[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN106657021B - Vehicle message authentication method and device in Internet of vehicles - Google Patents

Vehicle message authentication method and device in Internet of vehicles Download PDF

Info

Publication number
CN106657021B
CN106657021B CN201611050939.4A CN201611050939A CN106657021B CN 106657021 B CN106657021 B CN 106657021B CN 201611050939 A CN201611050939 A CN 201611050939A CN 106657021 B CN106657021 B CN 106657021B
Authority
CN
China
Prior art keywords
message
temporary key
vehicle
timestamp
vehicle terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611050939.4A
Other languages
Chinese (zh)
Other versions
CN106657021A (en
Inventor
阚志刚
卢佐华
彭建芬
陈彪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Bangcle Technology Co ltd
Original Assignee
Beijing Bangcle Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Bangcle Technology Co ltd filed Critical Beijing Bangcle Technology Co ltd
Priority to CN201611050939.4A priority Critical patent/CN106657021B/en
Publication of CN106657021A publication Critical patent/CN106657021A/en
Application granted granted Critical
Publication of CN106657021B publication Critical patent/CN106657021B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Traffic Control Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application discloses a vehicle message authentication method and device in the Internet of vehicles. The method comprises the following steps: receiving an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the Internet of vehicles, wherein the encrypted vehicle message is the vehicle message encrypted by the temporary key, the temporary key is requested to be issued to an authentication center by the message sending vehicle terminal when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key; transmitting the received temporary key and timestamp to the authentication center; and in response to receiving an authentication pass message from the authentication center, decrypting the encrypted vehicle message with the received temporary key to obtain the vehicle message. The method and the device can perform safety authentication on the identity of the sender of the message, and can not threaten the privacy of the vehicle users in the Internet of vehicles.

Description

Vehicle message authentication method and device in Internet of vehicles
Technical Field
The present disclosure relates generally to the field of computer technologies, and in particular, to the field of network information security, and in particular, to a method and an apparatus for vehicle message authentication in an internet of vehicles.
Background
The vehicle networking is a vehicle mobile ad hoc network formed by arranging vehicle-mounted units (OBUs) capable of communicating wirelessly on vehicles and laying network infrastructures (RSUs) on two sides of a road to realize cooperative communication between vehicles and between the vehicles and the infrastructures, and achieves the purposes of improving traffic safety, optimizing traffic efficiency and facilitating traffic management. Vehicles in the internet of vehicles continue to configure themselves without the involvement of the network infrastructure. The vehicle-mounted unit broadcasts beacon information such as road traffic correlation, vehicle self condition and the like to the network every 100-300 milliseconds, wherein the beacon information comprises the current position, speed, traffic state and the like of the vehicle.
Since some malicious users registered in non-internet of vehicles may masquerade as vehicle-mounted units sending vehicle messages normally, false traffic messages are scattered in the internet of vehicles, and the information security of the internet of vehicles is greatly threatened.
Therefore, there is a need for a security authentication scheme that enables each on-board unit or network infrastructure at the roadside to securely authenticate the identity of the message itself and the sender of the message when the message is received, and which also provides privacy protection features. The privacy of the vehicle user is effectively protected from being seen.
Disclosure of Invention
In view of the above-mentioned deficiencies or inadequacies in the prior art, it would be desirable to provide a technique that enables secure authentication of the identity of the sender of a message without compromising the privacy of the vehicle users of the internet of vehicles.
In a first aspect, an embodiment of the present application provides a method for authenticating a vehicle message in a vehicle networking system at a message receiving vehicle terminal side, where the method includes: receiving an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the Internet of vehicles, wherein the encrypted vehicle message is the vehicle message encrypted by the temporary key, the temporary key is requested to be issued to an authentication center by the message sending vehicle terminal when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key; transmitting the received temporary key and timestamp to the authentication center; and in response to receiving an authentication pass message from the authentication center, decrypting the encrypted vehicle message with the received temporary key to obtain the vehicle message.
In a second aspect, an embodiment of the present application provides a vehicle message authentication method in an internet of vehicles on a certificate authority side, where the method includes: receiving a temporary key to be verified and a timestamp from a message receiving vehicle terminal, wherein the temporary key to be verified and the timestamp are the temporary key and the timestamp which are received by the message receiving vehicle terminal and accompany with an encrypted vehicle message; comparing the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and if the received temporary key and the timestamp exist in the corresponding record, sending an authentication passing message to the message receiving vehicle terminal.
In a third aspect, an embodiment of the present application provides a method for authenticating a vehicle message in an internet of vehicles at a message sending vehicle terminal side, where the method includes: sending a temporary key request to the authentication center; receiving an issued temporary key and a timestamp from a certification center, the timestamp indicating a time at which the temporary key was issued; encrypting the vehicle message with the temporary key; and sending the encrypted vehicle message.
In a fourth aspect, an embodiment of the present application provides a vehicle message authentication apparatus in a vehicle networking on a message receiving vehicle terminal side, where the apparatus includes: a first receiving unit, configured to receive an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the internet of vehicles, wherein the encrypted vehicle message is a vehicle message encrypted by the temporary key, the temporary key is requested to be issued by the message sending vehicle terminal to an authentication center when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key; a first transmitting unit configured to transmit the received temporary key and the timestamp to the authentication center; and a decryption unit configured to decrypt the encrypted vehicle message with the received temporary key to obtain the vehicle message in response to receiving an authentication pass message from the authentication center.
In a fifth aspect, an embodiment of the present application provides a vehicle message authentication device in an internet of vehicles on an authentication center side, where the device includes: a second receiving unit configured to receive a temporary key to be authenticated and a time stamp from the message reception vehicle terminal, the temporary key to be authenticated and the time stamp being a temporary key and a time stamp accompanying an encrypted vehicle message received by the message reception vehicle terminal; the comparison unit is configured to compare the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and a second transmitting unit configured to transmit an authentication pass message to the message receiving vehicle terminal if the received temporary key and the timestamp exist in the correspondence record.
In a sixth aspect, an embodiment of the present application provides an apparatus for authenticating a vehicle message in a vehicle networking system on a message sending vehicle terminal side, where the apparatus includes: a fourth sending unit configured to send a temporary key request to the authentication center; a fifth receiving unit configured to receive the issued temporary key and a time stamp from the authentication center, the time stamp indicating a time at which the temporary key was issued; an encryption unit configured to encrypt the vehicle message with the temporary key; and a fifth transmitting unit configured to transmit the encrypted vehicle message.
In a seventh aspect, an embodiment of the present application provides an apparatus, including a processor, a memory, and a display; the memory includes instructions executable by the processor to cause the processor to perform: receiving an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the Internet of vehicles, wherein the encrypted vehicle message is the vehicle message encrypted by the temporary key, the temporary key is requested to be issued to an authentication center by the message sending vehicle terminal when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key; transmitting the received temporary key and timestamp to the authentication center; and in response to receiving an authentication pass message from the authentication center, decrypting the encrypted vehicle message with the received temporary key to obtain the vehicle message.
In an eighth aspect, an embodiment of the present application provides an apparatus, including a processor, a memory, and a display; the memory includes instructions executable by the processor to cause the processor to perform: receiving a temporary key to be verified and a timestamp from a message receiving vehicle terminal, wherein the temporary key to be verified and the timestamp are the temporary key and the timestamp which are received by the message receiving vehicle terminal and accompany with an encrypted vehicle message; comparing the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and if the received temporary key and the timestamp exist in the corresponding record, sending an authentication passing message to the message receiving vehicle terminal.
In a ninth aspect, an embodiment of the present application provides an apparatus, including a processor, a memory, and a display; the memory includes instructions executable by the processor to cause the processor to perform: sending a temporary key request to the authentication center; receiving an issued temporary key and a timestamp from a certification center, the timestamp indicating a time at which the temporary key was issued; encrypting the vehicle message with the temporary key; and sending the encrypted vehicle message.
In the embodiment of the application, the message sending vehicle terminal wants to send the vehicle message, and firstly sends a request to the authentication center, wherein the request is provided with the terminal identification of the message sending vehicle terminal. If the message sending vehicle is judged to be the vehicle registered in the Internet of vehicles through the terminal identification, a temporary key and a time stamp are issued to the message sending vehicle. The message sending vehicle terminal encrypts the vehicle message with the temporary key and sends the encrypted vehicle message, the temporary key, and the timestamp together. Because the vehicle message is encrypted by the temporary secret key without the real identity of the message sending vehicle, the message receiving vehicle terminal cannot know who the sender is, and the privacy of the vehicle networking user is protected to a great extent. And after the message receiving vehicle terminal receives the message, the received temporary secret key and the timestamp are sent to the authentication center for authentication. If the lawless person pretends to be a vehicle-mounted unit sending vehicle messages normally, the vehicle-mounted unit distributes false traffic messages in the internet of vehicles, and the authentication center does not issue a temporary key and a timestamp to the vehicle-mounted unit because the vehicle-mounted unit is not a registered user in the internet of vehicles. Therefore, when the message receiving vehicle terminal sends the temporary key and the timestamp to the authentication center for authentication, the authentication fails, so that the identity of the message sender is safely authenticated, and lawless persons are prevented from spreading false traffic messages in the internet of vehicles.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 illustrates an exemplary system architecture in which embodiments of the present application may be applied;
FIG. 2 illustrates an exemplary flow chart of a method for vehicle message authentication in a vehicle networking on a message receiving vehicle terminal side according to one embodiment of the present application;
FIG. 3 illustrates an exemplary flow chart of a method for vehicle message authentication in a vehicle networking at a certificate authority side according to one embodiment of the present application;
FIG. 4 illustrates an exemplary flow chart of a method for vehicle message authentication in a vehicle networking on a messaging vehicle terminal side according to one embodiment of the present application;
FIG. 5 shows an exemplary block diagram of a vehicle message authentication device in a vehicle networking on a message receiving vehicle terminal side according to one embodiment of the present application;
fig. 6 shows an exemplary block diagram of a vehicle message authentication apparatus in a vehicle networking of an authentication center side according to an embodiment of the present application;
FIG. 7 shows an exemplary block diagram of a vehicle message authentication device in a vehicle networking on a messaging vehicle terminal side, according to one embodiment of the present application;
FIG. 8 illustrates a schematic block diagram of a computer system suitable for use in implementing a message receiving vehicle terminal according to an embodiment of the present application.
FIG. 9 illustrates a schematic diagram of a computer system suitable for use in implementing a certificate authority according to embodiments of the present application.
FIG. 10 illustrates a schematic block diagram of a computer system suitable for use in implementing a messaging vehicle terminal according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Reference is made to fig. 1, which illustrates an exemplary system architecture to which embodiments of the present application may be applied.
As shown in fig. 1, the system architecture may include a message sending vehicle terminal 102, an authentication center 101, and a message receiving vehicle terminal 103. The message sending vehicle terminal 102 refers to a terminal sending a vehicle message in the internet of vehicles, and generally refers to an On Board Unit (OBU) sending the vehicle message. The message receiving vehicle terminal 103 refers to a terminal in the internet of vehicles that receives a vehicle message, such as an on-board unit (OBU) and a network infrastructure (RSU) that receive the vehicle message. Generally, when a vehicle-mounted unit (OBU) serving as the message transmitting vehicle terminal 102 broadcasts beacon information such as road traffic and the vehicle's own condition, all of the vehicle-mounted units (OBUs) and network infrastructures (RSUs) in the vehicle are the message receiving vehicle terminals 103. The authentication center 101 refers to a center for securely authenticating the identity of a sender of a vehicle message in the internet of vehicles, and prevents a lawbreaker who is not a user registered in the internet of vehicles from spreading false traffic messages in the internet of vehicles.
The message sending vehicle terminal 102 and the message receiving vehicle terminal 103 may generally be in the form of vehicle-mounted terminals, or may be in the form of mobile terminals carried by users. The authentication center 101 may comprise one or more servers in communication with each other.
As mentioned in the background, the information security of the internet of vehicles is greatly threatened because some malicious users registered in non-internet of vehicles may masquerade as vehicle-mounted units that normally send vehicle messages, spreading false traffic messages in the internet of vehicles. Therefore, there is a need for a security authentication scheme that enables each on-board unit or network infrastructure at the roadside to securely authenticate the identity of the message itself and the sender of the message when the message is received, and which also provides privacy protection features. The privacy of the vehicle user is effectively protected from being seen.
In the embodiment of the application, the message sending vehicle terminal wants to send the vehicle message, and firstly sends a request to the authentication center, wherein the request is provided with the terminal identification of the message sending vehicle terminal. If the message sending vehicle is judged to be a vehicle registered in the Internet of vehicles through the terminal identification, a temporary key and a time stamp are issued to the message sending vehicle. The message sending vehicle terminal encrypts the vehicle message with the temporary key and sends the encrypted vehicle message, the temporary key, and the timestamp together. Because the vehicle message is encrypted by the temporary secret key without the real identity of the message sending vehicle, the message receiving vehicle terminal cannot know who the sender is, and the privacy of the vehicle networking user is protected to a great extent. And after the message receiving vehicle terminal receives the message, the received temporary secret key and the timestamp are sent to the authentication center for authentication. If the lawless person pretends to be a vehicle-mounted unit sending vehicle messages normally, the vehicle-mounted unit distributes false traffic messages in the internet of vehicles, and the authentication center does not issue a temporary key and a timestamp to the vehicle-mounted unit because the vehicle-mounted unit is not a registered user in the internet of vehicles. Therefore, when the message receiving vehicle terminal sends the temporary key and the timestamp to the authentication center for authentication, the authentication fails, so that the identity of the message sender is safely authenticated, and lawless persons are prevented from spreading false traffic messages in the internet of vehicles.
Referring to fig. 2, an exemplary flow chart of a vehicle message authentication method in a vehicle networking according to one embodiment of the present application is shown. The method shown in fig. 2 may be performed at the message receiving vehicle terminal 103 in fig. 1.
As shown in fig. 2, in step 210, an encrypted vehicle message, a temporary key, and a timestamp are received from a messaging vehicle terminal in the internet of vehicles.
The encrypted vehicle message is a vehicle message encrypted with the temporary key. And the temporary key is requested to be issued to the authentication center by the message sending vehicle terminal when the vehicle message needs to be sent. The timestamp represents the time at which the temporary key was issued. The vehicle message refers to information related to road traffic (such as traffic condition information) and beacon information such as the vehicle's own condition (such as the current position and speed of the vehicle) transmitted by the vehicle-mounted unit.
When a message sending vehicle terminal wants to send a vehicle message, a request with its own terminal identification is first sent to the authentication center. The identification of the vehicle terminal is such as the license plate number of the vehicle. When the vehicle terminal is registered to the Internet of vehicles, the identification of the vehicle terminal is registered to the authentication center. The authentication center stores the identifications of all vehicle terminals registered to the Internet of vehicles. And after receiving the request, the authentication center compares the terminal identification carried in the request with the terminal identification stored in the authentication center. And if the terminal identifier carried in the request is in the terminal identifiers stored in the authentication center, generating a temporary key for the message sending vehicle terminal, and sending the temporary key and the timestamp to the message sending vehicle terminal. The timestamp indicates the time at which the temporary key was issued. The message sending vehicle terminal encrypts the vehicle message with the temporary key. The encryption may employ a known encryption method. Then, the message sending vehicle terminal sends the encrypted vehicle message, the temporary key, and the time stamp together to the message receiving vehicle terminal. Because the vehicle message is encrypted by the temporary secret key without the real identity of the vehicle sending the message, compared with the scheme that the vehicle message is encrypted by the real terminal identification and sent together with the terminal identification, the message receiving vehicle terminal cannot know who the sender is, and the privacy of the vehicle networking user is protected to the great extent.
In step 220, the received temporary key and timestamp are sent to the authentication center.
After transmitting the temporary key and the timestamp to the message transmitting vehicle terminal, the authentication center records the issued temporary key and timestamp in a corresponding manner. Thus, when the authentication center receives the temporary key and the time stamp transmitted from the message reception vehicle terminal, it looks up whether the temporary key received from the message reception vehicle terminal is issued at the time in the time stamp received from the message reception vehicle terminal in correspondence with the record from the time stamp received from the message reception vehicle terminal to the issued temporary key and time stamp. If so, the authentication is passed. If not, the authentication center does not issue such a temporary key at the time in the timestamp received from the message receiving vehicle terminal, and it is likely that the vehicle-mounted unit disguised as a normal vehicle message by a lawless person spreads false traffic messages in the internet of vehicles, and the authentication fails. Therefore, the safety certification of the identity of the message sender is realized, and lawless persons are prevented from spreading false traffic messages in the Internet of vehicles.
In step 230, in response to receiving an authentication pass message from the authentication center, the encrypted vehicle message is decrypted with the received temporary key to obtain the vehicle message.
And when the authentication of the authentication center passes, the authentication center sends an authentication passing message to the message receiving vehicle terminal. When the authentication of the authentication center fails, the authentication center sends an authentication failure message to the message receiving vehicle terminal.
When the message receiving vehicle terminal receives the authentication passing message from the authentication center, the identity of the sender of the message is considered to have no problem, and the encrypted vehicle message can be decrypted by using the received temporary secret key to obtain the vehicle message. The decryption method herein may adopt a known decryption method, but corresponds to the encryption method described above.
In one embodiment, the method further comprises: in response to receiving an authentication failure message from the authentication center, the received encrypted vehicle message (not shown) is discarded.
When the message receiving vehicle terminal receives the authentication failure message from the authentication center, the identity of the sender of the message is considered to be in problem, and it is likely that lawless persons pretend to be vehicle-mounted units which normally send vehicle messages disseminate false traffic messages in the internet of vehicles. At this point, the encrypted vehicle message cannot be decrypted using the received temporary key, since the decrypted message is likely to be a false message, and the received encrypted vehicle message is discarded. Optionally, the received temporary key and timestamp are also discarded.
In one embodiment, the method further comprises, after step 210, determining a difference (not shown) between the timestamp and the current time. Further step 220 is only performed if the difference is smaller than a predetermined threshold. Optionally, in case the difference is not less than a predetermined threshold, discarding the encrypted vehicle message.
The benefit of determining the difference between the timestamp and the current time and performing a preliminary screening based on the difference is that if the difference between the timestamp and the current time is too large, one may be that the on-board unit disguised by a lawless person as a normal outgoing vehicle message spreads a false traffic message in the internet of vehicles, and another may be that it takes a long time to reach the message receiving vehicle terminal due to the slow speed of the wireless network, etc. Since the vehicle messages in the car networking are information related to road traffic (such as traffic condition information) and beacon information such as the self condition of the vehicle (such as the current position, speed and the like of the vehicle), the real-time property is generally achieved. It has not been practical to resolve the vehicle message too long. Therefore, the preliminary screening can filter some encrypted vehicle messages which are obviously meaningless in time in advance, so that the processing of the authentication center and the message receiving vehicle terminal is saved, and the processing efficiency is improved.
Referring to fig. 3, an exemplary flow chart of a vehicle message authentication method in a vehicle networking according to one embodiment of the present application is shown. The method illustrated in fig. 3 may be performed at the authentication center 101 in fig. 1.
As shown in fig. 3, in step 310, a temporary key to be authenticated and a time stamp from a message reception vehicle terminal are received.
The temporary key and the timestamp to be verified are the temporary key and the timestamp which are received by the message receiving vehicle terminal and accompany the encrypted vehicle message. The encrypted vehicle message is a vehicle message encrypted with the temporary key. And the temporary key is requested to be issued to the authentication center by the message sending vehicle terminal when the vehicle message needs to be sent. The timestamp represents the time at which the temporary key was issued. The vehicle message refers to information related to road traffic (such as traffic condition information) and beacon information such as the vehicle's own condition (such as the current position, speed, etc. of the vehicle) transmitted by the message transmitting vehicle terminal.
In practice, before step 310, the method further comprises: receiving a temporary key request from a message sending vehicle terminal in the Internet of vehicles; issuing a temporary key and a timestamp to the message sending vehicle terminal, the timestamp indicating a time at which the temporary key was issued; the issued temporary key is recorded in correspondence with the time stamp (not shown).
When a message sending vehicle terminal wants to send a vehicle message, a temporary key request is first sent to a certificate authority. Typically, the temporary key request contains an identification of the terminal of the messaging vehicle. The identification of the vehicle terminal is such as the license plate number of the vehicle. When the vehicle terminal is registered to the Internet of vehicles, the identification of the vehicle terminal is registered to the authentication center. The authentication center stores the identifications of all vehicle terminals registered to the Internet of vehicles. And after receiving the temporary key request, the authentication center compares the terminal identification carried in the temporary key request with the terminal identification stored in the authentication center. And if the terminal identification carried in the request exists in the terminal identification stored in the authentication center, generating a temporary key for the message sending vehicle terminal, and sending the temporary key and the timestamp to the message sending vehicle terminal. The timestamp indicates the time at which the temporary key was issued. The authentication center records the issued temporary key and the time stamp correspondingly. The purpose of the correspondence record is to compare the received temporary key and timestamp with the stored correspondence record of the issued temporary key and timestamp in step 320 for authentication of the vehicle message sender identity. In the case where the temporary key request contains the identification of the message sending vehicle terminal, the identification of the message sending vehicle terminal is also recorded in correspondence with the issued temporary key and the time stamp. The purpose of recording the identity of the messaging vehicle terminal is for information security traceability. If the security department wants to trace back who the sender of a certain encrypted vehicle message is, the sender of the encrypted vehicle message can be found in the corresponding records of the identification of the vehicle terminal, the issued temporary key and the timestamp through the temporary key and the timestamp accompanying the encrypted vehicle message. The message tracing can be only carried out in the authentication center and cannot be carried out by the message receiving vehicle terminal, so that the privacy of the vehicle networking user can be ensured to the greatest extent.
The message sending vehicle terminal then encrypts the vehicle message with the temporary key. The encryption may employ a known encryption method. Then, the message sending vehicle terminal sends the encrypted vehicle message, the temporary key, and the time stamp together to the message receiving vehicle terminal. Because the vehicle message is encrypted by the temporary secret key without the real identity of the vehicle sending the message, compared with the scheme that the vehicle message is encrypted by the real terminal identification and sent together with the terminal identification, the message receiving vehicle terminal cannot know who the sender is, and the privacy of the vehicle networking user is protected to the great extent.
And then, the message sending vehicle terminal sends the received temporary key and the received timestamp as the temporary key and the timestamp to be verified to an authentication center for security authentication.
In step 320, the received temporary key and timestamp are compared to the stored corresponding record of the issued temporary key and timestamp.
When the authentication center receives the temporary key and the time stamp transmitted from the message reception vehicle terminal, it looks up whether the temporary key received from the message reception vehicle terminal is issued at the time in the time stamp received from the message reception vehicle terminal, in correspondence records from the time stamp received from the message reception vehicle terminal to the issued temporary key and time stamp. If so, the authentication is passed. If not, the authentication center does not issue such a temporary key at the time in the timestamp received from the message receiving vehicle terminal, and it is likely that the vehicle-mounted unit disguised as a normal vehicle message by a lawless person spreads false traffic messages in the internet of vehicles, and the authentication fails. Therefore, the safety certification of the identity of the message sender is realized, and lawless persons are prevented from spreading false traffic messages in the Internet of vehicles.
In step 330, if the received temporary key and timestamp are present in the correspondence record, an authentication pass message is sent to the message receiving vehicle terminal.
Additionally, in one embodiment, the method further comprises: if the received temporary key and timestamp do not exist in the corresponding record, an authentication failure message (not shown) is sent to the message receiving vehicle terminal.
When the message receiving vehicle terminal receives the authentication passing message from the authentication center, the identity of the sender of the message is considered to have no problem, and the encrypted vehicle message can be decrypted by using the received temporary secret key to obtain the vehicle message. When the message receiving vehicle terminal receives the authentication failure message from the authentication center, the identity of the sender of the message is considered to be in problem, and it is likely that lawless persons pretend to be vehicle-mounted units which normally send vehicle messages disseminate false traffic messages in the internet of vehicles. Thus, the encrypted vehicle message received is discarded.
Additionally, in one embodiment, the method further comprises: receiving a vehicle terminal query request, wherein the vehicle terminal tracing request comprises a temporary secret key and a timestamp; the identification of the message sending vehicle terminal (not shown) is queried from a corresponding record of the stored identification of the message sending vehicle terminal, the issued temporary key and the timestamp, based on the temporary key and the timestamp contained in the vehicle terminal query request.
The advantage of this embodiment is that an efficient tracing back of information security can be achieved. The vehicle terminal inquiry request is an inquiry request from the outside (e.g., a network security department). If the network security department wants to trace back who the sender of a certain encrypted vehicle message is, the temporary key and the timestamp which accompany the encrypted vehicle message can be put into a vehicle terminal tracing request and sent to the authentication center. The authentication center may find the identity of the vehicle terminal corresponding to the temporary key and the timestamp in a corresponding record of the identity of the vehicle terminal, the issued temporary key, and the timestamp, i.e., identify the sender of the encrypted vehicle message. The message tracing can be only carried out in the authentication center and cannot be carried out by the message receiving vehicle terminal, so that the privacy of the vehicle networking user is ensured to the maximum extent.
Referring to fig. 4, an exemplary flowchart of a vehicle message authentication method in a vehicle networking according to one embodiment of the present application is shown. The method illustrated in fig. 4 may be performed at the messaging vehicle terminal 102 of fig. 1.
As shown in fig. 4, a temporary key request is sent to the authentication center in step 410.
When a message sending vehicle terminal wants to send a vehicle message, a temporary key request is first sent to a certificate authority. Typically, the temporary key request contains an identification of the terminal of the messaging vehicle. The identification of the vehicle terminal is such as the license plate number of the vehicle. When the vehicle terminal is registered to the Internet of vehicles, the identification of the vehicle terminal is registered to the authentication center. The authentication center stores the identifications of all vehicle terminals registered to the Internet of vehicles. And after receiving the temporary key request, the authentication center compares the terminal identification carried in the temporary key request with the terminal identification stored in the authentication center. And if the terminal identification carried in the request exists in the terminal identification stored in the authentication center, generating a temporary key for the message sending vehicle terminal, and sending the temporary key and the timestamp to the message sending vehicle terminal. The timestamp indicates the time at which the temporary key was issued. The authentication center records the issued temporary key and the time stamp correspondingly.
In step 420, an issued temporary key and a timestamp from a certificate authority are received.
In step 430, the vehicle message is encrypted with the temporary key.
The encryption may employ a known encryption method.
In step 440, the encrypted vehicle message is transmitted.
In one embodiment, the message sending vehicle terminal sends the encrypted vehicle message, the temporary key, and the timestamp together to the message receiving vehicle terminal. And then, the message sending vehicle terminal sends the received temporary key and the received timestamp as the temporary key and the timestamp to be verified to an authentication center for security authentication.
When the authentication center receives the temporary key and the time stamp transmitted from the message reception vehicle terminal, it looks up whether the temporary key received from the message reception vehicle terminal is issued at the time in the time stamp received from the message reception vehicle terminal, in correspondence records from the time stamp received from the message reception vehicle terminal to the issued temporary key and time stamp. If so, the authentication is passed. If not, the authentication center does not issue such a temporary key at the time in the timestamp received from the message receiving vehicle terminal, and it is likely that the vehicle-mounted unit disguised as a normal vehicle message by a lawless person spreads false traffic messages in the internet of vehicles, and the authentication fails. Therefore, the safety certification of the identity of the message sender is realized, and lawless persons are prevented from spreading false traffic messages in the Internet of vehicles.
And if the received temporary key and the timestamp exist in the corresponding record, the authentication center sends an authentication passing message to the message receiving vehicle terminal. When the message receiving vehicle terminal receives the authentication passing message from the authentication center, the identity of the sender of the message is considered to have no problem, and the encrypted vehicle message can be decrypted by using the received temporary secret key to obtain the vehicle message. When the message receiving vehicle terminal receives the authentication failure message from the authentication center, the identity of the sender of the message is considered to be in problem, and it is likely that lawless persons pretend to be vehicle-mounted units which normally send vehicle messages disseminate false traffic messages in the internet of vehicles. Thus, the encrypted vehicle message received is discarded.
It should be noted that while the operations of the method of the present invention are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Rather, the steps depicted in the flowcharts may change the order of execution. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
With further reference to fig. 5, an exemplary block diagram of a vehicle message authentication device 500 in a vehicle networking according to one embodiment of the present application is shown.
As shown in fig. 5, the vehicle message authentication apparatus 500 may include: a first receiving unit 510, configured to receive an encrypted vehicle message from a message sending vehicle terminal in the internet of vehicles, a temporary key and a timestamp, wherein the encrypted vehicle message is a vehicle message encrypted by the temporary key, the temporary key is requested to be issued by the message sending vehicle terminal to an authentication center when the vehicle message needs to be sent, and the timestamp represents a time for issuing the temporary key; a first transmitting unit 520 configured to transmit the received temporary key and the timestamp to the certificate authority; and a decryption unit 530 configured to decrypt the encrypted vehicle message with the received temporary key to obtain the vehicle message in response to receiving an authentication pass message from the authentication center.
Optionally, the apparatus 500 further comprises: a first discarding unit (not shown) configured to discard the received encrypted vehicle message in response to receiving an authentication failure message from the authentication center.
Optionally, the apparatus 500 further comprises: and a difference value determining unit (not shown) configured to determine a difference value between the time stamp and the current time after receiving the encrypted vehicle message, the temporary key and the time stamp from the message sending vehicle terminal in the internet of vehicles. The first transmission unit transmits the received temporary key and the time stamp to the authentication center only if the difference is smaller than a predetermined threshold.
Optionally, the apparatus 500 further comprises: a second discarding unit (not shown) configured to discard the encrypted vehicle message if the difference is not less than a predetermined threshold.
With further reference to fig. 6, an exemplary block diagram of a vehicle message authentication device 600 in a vehicle networking according to one embodiment of the present application is shown.
Optionally, the apparatus 600 comprises: a second receiving unit 610 configured to receive a temporary key and a timestamp to be authenticated from the message reception vehicle terminal, the temporary key and the timestamp to be authenticated being a temporary key and a timestamp accompanying an encrypted vehicle message received by the message reception vehicle terminal; a comparing unit 620 configured to compare the received temporary key and timestamp with the stored record corresponding to the issued temporary key and timestamp; and a second transmitting unit 630 configured to transmit an authentication pass message to the message receiving vehicle terminal if the received temporary key and the timestamp exist in the correspondence record.
Optionally, the apparatus 600 further comprises: a third transmitting unit (not shown) configured to transmit an authentication failure message to the message receiving vehicle terminal if the received temporary key and the timestamp do not exist in the correspondence record.
Optionally, the apparatus 600 further comprises: a third receiving unit (not shown) configured to receive a temporary key request from a message sending vehicle terminal in the internet of vehicles before receiving a temporary key to be authenticated and a time stamp from the message receiving vehicle terminal; a distribution unit (not shown) configured to distribute a temporary key and a time stamp indicating a time at which the temporary key is distributed to the message sending vehicle terminal; and a recording unit (not shown) configured to record the issued temporary key and the timestamp correspondingly.
Optionally, the temporary key request includes an identifier of the message sending vehicle terminal. The recording unit is further configured to: the identity of the messaging vehicle terminal is also recorded in correspondence with the issued temporary key and timestamp.
Optionally, the apparatus further comprises: a fourth receiving unit (not shown) configured to receive a vehicle terminal query request, where the vehicle terminal trace back request includes a temporary key and a timestamp; and an inquiring unit (not shown) configured to inquire the identification of the message sending vehicle terminal from a corresponding record of the stored identification of the message sending vehicle terminal, the issued temporary key and the timestamp based on the temporary key and the timestamp contained in the vehicle terminal inquiry request.
With further reference to fig. 7, an exemplary block diagram of a vehicle message authentication device 700 in a vehicle networking according to one embodiment of the present application is shown. The apparatus 700 comprises: a fourth sending unit 710 configured to send a temporary key request to the authentication center; a fifth receiving unit 720 configured to receive the issued temporary key and a time stamp from the authentication center, the time stamp indicating a time when the temporary key was issued; an encryption unit 730 configured to encrypt the vehicle message with the temporary key; a fifth transmitting unit 740 configured to transmit the encrypted vehicle message.
It should be understood that the subsystems or units recited in fig. 5-7 correspond to various steps in the method described with reference to fig. 2-4. Thus, the operations and features described above for the method are equally applicable to fig. 5-7 and the units contained therein and will not be described again here.
Referring now to FIG. 8, a block diagram of a computer system 800 suitable for use in implementing a message receiving vehicle terminal of an embodiment of the present application is shown.
As shown in fig. 8, the computer system 800 includes a Central Processing Unit (CPU)801 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)802 or a program loaded from a storage section 808 into a Random Access Memory (RAM) 803. In the RAM 803, various programs and data necessary for the operation of the system 800 are also stored. The CPU 801, ROM 802, and RAM 803 are connected to each other via a bus 804. An input/output (I/O) interface 805 is also connected to bus 804.
The following components are connected to the I/O interface 805: an input portion 806 including a keyboard, a mouse, and the like; an output section 807 including a signal such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 808 including a hard disk and the like; and a communication section 809 including a network interface card such as a LAN card, a modem, or the like. The communication section 809 performs communication processing via a network such as the internet. A drive 810 is also connected to the I/O interface 805 as necessary. A removable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 810 as necessary, so that a computer program read out therefrom is mounted on the storage section 808 as necessary.
Referring now to FIG. 9, a block diagram of a computer system 900 suitable for implementing a certificate authority of an embodiment of the present application is shown.
As shown in fig. 9, the computer system 900 includes a Central Processing Unit (CPU)901 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)902 or a program loaded from a storage section 908 into a Random Access Memory (RAM) 903. In the RAM 903, various programs and data necessary for the operation of the system 900 are also stored. The CPU 901, ROM 902, and RAM 903 are connected to each other via a bus 904. An input/output (I/O) interface 905 is also connected to bus 904.
The following components are connected to the I/O interface 905: an input portion 906 including a keyboard, a mouse, and the like; an output section 907 including components such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 908 including a hard disk and the like; and a communication section 909 including a network interface card such as a LAN card, a modem, or the like. The communication section 909 performs communication processing via a network such as the internet. The drive 910 is also connected to the I/O interface 905 as necessary. A removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 910 as necessary, so that a computer program read out therefrom is mounted into the storage section 908 as necessary.
Referring now to FIG. 10, a block diagram of a computer system 1000 suitable for use in implementing a message receiving vehicle terminal of an embodiment of the present application is shown.
As shown in fig. 10, the computer system 1000 includes a Central Processing Unit (CPU)1001 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)1002 or a program loaded from a storage section 1008 into a Random Access Memory (RAM) 1003. In the RAM 1003, various programs and data necessary for the operation of the system 1000 are also stored. The CPU 1001, ROM 1002, and RAM 1003 are connected to each other via a bus 1004. An input/output (I/O) interface 1005 is also connected to bus 1004.
The following components are connected to the I/O interface 1005: an input section 1006 including a keyboard, a mouse, and the like; an output section 1007 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 1008 including a hard disk and the like; and a communication section 1009 including a network interface card such as a LAN card, a modem, or the like. The communication section 1009 performs communication processing via a network such as the internet. The driver 1010 is also connected to the I/O interface 1005 as necessary. A removable medium 1011 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 1010 as necessary, so that a computer program read out therefrom is mounted into the storage section 1008 as necessary.
In particular, the processes described above with reference to fig. 2-4 may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the methods of fig. 2-4. In such embodiments, the computer program may be downloaded and installed from a network via communications sections 809, 909, 1009 and/or installed from removable media 811, 911, 1011.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor. The names of these units or modules do not in some cases constitute a limitation of the unit or module itself.
As another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus in the above-described embodiments; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the formula input methods described herein.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by a person skilled in the art that the scope of the invention as referred to in the present application is not limited to the embodiments with a specific combination of the above-mentioned features, but also covers other embodiments with any combination of the above-mentioned features or their equivalents without departing from the inventive concept. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (20)

1. A vehicle message authentication method in the Internet of vehicles is applied to a message receiving vehicle terminal, and comprises the following steps:
receiving an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the Internet of vehicles, wherein the encrypted vehicle message is the vehicle message encrypted by the temporary key, the temporary key is requested to be issued to an authentication center by the message sending vehicle terminal when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key;
transmitting the received temporary key and timestamp to the authentication center; and
in response to receiving an authentication pass message from the authentication center, decrypting the encrypted vehicle message with the received temporary key to obtain the vehicle message.
2. The method of claim 1, further comprising:
discarding the received encrypted vehicle message in response to receiving an authentication failure message from the authentication center.
3. The method of claim 1, further comprising: determining a difference between the timestamp and the current time upon receiving the encrypted vehicle message, the temporary key and the timestamp from the message sending vehicle terminal in the Internet of vehicles, and wherein
The step of sending the received temporary key and timestamp to the authentication center is only performed if the difference is less than a predetermined threshold.
4. The method of claim 3, further comprising: discarding the encrypted vehicle message if the difference is not less than a predetermined threshold.
5. A vehicle message authentication method in the Internet of vehicles is characterized in that the method is applied to an authentication center and comprises the following steps:
receiving a temporary key to be verified and a timestamp from a message receiving vehicle terminal, wherein the temporary key to be verified and the timestamp are the temporary key and the timestamp which are received by the message receiving vehicle terminal and accompany with an encrypted vehicle message;
comparing the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and
and if the received temporary key and the timestamp exist in the corresponding record, sending an authentication passing message to the message receiving vehicle terminal.
6. The method of claim 5, further comprising:
and if the received temporary key and the timestamp do not exist in the corresponding record, sending an authentication failure message to the message receiving vehicle terminal.
7. The method of claim 5, further comprising, prior to receiving the temporary key to be authenticated and the timestamp from the message receiving vehicle terminal:
receiving a temporary key request from a message sending vehicle terminal in the Internet of vehicles;
issuing a temporary key and a timestamp to the message sending vehicle terminal, the timestamp indicating a time at which the temporary key was issued;
and correspondingly recording the issued temporary key and the timestamp.
8. The method of claim 7, wherein the temporary key request includes an identification of the terminal of the messaging vehicle, and wherein the temporary key request includes an identification of the terminal of the messaging vehicle
Correspondingly recording the issued temporary key and the timestamp further comprises: the identity of the messaging vehicle terminal is also recorded in correspondence with the issued temporary key and timestamp.
9. The method of claim 8, further comprising:
receiving a vehicle terminal query request, wherein the vehicle terminal tracing request comprises a temporary secret key and a timestamp;
and inquiring the identification of the message sending vehicle terminal from the corresponding records of the stored identification of the message sending vehicle terminal, the issued temporary key and the timestamp based on the temporary key and the timestamp contained in the inquiry request of the vehicle terminal.
10. A vehicle message authentication device in the Internet of vehicles is characterized in that the device is applied to a message receiving vehicle terminal, and the device comprises:
a first receiving unit, configured to receive an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the internet of vehicles, wherein the encrypted vehicle message is a vehicle message encrypted by the temporary key, the temporary key is requested to be issued by the message sending vehicle terminal to an authentication center when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key;
a first transmitting unit configured to transmit the received temporary key and the timestamp to the authentication center; and
a decryption unit configured to decrypt the encrypted vehicle message with the received temporary key to obtain the vehicle message in response to receiving an authentication pass message from the authentication center.
11. The apparatus of claim 10, further comprising:
a first discarding unit configured to discard the received encrypted vehicle message in response to receiving an authentication failure message from the authentication center.
12. The apparatus of claim 10, further comprising:
a difference determination unit configured to determine a difference between the time stamp and the current time after receiving the encrypted vehicle message, the temporary key, and the time stamp from the message sending vehicle terminal in the internet of vehicles, and wherein
The first transmission unit transmits the received temporary key and the time stamp to the authentication center only if the difference is smaller than a predetermined threshold.
13. The apparatus of claim 12, further comprising:
a second discarding unit configured to discard the encrypted vehicle message if the difference is not less than a predetermined threshold.
14. A vehicle message authentication device in the Internet of vehicles is characterized in that the device is applied to an authentication center and comprises:
a second receiving unit configured to receive a temporary key to be authenticated and a time stamp from the message reception vehicle terminal, the temporary key to be authenticated and the time stamp being a temporary key and a time stamp accompanying an encrypted vehicle message received by the message reception vehicle terminal;
the comparison unit is configured to compare the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and
and a second transmitting unit configured to transmit an authentication pass message to the message receiving vehicle terminal if the received temporary key and the timestamp exist in the correspondence record.
15. The apparatus of claim 14, further comprising:
and a third transmitting unit configured to transmit an authentication failure message to the message receiving vehicle terminal if the received temporary key and the timestamp do not exist in the correspondence record.
16. The apparatus of claim 14, further comprising:
the third receiving unit is used for receiving a temporary key request from a message sending vehicle terminal in the Internet of vehicles before receiving the temporary key to be verified and the timestamp from the message receiving vehicle terminal;
an issuing unit configured to issue a temporary key and a time stamp to the message sending vehicle terminal, the time stamp indicating a time at which the temporary key is issued;
and the recording unit is configured to correspondingly record the issued temporary key and the timestamp.
17. The apparatus of claim 16, wherein the temporary key request includes an identification of the terminal of the messaging vehicle, and wherein the temporary key request includes an identification of the terminal of the messaging vehicle
The recording unit is further configured to: the identity of the messaging vehicle terminal is also recorded in correspondence with the issued temporary key and timestamp.
18. The apparatus of claim 17, further comprising:
the fourth receiving unit is configured to receive a vehicle terminal query request, and the vehicle terminal tracing request comprises a temporary key and a timestamp;
and the query unit is configured to query the identifier of the message sending vehicle terminal from the corresponding records of the stored identifier of the message sending vehicle terminal, the issued temporary key and the timestamp based on the temporary key and the timestamp contained in the query request of the vehicle terminal.
19. A vehicle message authentication device in the Internet of vehicles comprises a processor, a memory and a display; the method is characterized in that:
the memory includes instructions executable by the processor to cause the processor to perform:
receiving an encrypted vehicle message, a temporary key and a timestamp from a message sending vehicle terminal in the Internet of vehicles, wherein the encrypted vehicle message is the vehicle message encrypted by the temporary key, the temporary key is requested to be issued to an authentication center by the message sending vehicle terminal when the vehicle message needs to be sent, and the timestamp represents the time for issuing the temporary key;
transmitting the received temporary key and timestamp to the authentication center; and
in response to receiving an authentication pass message from the authentication center, decrypting the encrypted vehicle message with the received temporary key to obtain the vehicle message.
20. A vehicle message authentication device in the Internet of vehicles comprises a processor, a memory and a display; the method is characterized in that:
the memory includes instructions executable by the processor to cause the processor to perform:
receiving a temporary key to be verified and a timestamp from a message receiving vehicle terminal, wherein the temporary key to be verified and the timestamp are the temporary key and the timestamp which are received by the message receiving vehicle terminal and accompany with an encrypted vehicle message;
comparing the received temporary key and the timestamp with the stored corresponding record of the issued temporary key and the timestamp; and
and if the received temporary key and the timestamp exist in the corresponding record, sending an authentication passing message to the message receiving vehicle terminal.
CN201611050939.4A 2016-11-24 2016-11-24 Vehicle message authentication method and device in Internet of vehicles Active CN106657021B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611050939.4A CN106657021B (en) 2016-11-24 2016-11-24 Vehicle message authentication method and device in Internet of vehicles

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611050939.4A CN106657021B (en) 2016-11-24 2016-11-24 Vehicle message authentication method and device in Internet of vehicles

Publications (2)

Publication Number Publication Date
CN106657021A CN106657021A (en) 2017-05-10
CN106657021B true CN106657021B (en) 2020-04-24

Family

ID=58811824

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611050939.4A Active CN106657021B (en) 2016-11-24 2016-11-24 Vehicle message authentication method and device in Internet of vehicles

Country Status (1)

Country Link
CN (1) CN106657021B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10897354B2 (en) * 2018-01-19 2021-01-19 Robert Bosch Gmbh System and method for privacy-preserving data retrieval for connected power tools
CN112533175A (en) * 2020-12-07 2021-03-19 安徽江淮汽车集团股份有限公司 Internet of vehicles information transmission system and method
CN114900300B (en) * 2022-06-20 2024-07-30 中国联合网络通信集团有限公司 Cloud service temporary login key authentication method, device, equipment and storage medium
CN116743461B (en) * 2023-06-15 2023-12-22 上海银满仓数字科技有限公司 Commodity data encryption method and device based on time stamp

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101429212B1 (en) * 2012-09-13 2014-08-13 한국전자통신연구원 Method and apparatus for authenticating group driving of moving object
CN103051726A (en) * 2012-12-28 2013-04-17 杨涛 System and method for transmitting VANET (vehicle ad hoc network) safety information aggregate based on RSU (Remote Subscriber Unit)
CN103973760B (en) * 2013-02-06 2017-12-01 电信科学技术研究院 A kind of application method of Message Authentication, equipment and system
CN104853351A (en) * 2015-03-20 2015-08-19 江苏大学 Internet of Vehicles distributed authentication method based on controllable privacy
CN105847235B (en) * 2016-03-14 2019-01-01 安徽大学 Identity-based efficient anonymous batch authentication method in Internet of vehicles environment
CN106027233A (en) * 2016-04-28 2016-10-12 江苏大学 Method for designing vehicle network group negotiation communication protocol

Also Published As

Publication number Publication date
CN106657021A (en) 2017-05-10

Similar Documents

Publication Publication Date Title
CN108737430B (en) Encryption communication method and system for block chain node
JP7136903B2 (en) Encryption method and system for managing digital certificates
CN111149324B (en) Cryptography method and system for managing digital certificates with linked values
CN108768630B (en) Encryption communication method and system for block chain node
CN110769393B (en) Identity authentication system and method for vehicle-road cooperation
US9601016B2 (en) Communication system, vehicle-mounted terminal, roadside device
Raya et al. The security of vehicular ad hoc networks
Plößl et al. A privacy aware and efficient security infrastructure for vehicular ad hoc networks
KR101737520B1 (en) Vehicle accident information transmission method and apparatus and vehicle accident information collection method and apparatus based on interaction between apparatuses
CN111684764B (en) Cryptographic method and system for digital certificate revocation using blind activation codes
KR101521412B1 (en) Protocol Management System for Aggregating Massages based on certification
KR20160092496A (en) Communication device, lsi, program, and communication system
CN110149611B (en) Identity verification method, equipment, system and computer readable medium
CN105323753A (en) In-vehicle safety module, vehicular system and method for information interaction between vehicles
CN106657021B (en) Vehicle message authentication method and device in Internet of vehicles
CN106792681B (en) Intrusion detection method, device and equipment for Internet of vehicles
KR102256730B1 (en) System and method for vehicle verification and communication
KR20200091689A (en) Security management system for vehicle communication and operating method thereof, messege processing method of vehicle communication service providing system having the same
JP2021510481A (en) Encryption method and its system using activation code for withdrawal of digital certificate
CN114430552B (en) Vehicle networking v2v efficient communication method based on message pre-authentication technology
Khalil et al. Sybil attack prevention through identity symmetric scheme in vehicular ad-hoc networks
Tbatou et al. Security of communications in connected cars modeling and safety assessment
CN106789963B (en) Asymmetric white-box password encryption method, device and equipment
KR20190056661A (en) Secure Communication Method through RSU-based Group Key in Vehicular Network
CN113115309B (en) Data processing method and device for Internet of vehicles, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100083 Beijing, Haidian District Xueyuan Road 30 days building A 20 floor

Applicant after: Beijing Bang Bang Safety Technology Co. Ltd.

Address before: 100083 Beijing, Haidian District Xueyuan Road 30 days building A 20 floor

Applicant before: Yangpuweiye Technology Limited

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant