generated by the second device through the second private key of the second device.
  • the first communication method includes a short-range wireless communication method; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  • the short-range wireless communication method in this disclosure includes short-range communication technology in the usual sense, including but not limited to WLAN (Wireless Local Area Network), NFC (Near Field Communication), Bluetooth, Zigbee, etc.
  • sharing the digital key includes that the vehicle of the sharing party (second device) and the shared party (first device) can mutually confirm each other's identities, and that the vehicle and the first device can communicate securely.
  • asymmetric encryption technology when the first device and the vehicle each generate their own public and private key pairs, if they have the other party's public key, they can verify the other party's identity by verifying the signature of the other party's private key. ;
  • a key exchange algorithm such as the Diffie-Hellman algorithm, can be used to generate a session key using its own private key and the other party's public key to achieve secure communication between the vehicle and the first device. That is, as long as the first device and the vehicle each possess the other party's public key, it can be considered that a digital key has been generated.
  • the second device since the second device is a communication device held by the owner of the vehicle, the second device itself stores the digital key of the vehicle, that is, the second device stores the vehicle public key of the vehicle, and the vehicle stores the third The second public key of the second device allows the car owner to control the vehicle through the digital key.
  • the car owner when the car owner needs to unlock the door of the vehicle, he or she can send an unlocking request signed using the private key of the second device to the vehicle through the second device.
  • the vehicle After receiving the signed unlocking request, the vehicle can use the second public key of the second device stored in the vehicle to verify the signed unlocking request. Only when the signature verification is passed, the vehicle can determine that the unlocking request was sent by the second device. Since the vehicle stores the second public key of the second device, for the unlocking request signed with the private key of the second device, , so that the vehicle door can be unlocked according to the unlocking request.
  • the first communication method includes at least one of the following: NFC (Near Field Communication); Bluetooth BT (Bluetooth); Wireless Local Area Network (WLAN).
  • NFC Near Field Communication
  • Bluetooth BT Bluetooth
  • WLAN Wireless Local Area Network
  • the first device in a scenario where the first device and the second device are close to each other, can receive the digital key sharing information sent by the second device through short-range wireless communication to obtain the vehicle public key of the vehicle. After receiving the digital key sharing information, it can send its first public key to the second device through other communication methods except mobile network communication and Internet communication, and receive the first public key sent by the second device.
  • the signature information determined by the signature is used so that the vehicle can determine the first public key of the first device based on the signature information, so that the first device and the vehicle can generate a digital signature between the first device and the vehicle based on each other's public key. key.
  • first device and the second device in this embodiment communicate through short-range wireless communication. Therefore, when the first device and the second device share the key, they can avoid problems such as slow information transmission due to network delays in the mobile network or the Internet, or even inability to transmit information due to server failures on the Internet, improving the efficiency of the key sharing process. Efficiency and success rate of key sharing.
  • the digital key sharing information also includes permission information and/or configuration information.
  • the permission information may include function permission information and usage period information.
  • functional permissions such as door unlocking permissions, engine starting permissions, etc.
  • they can grant different digital key validity periods to different users as needed.
  • the first device can determine the control operations it can perform on the vehicle based on the function permission information carried in the digital key sharing information. And the validity period of the key shared by the second device can be determined based on the usage period information carried in the digital key sharing information. When the usage period of the own digital key reaches the validity period set by the car owner, it will automatically expire.
  • the configuration information may include storage location information.
  • the first device After receiving the digital key sharing information sent by the second device, the first device can determine the storage location of the digital key based on the configuration information carried in the digital key sharing information, so as to store the key or other information related to the digital key ( For example, permission information) is stored in the storage location, so that when the first device uses the digital key function to control the vehicle, the vehicle can read the relevant information of the digital key in the storage location according to the preset reading path.
  • the first public key of the first device may be generated by the first device after receiving the digital key sharing information sent by the second device. After receiving the digital key sharing information sent by the second device, the first device can generate an asymmetric key pair and use the public key in the key pair as the second public key.
  • FIG. 2 is a schematic flow chart of another key sharing method according to an embodiment of the present disclosure. As shown in Figure 2, the method also includes:
  • step S201 the signature information is stored in the trusted execution environment TEE and/or the secure element SE.
  • TEE Trusted execution environment
  • SE Secure Element
  • the first device in order to ensure the security of the digital key, after receiving the digital key sharing information sent by the second device, the first device can store the vehicle public key carried in the digital key sharing information in a trusted execution environment TEE and/or secure element SE. After receiving the signature information sent by the second device, the signature information can also be stored in the trusted execution environment TEE and/or the secure element SE. This prevents the first device from leaking relevant information of the digital key when it suffers from malicious attacks, and improves the security of the digital key.
  • FIG 3 is a schematic flow chart of yet another key sharing method according to an embodiment of the present disclosure. As shown in Figure 3, the method also includes:
  • step S301 the signature information is sent to the vehicle, so that the vehicle verifies the signature information according to the stored second public key of the second device to obtain the first device. the first public key.
  • the first device may store the vehicle public key of the vehicle contained therein.
  • the vehicle when the first device uses the digital key function to try to control the vehicle for the first time, the vehicle can read the signature information stored in the first device from the first device, and use the digital key function according to the signature information stored in the vehicle.
  • the second public key of the second device verifies the signature information.
  • the vehicle can determine that the information contained in the signature information is trustworthy, and the vehicle can store the first public key of the first device carried in the signature information, and can verify the signature based on the information.
  • the stored first public key authenticates the identity of the first device when receiving control requests sent by the first device this time and subsequently, and realizes the communication between the vehicle and the third device based on the stored first public key and its own vehicle private key. Secure information exchange between devices.
  • the vehicle can determine that the information contained in the signature information is unreliable, and the vehicle will not store the first public key of the first device carried in the signature information and ignore it. A control request sent by the first device. Furthermore, the vehicle can also send alarm information to the second device (ie, the user device held by the car owner) to prompt the second device that the digital key related information may be leaked.
  • the second device ie, the user device held by the car owner
  • Figure 4 is a schematic flow chart of a key sharing method according to an embodiment of the present disclosure.
  • the key method shown in this embodiment can be executed by a second device.
  • the second device can communicate with the first device.
  • the first device and the second device include but are not limited to mobile phones, tablet computers, wearable devices, and sensors. , Internet of Things equipment and other communication devices.
  • the key sharing method may include the following steps:
  • step S401 the digital key sharing information is sent to the first device through the first communication method, where the digital key sharing information includes the vehicle public key of the vehicle;
  • step S402 receive the first public key of the first device sent by the first device through the first communication method
  • step S403 sign the first public key according to the second private key of the second device to determine signature information
  • step S404 send the signature information to the first device through the first communication method
  • the first communication method includes a short-range wireless communication method; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  • sharing the digital key includes that the vehicle of the sharing party (second device) and the shared party (first device) can mutually confirm each other's identities, and that the vehicle and the first device can communicate securely.
  • asymmetric encryption technology when the first device and the vehicle each generate their own public and private key pairs, if they have the other party's public key, they can verify the other party's identity by verifying the signature of the other party's private key. ;
  • a key exchange algorithm such as the Diffie-Hellman algorithm, can be used to generate a session key using its own private key and the other party's public key to achieve secure communication between the vehicle and the first device. That is, as long as the first device and the vehicle each possess the other party's public key, it can be considered that a digital key has been generated.
  • the second device since the second device is a communication device held by the owner of the vehicle, the second device itself stores the digital key of the vehicle, that is, the second device stores the vehicle public key of the vehicle, and the vehicle stores the third The second public key of the second device allows the car owner to control the vehicle through the digital key.
  • the car owner when the car owner needs to unlock the door of the vehicle, he or she can send an unlocking request signed using the private key of the second device to the vehicle through the second device.
  • the vehicle After receiving the signed unlocking request, the vehicle can use the second public key of the second device stored in the vehicle to verify the signed unlocking request. Only when the signature verification is passed, the vehicle can determine that the unlocking request was sent by the second device. Since the vehicle stores the second public key of the second device, for the unlocking request signed with the private key of the second device, , so that the vehicle door can be unlocked according to the unlocking request.
  • the first communication method includes at least one of the following: NFC (Near Field Communication); Bluetooth BT (Bluetooth); Wireless Local Area Network (WLAN).
  • NFC Near Field Communication
  • Bluetooth BT Bluetooth
  • WLAN Wireless Local Area Network
  • NFC Near field communication
  • Bluetooth BT technology is an open global specification for wireless data communications. It is based on low-cost short-range wireless connections and establishes a special wireless connection for fixed and mobile device communication environments. Based on the use of near field communication technology or Bluetooth technology to share digital keys, the information transmitted in the process of sharing the digital key between the first device and the second device (such as digital key sharing information, first public key, signature information, etc.) can not go through other device forwarding, but can communicate directly between the first device and the second device, thereby realizing the digital key sharing process safely and conveniently.
  • digital key sharing information such as digital key sharing information, first public key, signature information, etc.
  • the first device and the second device When the first device and the second device are in the same wireless LAN WLAN environment, the first device and the second device can access the wireless LAN at the same time and communicate through the wireless LAN.
  • the second device held by the car owner needs to communicate with the first device held by other users to control the vehicle.
  • the digital key is shared with the first device.
  • communication between the first device and the second device mainly relies on the mobile network or the Internet. Even in a scenario where the car owner is face-to-face with other users, when the second device shares the digital key used to control the vehicle with the first device, it also needs to interact with the first device through the mobile network or the Internet to share the relevant information required for the digital key. For example, the vehicle public key of the vehicle, the first public key of the first device, etc.
  • the first device and the second device will not be able to exchange information in a timely manner. Even when the first device and the second device are waiting to receive data, they may fall into sleep due to a long waiting time, so that even if the data is received, the received data cannot be processed in time. As a result, car owners will be unable to share the vehicle's digital key with other users in a timely manner, making it impossible for other users to control the vehicle.
  • the second device can share information with the digital key sent to the first device through short-range wireless communication so that the first device obtains the vehicle's vehicle ID. public key, and receive the first public key of the first device sent by the first device according to the digital key sharing information.
  • the second device After receiving the first public key, the second device can use its second private key to sign the first public key, and send the signature information determined after signing to the first device through short-range wireless communication. So that when the first device uses the digital key function, the vehicle can determine the first public key of the first device based on the signature information stored in the first device, so that the first device and the vehicle can generate the first public key based on each other's public key. Digital key between the first device and the vehicle.
  • first device and the second device in this embodiment communicate through short-range wireless communication. Therefore, when the first device and the second device share the key, they can avoid problems such as slow information transmission due to network delays in the mobile network or the Internet, or even inability to transmit information due to server failures on the Internet, improving the efficiency of the key sharing process. Efficiency and success rate of key sharing.
  • the first public key of the first device may be generated by the first device after receiving the digital key sharing information sent by the second device. After receiving the digital key sharing information sent by the second device, the first device can generate an asymmetric key pair and use the public key in the key pair as the second public key.
  • FIG. 5 is a schematic flow chart of another key sharing method according to an embodiment of the present disclosure. As shown in Figure 5, signing the first public key according to the second private key of the second device to determine signature information includes:
  • step S501 determine configuration information and/or permission information for the second device
  • step S502 the first public key, the configuration information and/or the permission information are signed according to the second private key of the second device to determine signature information.
  • the digital key sharing information also includes permission information and/or configuration information.
  • the permission information may include function permission information and usage period information.
  • functional permissions such as door unlocking permissions, engine starting permissions, etc.
  • they can grant different digital key validity periods to different users as needed.
  • the second device can determine the permission information for the first device, and carry the function permission information and usage period information in the digital key sharing information and send it to the first device.
  • the first device determines the control operations it can perform on the vehicle based on the function permission information carried in the digital key sharing information, and the first device can determine the control operations it can perform on the vehicle according to the function permission information carried in the digital key sharing information.
  • the usage period information carried in the digital key sharing information determines the validity period of the key shared by the second device. When the usage period of the own digital key reaches the validity period set by the car owner, it will automatically expire.
  • the configuration information may include storage location information.
  • the second device may determine the configuration information for the first device, and carry the configuration information in the digital key sharing information and send it to the first device. So that after receiving the digital key sharing information sent by the second device, the first device can determine the storage location of the digital key according to the configuration information carried in the digital key sharing information, so as to store the key or other key related to the digital key.
  • Information (such as permission information) is stored in the storage location, so that when the first device uses the digital key function to control the vehicle, the vehicle can read the relevant information of the digital key in the storage location according to the preset reading path.
  • the second device may use the determined second private key to sign the first public key.
  • the configuration information and permission information of the first device are signed together with the first public key of the first device.
  • the vehicle obtains the signature information from the first device and uses the second public key of the second device to verify the signature information, in addition to obtaining the first public key of the first device, it can also obtain the signature determined by the second device.
  • the configuration information and permission information of the first device prevent the first device from privately changing the configuration information and permission information of the digital key.
  • Figure 6 is a schematic flow chart of yet another key sharing method according to an embodiment of the present disclosure.
  • the first communication method includes near field communication NFC, and the method further includes:
  • step S601 the card reading mode of the NFC module is started according to the user's triggering action on the key sharing button in the preset application interface.
  • the second device can automatically start the card reading mode of the NFC module in the second device to initiate reading and writing.
  • the first device can automatically start the card emulation mode of the NFC module in the first device after detecting the user's triggering action on the key sharing button in the preset application interface of the first device, or after detecting the information sent by the second device.
  • the second device can automatically turn on the Bluetooth function and search for other nearby devices. Furthermore, since in actual applications, car owners usually only lend their vehicles to close friends or family members, the second device can automatically give priority to the second device after activating the Bluetooth function to search for other nearby devices. Other devices that have been connected before establish a connection and prompt the user whether to share the key with the connected device to improve the efficiency of key sharing.
  • users usually control the vehicle through a device that is easy to carry and has a digital key function, such as a mobile phone or a tablet. Therefore, when the first communication method used by the first device and the second device is Bluetooth, after the second device activates the Bluetooth function to search for other nearby devices, it can perform the device type of the searched other devices. Filter, prioritize the establishment of connections with devices whose device type is a mobile phone or tablet, and prompt the user whether to share keys with connected devices to improve the efficiency of key sharing.
  • a device that is easy to carry and has a digital key function such as a mobile phone or a tablet. Therefore, when the first communication method used by the first device and the second device is Bluetooth, after the second device activates the Bluetooth function to search for other nearby devices, it can perform the device type of the searched other devices. Filter, prioritize the establishment of connections with devices whose device type is a mobile phone or tablet, and prompt the user whether to share keys with connected devices to improve the efficiency of key sharing.
  • the present disclosure also provides embodiments of a key sharing device.
  • Figure 7 is a schematic flow chart of a key sharing device according to an embodiment of the present disclosure.
  • the key device shown in this embodiment can be executed by a first device, and the first device can communicate with a second device.
  • the first device and the second device include but are not limited to mobile phones, tablet computers, wearable devices, and sensors. , Internet of Things equipment and other communication devices.
  • the key sharing device may include:
  • the communication module 701 is configured to receive the digital key sharing information sent by the second device through the first communication method, wherein the digital key sharing information includes the vehicle public key of the vehicle; and transmit the first public key of the first device through The first communication method is sent to the second device; and the signature information sent by the second device through the first communication method is received, wherein the signature information is sent by the second device through the second device
  • the second private key signs the first public key; wherein the first communication method includes a short-range wireless communication method; the vehicle public key and the first public key are used for the vehicle and The first device generates a digital key.
  • the first communication method includes at least one of the following: near field communication (NFC); Bluetooth (BT); wireless local area network (WLAN).
  • NFC near field communication
  • BT Bluetooth
  • WLAN wireless local area network
  • the digital key sharing information also includes configuration information and/or permission information.
  • the apparatus further includes: a storage module 702 configured to store the signature information in a trusted execution environment TEE and/or a secure element SE.
  • the communication module is further configured to: send the signature information to the vehicle, so that the vehicle performs signature processing on the signature information according to the stored second public key of the second device. Verify the signature to obtain the first public key of the first device.
  • Figure 8 is a schematic flow chart of a key sharing device according to an embodiment of the present disclosure.
  • the key device shown in this embodiment can be executed by a second device, and the second device can communicate with the first device.
  • the first device and the second device include but are not limited to mobile phones, tablet computers, wearable devices, and sensors. , Internet of Things equipment and other communication devices.
  • the key sharing device may include:
  • the communication module 801 is configured to send the digital key sharing information to the first device through the first communication method, wherein the digital key sharing information includes the vehicle public key of the vehicle; receive the first device through the first communication The first public key of the first device sent by means;
  • the processing module 802 is configured to sign the first public key according to the second private key of the second device to determine signature information
  • the communication module is further configured to send the signature information to the first device through the first communication method; wherein the first communication method includes a short-range wireless communication method; the vehicle public key and The first public key is used to generate a digital key for the vehicle and the first device.
  • the first communication method includes at least one of the following: near field communication (NFC); Bluetooth (BT); wireless local area network (WLAN).
  • NFC near field communication
  • BT Bluetooth
  • WLAN wireless local area network
  • the digital key sharing information also includes configuration information and/or permission information.
  • the processing module is configured to: determine configuration information and/or permission information for the second device; pair the first public key, the The above configuration information and/or permission information are signed to determine the signature information.
  • the first communication method includes near field communication (NFC), and the processing module is further configured to: activate the card reading mode of the NFC module according to the user's triggering action on the key sharing button in the preset application interface. .
  • NFC near field communication
  • the device embodiment since it basically corresponds to the method embodiment, please refer to the partial description of the method embodiment for relevant details.
  • the device embodiments described above are only illustrative.
  • the modules described as separate components may or may not be physically separated.
  • the components shown as modules may or may not be physical modules, that is, they may be located in One place, or it can be distributed to multiple network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this embodiment. Persons of ordinary skill in the art can understand and implement the method without any creative effort.
  • An embodiment of the present disclosure also provides a terminal, including: a processor; and a memory for storing a computer program; wherein, when the computer program is executed by the processor, the key sharing method described in any of the above embodiments is implemented.
  • Embodiments of the present disclosure also provide a computer-readable storage medium for storing a computer program.
  • the computer program is executed by a processor, the steps in the key sharing method described in any of the above embodiments are implemented.
  • Figure 9 is a schematic block diagram of a terminal 900 according to an embodiment of the present disclosure.
  • the terminal 900 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, a fitness device, a personal digital assistant, or the like.
  • the terminal 900 may include one or more of the following components: a processing component 902, a memory 904, a power supply component 906, a multimedia component 908, an audio component 910, an input/output (I/O) interface 912, a sensor component 914, and Communication component 916.
  • Processing component 902 generally controls the overall operations of terminal 900, such as operations associated with display, phone calls, data communications, camera operations, and recording operations.
  • the processing component 902 may include one or more processors 920 to execute instructions to complete all or part of the steps of the above key sharing method.
  • processing component 902 may include one or more modules that facilitate interaction between processing component 902 and other components.
  • processing component 902 may include a multimedia module to facilitate interaction between multimedia component 908 and processing component 902.
  • Memory 904 is configured to store various types of data to support operations at terminal 900. Examples of such data include instructions for any application or method operating on the terminal 900, contact data, phonebook data, messages, pictures, videos, etc.
  • Memory 904 may be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EEPROM), Programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read-only memory
  • EEPROM erasable programmable read-only memory
  • EPROM Programmable read-only memory
  • PROM programmable read-only memory
  • ROM read-only memory
  • magnetic memory flash memory, magnetic or optical disk.
  • Power supply component 906 provides power to various components of terminal 900.
  • Power component 906 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to terminal 900.
  • Multimedia component 908 includes a screen that provides an output interface between the terminal 900 and the user.
  • the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from the user.
  • the touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide action.
  • multimedia component 908 includes a front-facing camera and/or a rear-facing camera.
  • the front camera and/or the rear camera may receive external multimedia data.
  • Each front-facing camera and rear-facing camera can be a fixed optical lens system or have a focal length and optical zoom capabilities.
  • Audio component 910 is configured to output and/or input audio signals.
  • the audio component 910 includes a microphone (MIC) configured to receive external audio signals when the terminal 900 is in an operating mode, such as a call mode, a recording mode, and a voice recognition mode.
  • the received audio signals may be further stored in memory 904 or sent via communications component 916 .
  • audio component 910 also includes a speaker for outputting audio signals.
  • the I/O interface 912 provides an interface between the processing component 902 and a peripheral interface module, which may be a keyboard, a click wheel, a button, etc. These buttons may include, but are not limited to: Home button, Volume buttons, Start button, and Lock button.
  • Sensor component 914 includes one or more sensors for providing various aspects of status assessment for terminal 900 .
  • the sensor component 914 can detect the open/closed state of the terminal 900 and the relative positioning of components, such as the display and keypad of the terminal 900.
  • the sensor component 914 can also detect the position change of the terminal 900 or a component of the terminal 900. , the presence or absence of user contact with the terminal 900 , the orientation or acceleration/deceleration of the terminal 900 and the temperature change of the terminal 900 .
  • Sensor assembly 914 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact.
  • Sensor assembly 914 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications.
  • the sensor component 914 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
  • the communication component 916 is configured to facilitate wired or wireless communication between the terminal 900 and other devices.
  • the terminal 900 can access a wireless network based on communication standards, such as WiFi, 2G, 3G, 4G LTE, 5G NR or a combination thereof.
  • the communication component 916 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel.
  • the communications component 916 also includes a near field communications (NFC) module to facilitate short-range communications.
  • the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology and other technologies.
  • RFID radio frequency identification
  • IrDA infrared data association
  • UWB ultra-wideband
  • Bluetooth Bluetooth
  • the terminal 900 may be configured by one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable Gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are implemented for executing the above key sharing method.
  • ASICs application specific integrated circuits
  • DSPs digital signal processors
  • DSPDs digital signal processing devices
  • PLDs programmable logic devices
  • FPGA field programmable Gate array
  • controller microcontroller, microprocessor or other electronic components are implemented for executing the above key sharing method.
  • a non-transitory computer-readable storage medium including instructions such as a memory 904 including instructions, which can be executed by the processor 920 of the terminal 900 to complete the above key sharing method is also provided.
  • the non-transitory computer-readable storage medium may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)

Abstract

La présente divulgation concerne des procédés de partage de clé, un appareil de procédé de partage de clé, un terminal et un support de stockage lisible par ordinateur. Un procédé de partage de clé consiste à : recevoir des informations de partage de clé numérique envoyées par un second dispositif dans un premier mode de communication, les informations de partage de clé numérique comprenant une clé publique d'un véhicule ; envoyer au second dispositif une première clé publique d'un premier dispositif dans le premier mode de communication ; et recevoir des informations de signature envoyées par le second dispositif dans le premier mode de communication, le premier mode de communication comprenant un mode de communication sans fil à courte portée, et la clé publique de véhicule et la première clé publique étant utilisées pour que le véhicule et le premier dispositif génèrent une clé numérique. La présente divulgation permet d'éviter la lenteur de la transmission d'informations provoquée par un retard de réseau d'un réseau mobile ou d'Internet, ce qui permet d'améliorer l'efficacité et le taux de réussite du partage de clé.
PCT/CN2022/115093 2022-08-26 2022-08-26 Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur WO2024040564A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2022/115093 WO2024040564A1 (fr) 2022-08-26 2022-08-26 Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur
CN202280003138.XA CN117941316A (zh) 2022-08-26 2022-08-26 钥匙分享方法和装置、终端和计算机可读存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2022/115093 WO2024040564A1 (fr) 2022-08-26 2022-08-26 Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur

Publications (1)

Publication Number Publication Date
WO2024040564A1 true WO2024040564A1 (fr) 2024-02-29

Family

ID=90012089

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/115093 WO2024040564A1 (fr) 2022-08-26 2022-08-26 Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN117941316A (fr)
WO (1) WO2024040564A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180357846A1 (en) * 2017-06-12 2018-12-13 Ivtes Ltd. Intelligent vehicular electronic key system
CN111179470A (zh) * 2018-10-24 2020-05-19 宝马股份公司 一种虚拟钥匙共享方法、装置、设备、系统及存储介质
CN112669491A (zh) * 2020-12-16 2021-04-16 广州橙行智动汽车科技有限公司 一种车辆数字钥匙分配管理方法和装置
CN114697898A (zh) * 2020-12-14 2022-07-01 中国移动通信有限公司研究院 数字车钥匙处理方法、共享方法、装置、sim卡及车辆
CN114764956A (zh) * 2021-01-04 2022-07-19 中国移动通信有限公司研究院 车辆的控制方法、装置及可读存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180357846A1 (en) * 2017-06-12 2018-12-13 Ivtes Ltd. Intelligent vehicular electronic key system
CN111179470A (zh) * 2018-10-24 2020-05-19 宝马股份公司 一种虚拟钥匙共享方法、装置、设备、系统及存储介质
CN114697898A (zh) * 2020-12-14 2022-07-01 中国移动通信有限公司研究院 数字车钥匙处理方法、共享方法、装置、sim卡及车辆
CN112669491A (zh) * 2020-12-16 2021-04-16 广州橙行智动汽车科技有限公司 一种车辆数字钥匙分配管理方法和装置
CN114764956A (zh) * 2021-01-04 2022-07-19 中国移动通信有限公司研究院 车辆的控制方法、装置及可读存储介质

Also Published As

Publication number Publication date
CN117941316A (zh) 2024-04-26

Similar Documents

Publication Publication Date Title
EP3657370B1 (fr) Procédés et dispositifs pour l'authentification d'une carte intelligente
RU2611968C1 (ru) Способ, устройство и система для аутентификации доступа
KR101693130B1 (ko) 정보 인터랙션 방법 및 디바이스
WO2020143414A1 (fr) Procédé, dispositif, équipement et système d'accès à un réseau sans fil
KR102044113B1 (ko) 스마트 카메라에 액세스하는 방법 및 장치
US10608988B2 (en) Method and apparatus for bluetooth-based identity recognition
US20170063824A1 (en) Method and device for determining control authority on user device
RU2628478C2 (ru) Способ и устройство для доступа к сети
WO2017177571A1 (fr) Procédé, dispositif et système permettant d'exécuter un traitement de service
JP6321193B2 (ja) 設備制御方法及び装置
WO2019028746A1 (fr) Procédé et dispositif d'accès de véhicule aérien sans pilote
KR20160030471A (ko) 데이터를 백업하기 위한 방법 및 디바이스
KR20170121040A (ko) 온라인 결제 방법, 장치, 프로그램 및 기록매체
WO2018049609A1 (fr) Procédé et dispositif de contrôle d'autorisation
WO2018027335A1 (fr) Procédé de mise en veille, procédé de déverrouillage de terminal, procédé et système de communication
WO2024040564A1 (fr) Procédés et appareil de partage de clé, terminal et support de stockage lisible par ordinateur
US9674768B2 (en) Method and device for accessing wireless network
US11818583B2 (en) Method and device for unlocking communication, and computer storage medium
WO2024031730A1 (fr) Procédé et appareil de révocation d'autorisation et support de stockage
WO2023240575A1 (fr) Procédés de communication par relais, appareil de communication, et dispositif de communication
WO2023245356A1 (fr) Procédé et appareil de charge pour un dispositif électronique, et dispositif électronique et support de stockage
WO2023240506A1 (fr) Procédé et appareil de traitement de demandes, serveur et support de stockage
WO2024036458A1 (fr) Procédé et appareil d'enregistrement, et support de stockage
WO2024031731A1 (fr) Procédé et appareil d'appel d'interface de programmation d'application (api), et support de stockage
WO2023071733A1 (fr) Procédé de commande de dispositif et dispositif associé

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 202280003138.X

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22956110

Country of ref document: EP

Kind code of ref document: A1