CN115296815B - Identity authentication method for vehicle-mounted controller - Google Patents
Identity authentication method for vehicle-mounted controller Download PDFInfo
- Publication number
- CN115296815B CN115296815B CN202210903731.1A CN202210903731A CN115296815B CN 115296815 B CN115296815 B CN 115296815B CN 202210903731 A CN202210903731 A CN 202210903731A CN 115296815 B CN115296815 B CN 115296815B
- Authority
- CN
- China
- Prior art keywords
- key
- ecu
- gateway
- uid
- vehicle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000002347 injection Methods 0.000 claims abstract description 20
- 239000007924 injection Substances 0.000 claims abstract description 20
- 238000009826 distribution Methods 0.000 claims abstract description 15
- VIEYMVWPECAOCY-UHFFFAOYSA-N 7-amino-4-(chloromethyl)chromen-2-one Chemical compound ClCC1=CC(=O)OC2=CC(N)=CC=C21 VIEYMVWPECAOCY-UHFFFAOYSA-N 0.000 claims abstract description 11
- 230000004044 response Effects 0.000 claims description 15
- 238000004891 communication Methods 0.000 claims description 13
- 238000003860 storage Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 7
- 238000004519 manufacturing process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses an identity authentication method of a vehicle-mounted controller, which comprises the following steps: key injection: when the vehicle is off line, MASTERKEY is injected into the gateway by using a key injection tool; and (5) key distribution: the gateway uses a CMAC algorithm to generate a key for the UID responded by the ECU, and the key is finer into the HSM of the gateway after the ECU is verified successfully; identity authentication: when the whole vehicle is electrified, the gateway verifies the identity of the ECU through the stored UID of the ECU, so that the ECU is ensured to be legal. The invention uses the vehicle gateway as a trusted center, establishes a whole vehicle key management and distribution mechanism, provides a feasible method for identity authentication of the vehicle controller, and reduces the implementation difficulty of the original technical scheme.
Description
Technical Field
The invention belongs to the technical field of automobile information safety, and particularly relates to an identity authentication method of a vehicle-mounted controller.
Background
In order to ensure the application safety of the Internet of vehicles and the safety of the whole vehicle communication and data, a management system of a whole vehicle secret key and a certificate needs to be constructed. The system generally comprises a PKI infrastructure, an encryption authentication module, an algorithm generation module, a key generation module and the like. And constructing a whole vehicle trust chain system through generating, distributing and managing the identification key.
The prior art scheme is generally based on a PKI infrastructure of a cloud, and 1) key injection is carried out on an ECU (electronic control unit) when the ECU is offline by using a production line tool; 2) When the whole vehicle is off line, network connection is established between the vehicle and the PKI infrastructure through the T-Box, and after certificates/keys are acquired from the PKI infrastructure, the certificates/keys are distributed in the vehicle through a CAN bus network; the basic mechanism of the vehicle key management architecture is shown in fig. 1. It has the following disadvantages:
1) The production line tool needs to be coupled with the development and manufacturing flow of each ECU provider, so that the influence is large, and the coordination difficulty is high;
2) The connection of the T-Box and the PKI infrastructure depends on wireless network communication, and uncertainty exists in the production line environment of the vehicle offline;
3) The key is distributed through the CAN bus network, so that a safe key interaction communication protocol needs to be additionally designed, and a large pressure is brought to the CAN bus load.
Disclosure of Invention
Aiming at the problems existing in the background technology, the invention aims to provide an identity authentication method of a vehicle-mounted controller, which utilizes a hardware encryption module (HSM) built in a vehicle-mounted gateway to establish a whole vehicle key management and distribution mechanism of key generation, safe storage and autonomous distribution; the vehicle-mounted gateway is used as a trusted center, and a system mechanism for identity authentication of the vehicle-mounted controller is established.
In order to achieve the above purpose, the identity authentication method of the vehicle-mounted controller designed by the invention is characterized in that:
S1, key injection: when the vehicle is off line, MASTERKEY, namely, a root key is injected into the gateway by using a key injection tool;
s2, key distribution: the gateway uses a CMAC algorithm to generate a key for the UID responded by the ECU, and the key is finer into the HSM of the gateway after the ECU is verified successfully;
S3, identity authentication: when the whole vehicle is electrified, the gateway verifies the identity of the ECU through the stored UID of the ECU, so that the ECU is ensured to be legal.
Preferably, step S1 is specifically as follows:
S101, a key injection tool requests to read the identity ID of a gateway;
S102, the gateway responds to the UID of the gateway;
S103, calculating key parameters M1-M5 by the key injection tool through the UID in S102 and sending the key parameters to the gateway; the key parameters M1-M3 are used for writing keys, and M4 and M5 are used for verifying writing results;
s104, after receiving the key parameters, the gateway uses M1, M2 and M3 as parameters and calls a key load function of the HSM to generate MASTERKEY;
S105, the gateway verifies that returned values M4 and M5 of the key load function are consistent with each other, and if so, the key injection is successful by comparing the returned values M4 and M5 with the returned values M4 and M4.
Preferably, step S2 is specifically as follows:
s201, the gateway sends a UID reading request, and the request data comprises a key state Mode field;
s202, the ECU sends UID response according to the key state Mode, and response data comprise self address and UID information;
S203, the gateway stores the UID after receiving the UID information; generating a master_Key for the UID of each ECU by using a CMAC algorithm to obtain M1-M5 parameters, and sending a Key update message to the ECU, wherein the data comprises a Key state Mode, a target ECU address and M1-M5;
S204, the ECU calculates and verifies M4 and M5 using the same method, and if successful, updates its key to the HSM, and returns a response, where the response data includes a key status Mode, a destination ECU address, and a success or failure status.
Further preferably, in S201, the key state includes an initial state, an updated key state, an erased key state; wherein, the initial state has no key.
Further preferably, in S202, the own address is the lower 8 bits of the ECU diagnostic ID.
Further preferably, in S202, a plaintext UID is used; or this uses the transmission ciphertext UID, and the decryption is performed accordingly in S203.
Preferably, in S3, the validity of the ECU is verified using a CMAC algorithm calculation based on the random number sent by the gateway and the UID of the ECU.
Further preferably, step S3 is specifically as follows:
S301, when the whole vehicle is powered on, the gateway generates a random number, and sends an identity authentication request, wherein the request data comprises the random number and an ECU destination address to be verified;
s302, the ECU calculates the UID of the ECU and the received gateway random number by using an AES_CMAC algorithm and a secure storage key during key distribution to obtain the MAC;
S303, the ECU responds to the gateway, and response data comprise MAC;
s304, the gateway calculates the random number and the UID of the stored ECU by using the same method to obtain MAC, compares whether the MAC and the MAC are consistent, and if the MAC and the MAC are consistent, the ECU is a legal ECU, so that normal communication can be realized; if the verification is inconsistent, the ECU is illegal, and the gateway alarms or blocks communication.
Further preferably, in S301, the gateway generates a 16-byte random number when the whole vehicle is powered on.
Further preferably, in S301, the authentication request data is required according to a field in the vehicle-mounted network communication security protocol.
The beneficial effects of the invention are as follows: the invention uses the vehicle gateway as a trusted center, establishes a whole vehicle key management and distribution mechanism, provides a feasible method for identity authentication of the vehicle controller, and reduces the implementation difficulty of the original technical scheme.
And MASTERKEY is injected into the gateway by using a key injection tool (diagnostic instrument), the gateway generates and distributes keys to each ECU, and the whole flow and mechanism of identity authentication between the gateway and each ECU.
Drawings
FIG. 1 is a prior art vehicle key management architecture
FIG. 2 is a schematic diagram of key injection according to the present invention
FIG. 3 is a schematic diagram of key distribution according to the present invention
FIG. 4 is a schematic diagram of identity authentication according to the present invention
Detailed Description
The following describes the invention in further detail, including preferred embodiments, by way of the accompanying drawings and by way of examples of some alternative embodiments of the invention. It will be apparent that the described embodiments are only some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
The invention relates to an identity authentication method of a vehicle-mounted controller, which comprises the following specific processes:
1) MASTERKEY-root key injection, as shown in figure 2,
When the vehicle is off line, MASTERKEY is injected into the gateway by using a key injection tool (diagnostic instrument), and the flow is as follows:
a) A key injection tool (diagnostic instrument) requests to read an identity ID (UID) of the gateway;
b) The gateway responds to the UID of the gateway;
c) The key injection tool (diagnostic instrument) calculates key parameters M1-M5 through UID and sends the key parameters M1-M5 to the gateway;
d) Key parameters M1 to M5: M1-M3 are used for writing secret keys, and M4 and M5 are used for verifying writing results;
e) After receiving the key parameters, the gateway uses M1, M2 and M3 as parameters and calls a key load function of the HSM to generate MASTERKEY;
f) Verifying the returned values M4, M5 of the key load function, comparing M4 with M4, and if the comparison is consistent, then the key loader is successful.
2) Key distribution, as shown in figure 3,
Keys are generated and distributed by the gateway to the various ECUs (controllers).
A) The gateway sends a UID reading request, and the request data comprises a key state Mode field, wherein the key state comprises an initial state (no key), an updated key state and an erased key state;
b) The ECU sends a UID response according to the key state Mode, response data comprise an address (8 bits lower than the ECU diagnosis ID) and a plaintext UID, the UID can be confused to obtain the UID, and the ciphertext UID is transmitted);
c) The gateway receives the plaintext UID, if the plaintext UID is the ciphertext UID, the anti-confusion UID obtains the UID, and then the UID is stored; generating a master_Key for the UID of each ECU by using a CMAC algorithm to obtain M1-M5 parameters, and sending a Key update message to the ECU, wherein the data comprises a Key state Mode, a target ECU address and M1-M5;
d) The ECU uses the same method to calculate and verify M4 and M5, if successful, the key is updated to the HSM, and a response is returned, wherein the response data comprises a key state Mode, a target ECU address and a success or failure state;
3) Identity authentication
And when the whole vehicle is electrified, the identity of the whole vehicle ECU is verified, and the communication ECU is ensured to be a legal ECU.
A) When the whole vehicle is electrified, the gateway generates 16 byte random numbers, sends an identity authentication request, wherein the request data comprises the random numbers and an ECU destination address to be verified, and the identity authentication request data is required according to fields in a vehicle-mounted network communication security protocol;
b) The ECU calculates the UID of the ECU and the received gateway random number by using an AES_CMAC algorithm and a secure storage key pair during key distribution to obtain an MAC;
c) The ECU responds to the gateway, and the response data comprises MAC;
d) The gateway uses the same method to calculate the random number and the UID of the stored ECU to obtain MAC, compares whether the random number and the UID are consistent, and if the random number and the UID are verified to be consistent, the ECU is a legal ECU, and can normally communicate; if the verification is inconsistent, the ECU is illegal, and the gateway alarms or blocks communication. Generally, alarm processing in the development testing stage and communication blocking in the mass production stage.
Device ID requires the use of UID (globally unique identification code) inside the HSM module;
the gateway of the present invention has a storage space for storing a plurality of UIDs, and each UID occupies 15 bytes.
The key update occurs when the gateway, ECU device is replaced. After the ECU is replaced, if the ECU is a legal ECU, a key distribution mechanism program is injected into the ECU, but the key state is an initial keyless state, the key injection tool is required to send key distribution request data, and the step S2 is directly executed, so that the key distribution is only required.
It will be readily understood by those skilled in the art that the foregoing is merely illustrative of the preferred embodiments of the present invention and that various modifications, combinations, substitutions, improvements, etc. may be made without departing from the spirit and principles of the invention.
Claims (7)
1. The identity authentication method of the vehicle-mounted controller is characterized by comprising the following steps of:
S1, key injection: when the vehicle is off line, the key injection tool is used for injecting the root key into the gateway;
S101, a key injection tool requests to read the identity ID of a gateway;
S102, the gateway responds to the UID of the gateway;
S103, calculating key parameters M1-M5 by the key injection tool through the UID in S102 and sending the key parameters to the gateway; the key parameters M1-M3 are used for writing keys, and M4 and M5 are used for verifying writing results;
s104, after receiving the key parameters, the gateway uses M1, M2 and M3 as parameters and calls a key load function of the HSM to generate MASTERKEY;
s105, the gateway verifies that returned values M4 and M5 of the key load function are compared with M4 and M4, whether M5 and M5 are consistent or not is judged, and if so, the key injection is successful;
S2, key distribution: the gateway uses a CMAC algorithm to generate a key for the UID responded by the ECU, and the key is updated to the HSM of the gateway after the ECU is verified successfully;
s201, the gateway sends a UID reading request, and the request data comprises a key state Mode field;
s202, the ECU sends UID response according to the key state Mode, and response data comprise self address and UID information;
S203, the gateway stores the UID after receiving the UID information; generating a master_Key for the UID of each ECU by using a CMAC algorithm to obtain M1-M5 parameters, and sending a Key update message to the ECU, wherein the data comprises a Key state Mode, a target ECU address and M1-M5;
S204, the ECU calculates and verifies M4 and M5 by using the same method, if successful, the key is updated to the HSM, and a response is returned, wherein the response data comprises a key state Mode, a target ECU address and a success or failure state;
S3, identity authentication: when the whole vehicle is electrified, the gateway verifies the identity of the ECU through the stored UID of the ECU, so that the ECU is ensured to be legal;
S301, when the whole vehicle is powered on, the gateway generates a random number, and sends an identity authentication request, wherein the request data comprises the random number and an ECU destination address to be verified;
s302, the ECU calculates the UID of the ECU and the received gateway random number by using an AES_CMAC algorithm and a secure storage key during key distribution to obtain the MAC;
S303, the ECU responds to the gateway, and response data comprise MAC;
s304, the gateway calculates the random number and the UID of the stored ECU by using the same method to obtain MAC, compares whether the MAC and the MAC are consistent, and if the MAC and the MAC are consistent, the ECU is a legal ECU, so that normal communication can be realized; if the verification is inconsistent, the ECU is illegal, and the gateway alarms or blocks communication.
2. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: in S201, the key state includes an initial state, an updated key state, an erased key state; wherein, the initial state has no key.
3. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: in S202, the own address is the lower 8 bits of the ECU diagnostic ID.
4. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: in S202, a plaintext UID is used; or this uses the transmission ciphertext UID, and the decryption is performed accordingly in S203.
5. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: and S3, calculating and verifying the validity of the ECU by using a CMAC algorithm according to the random number sent by the gateway and the UID of the ECU.
6. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: in S301, when the whole vehicle is powered on, the gateway generates a 16-byte random number.
7. The vehicle-mounted controller identity authentication method according to claim 1, characterized in that: in S301, the authentication request data is required according to a field in the vehicle network communication security protocol.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210903731.1A CN115296815B (en) | 2022-07-28 | 2022-07-28 | Identity authentication method for vehicle-mounted controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210903731.1A CN115296815B (en) | 2022-07-28 | 2022-07-28 | Identity authentication method for vehicle-mounted controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296815A CN115296815A (en) | 2022-11-04 |
| CN115296815B true CN115296815B (en) | 2024-07-05 |
Family
ID=83826898
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210903731.1A Active CN115296815B (en) | 2022-07-28 | 2022-07-28 | Identity authentication method for vehicle-mounted controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296815B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106647723A (en) * | 2017-02-08 | 2017-05-10 | 宝沃汽车(中国)有限公司 | Vehicle condition monitoring method based on Internet of vehicles, vehicle condition monitoring system based on Internet of vehicles, and vehicle |
| CN107104791A (en) * | 2017-03-29 | 2017-08-29 | 江苏大学 | A kind of in-vehicle network one-time pad communication means hidden based on ECU identity |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6197000B2 (en) * | 2015-07-03 | 2017-09-13 | Kddi株式会社 | System, vehicle, and software distribution processing method |
| JP6260066B2 (en) * | 2016-01-18 | 2018-01-17 | Kddi株式会社 | In-vehicle computer system and vehicle |
| CN109314640B (en) * | 2016-08-29 | 2021-11-12 | Kddi株式会社 | Vehicle information collection system, vehicle-mounted computer, vehicle information collection device, vehicle information collection method, and recording medium |
| CN114599028A (en) * | 2022-03-21 | 2022-06-07 | 南通大学 | Vehicle networking pseudonym management method based on homomorphic encryption mechanism |
-
2022
- 2022-07-28 CN CN202210903731.1A patent/CN115296815B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106647723A (en) * | 2017-02-08 | 2017-05-10 | 宝沃汽车(中国)有限公司 | Vehicle condition monitoring method based on Internet of vehicles, vehicle condition monitoring system based on Internet of vehicles, and vehicle |
| CN107104791A (en) * | 2017-03-29 | 2017-08-29 | 江苏大学 | A kind of in-vehicle network one-time pad communication means hidden based on ECU identity |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296815A (en) | 2022-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
| CN109672538B (en) | Lightweight vehicle-mounted bus secure communication method and system | |
| US9577997B2 (en) | Authentication system and authentication method | |
| CN102546155B (en) | On-demand safe key generates method and system | |
| CN112543927B (en) | Equipment upgrading method and related equipment | |
| CN106685653B (en) | Vehicle remote firmware updating method and device based on information security technology | |
| CN111279310A (en) | Vehicle-mounted equipment upgrading method and related equipment | |
| CN110708388B (en) | Vehicle body safety anchor node device, method and network system for providing safety service | |
| CN105187376A (en) | Safe communication method of internal automobile network in Telematics | |
| CN113613214B (en) | In-vehicle message authentication key management method and readable storage medium | |
| JP2013017140A (en) | On-vehicle network system | |
| CN104118392A (en) | Engine anti-theft authentication method and device of engine anti-theft system | |
| CN113016201B (en) | Key provisioning method and related product | |
| CN113114699A (en) | Vehicle terminal identity certificate application method | |
| US20230015877A1 (en) | Certificate list update method and apparatus | |
| CN115665138A (en) | Automobile OTA (over the air) upgrading system and method | |
| CN113766450A (en) | Vehicle virtual key sharing method, mobile terminal, server and vehicle | |
| CN112182551B (en) | PLC equipment identity authentication system and PLC equipment identity authentication method | |
| CN116094833A (en) | Key management method and system for whole vehicle key distribution | |
| US20220182248A1 (en) | Secure startup method, controller, and control system | |
| CN115296815B (en) | Identity authentication method for vehicle-mounted controller | |
| KR102576894B1 (en) | Method for managing encryption keys inside the vehicle | |
| CN110830243A (en) | Symmetric key distribution method, device, vehicle and storage medium | |
| CN114157489B (en) | Communication domain controller safety communication method based on periodic authentication handshake mechanism | |
| CN111736868B (en) | Automobile remote updating method based on identity identification and bidirectional verification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |