CN111510448A - Communication encryption method, device and system in OTA (over the air) upgrade of automobile - Google Patents

Communication encryption method, device and system in OTA (over the air) upgrade of automobile Download PDF

Info

Publication number
CN111510448A
CN111510448A CN202010279600.1A CN202010279600A CN111510448A CN 111510448 A CN111510448 A CN 111510448A CN 202010279600 A CN202010279600 A CN 202010279600A CN 111510448 A CN111510448 A CN 111510448A
Authority
CN
China
Prior art keywords
server
communication
symmetric encryption
random code
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010279600.1A
Other languages
Chinese (zh)
Inventor
周林
陈江洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Branch of DFSK Motor Co Ltd
Original Assignee
Chongqing Branch of DFSK Motor Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Branch of DFSK Motor Co Ltd filed Critical Chongqing Branch of DFSK Motor Co Ltd
Priority to CN202010279600.1A priority Critical patent/CN111510448A/en
Publication of CN111510448A publication Critical patent/CN111510448A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application discloses a communication encryption method, a device and a system in the OTA upgrade of an automobile, wherein the method comprises the following steps: the validity of the server is authenticated, and communication is continued if the authentication is passed; sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select; receiving a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generating a random code by using the target symmetric encryption scheme; transmitting the random code to a server side in an asymmetric encryption mode; and the server side performs symmetric encryption communication by using the random code as a symmetric encryption key. Compared with the prior art, the method and the system can ensure high security of communication between the vehicle end and the server end.

Description

Communication encryption method, device and system in OTA (over the air) upgrade of automobile
Technical Field
The application relates to the technical field of automobiles, in particular to a communication encryption method, device and system in automobile OTA upgrading.
Background
OTA (Over-the-air technology), i.e., Over-the-air technology. The system is upgraded by downloading a new software update package from a remote server through a network, and when the system is applied to an automobile, firmware upgrading services are mainly provided for automobile body electronic control modules such as HUT, TBOX, ECU and the like.
For example, when an ECU of an automobile fails or a new function needs to be added, a 4S shop is needed for traditional ECU upgrade, and a professional needs to upgrade the firmware of the ECU of the automobile. This method requires a large number of service nodes, which is time-consuming and labor-consuming, and also results in a large cost investment. In order to reduce the after-sale cost and quickly repair the system defects, the electronic device ECU of the sold vehicle is upgraded and bug safe repaired by the OTA technology, so that a great amount of cost can be saved for automobile manufacturers, and the satisfaction degree of the customers for using the automobile can be improved.
The OTA upgrading function of the automobile is derived from the updating iteration of the upgrading packet, the safety of the upgrading packet plays a crucial role in the whole process, the safety and the integrity of the upgrading packet need to be ensured during upgrading, and the confidentiality of communication between the automobile end and the server end needs to be ensured, so that the upgrading packet is ensured to be safe in the transmission process. Communication confidentiality in most of automobile OTA services in the market at present is not enough, and the source credibility of an upgrade package and information integrity in transmission cannot be ensured.
Disclosure of Invention
The application provides a communication encryption method, device and system in OTA (over the air) upgrading of an automobile, which can ensure high confidentiality of communication between an automobile end and a server end.
The application provides the following scheme:
in a first aspect, a communication encryption method in an automotive OTA upgrade is provided, where the method includes:
the validity of the server is authenticated, and communication is continued if the authentication is passed;
sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select;
receiving a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generating a random code by using the target symmetric encryption scheme;
transmitting the random code to a server side in an asymmetric encryption mode;
and the server side performs symmetric encryption communication by using the random code as a symmetric encryption key.
Further, authenticating the validity of the server, and if the authentication is passed, continuing to perform communication includes:
the method comprises the steps of sending the supported SS L protocol version number, encryption algorithm type and vehicle-end random number information to a server;
receiving SS L protocol version number, encryption algorithm type and server random number information selected by the server, and receiving a public key certificate returned by the server;
and verifying the legality of the server.
Further, the verifying the validity of the server includes:
verifying whether a public key certificate of the server is expired;
verifying whether a CA issuing a server public key certificate is reliable;
verifying whether the public key of the CA can correctly unlock the digital signature in the public key certificate;
and verifying whether the domain name on the public key certificate of the server side is matched with the actual domain name of the server side.
Further, the target symmetric encryption scheme is the symmetric encryption scheme with the highest encryption degree in all the symmetric encryption schemes.
Further, transmitting the random code to the server in an asymmetric encryption manner includes:
encrypting the random code by using a server public key returned by the server, and sending the encrypted random code to the server, so that the server decrypts the encrypted random code by using a server private key to obtain a decrypted random code;
further, the performing symmetric encryption communication with the server by using the random code as a symmetric encryption key includes:
and in the process of communicating with the server, the random code is used as a symmetric encryption key to symmetrically encrypt the communication session.
Preferably, the method further comprises:
and receiving the upgrade package sent by the server and the signature file of the upgrade package generated by the signature server interface of the PKI called by the server, and verifying the signature of the signature file.
Further, the signature file includes:
upgrading the signature of the package hash value;
the public key of the CA;
signature information of the CA public key.
This application second aspect provides a communication encryption device in car OTA upgrading, the device includes:
the authentication unit is used for authenticating the validity of the server side, and the communication is continued if the authentication is passed;
the sending unit is used for sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select;
a random code generating unit, configured to receive a target symmetric encryption scheme selected by a server from all the symmetric encryption schemes, and generate a random code using the target symmetric encryption scheme;
the transmission unit is used for transmitting the random code to the server side in an asymmetric encryption mode;
and the communication unit is used for carrying out symmetric encryption communication with the server by using the random code as a symmetric encryption key.
A third aspect of the present application provides a computer system, the system comprising:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform the method as described above.
According to the specific embodiments provided herein, the present application discloses the following technical effects:
in the method, the vehicle end firstly authenticates the legality of the server end, communication is continued if the authentication is passed, and communication is terminated if the authentication is not passed, so that the legality of the server end to be accessed by the vehicle end is ensured; after the legitimacy authentication of the server side is passed, the vehicle side sends a prestored supported symmetric encryption scheme to the server side for the selection of the server side, the server side selects an encryption scheme with the highest encryption degree from the symmetric encryption schemes and sends the encryption scheme to the vehicle side, and the vehicle side receives the encryption scheme selected by the server side and generates a random code as a symmetric encryption key by using the encryption scheme; the random code is transmitted to the server by the vehicle end in an asymmetric encryption mode, the confidentiality of the random code in the transmission process can be greatly improved by the asymmetric encryption mode, the vehicle end and the server have the random code at the moment, the vehicle end and the server can perform symmetric encryption communication by using the random code as a symmetric encryption key, and the confidentiality of the random code is high, so that the confidentiality of the symmetric encryption communication performed by using the random code as the symmetric encryption key is also high, and the high confidentiality of the communication between the vehicle end and the server is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a flow chart of the method of example 1 of the present application;
FIG. 2 is a structural view of an apparatus in example 2 of the present application;
fig. 3 is a computer system configuration diagram.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments that can be derived from the embodiments given herein by a person of ordinary skill in the art are intended to be within the scope of the present disclosure.
As described in the background art, the OTA upgrading function of the vehicle is derived from the updating iteration of the upgrade package, the security of the upgrade package plays a crucial role in the whole process, and the security and integrity of the upgrade package need to be ensured during upgrading, and the high security of the communication between the vehicle side and the service side also needs to be ensured, so that the upgrade package is ensured to be safe in the transmission process.
The vehicle end firstly authenticates the legality of the service end, continues communication if the authentication is passed, and terminates communication if the authentication is not passed, so that the legality of the service end to be accessed by the vehicle end is ensured; after the legitimacy authentication of the service end is passed, the vehicle end sends a symmetric encryption scheme which can be supported by the vehicle end to the service end for the selection of the service end, the service end selects an encryption scheme with the highest encryption degree from the symmetric encryption schemes and sends the encryption scheme to the vehicle end, the vehicle end receives the encryption scheme selected by the service end, and a random code is generated by using the encryption scheme to serve as a symmetric encryption key; the random code is transmitted to the server by the vehicle end in an asymmetric encryption mode, the confidentiality of the random code in the transmission process can be greatly improved by the asymmetric encryption mode, the vehicle end and the server have the random code at the moment, the vehicle end and the server can perform symmetric encryption communication by using the random code as a symmetric encryption key, and the confidentiality of the random code is high, so that the confidentiality of the symmetric encryption communication performed by using the random code as the symmetric encryption key is also high, and the high confidentiality of the communication between the vehicle end and the server is ensured.
Asymmetric encryption comprises a pair of a public key and a private key, if data is encrypted by the public key, decryption can be performed only by the corresponding private key, and the algorithm is called an asymmetric encryption algorithm because two different keys are used for encryption and decryption. The server side has a pair of public key and private key, when the vehicle side communicates with the server side, the server side can return the public key to the vehicle side, the vehicle side can encrypt information by using the server side public key and then transmit the information to the server side, the server side receives the encrypted information, and the server side private key is used for decrypting the encrypted information to obtain decrypted information.
The symmetric encryption is an encryption method adopting a single-key cryptosystem, the same secret key can be used for encryption and decryption of information at the same time, in the application, a random code is generated by a vehicle end and used as a symmetric encryption secret key, the random code is sent to a server end in an asymmetric encryption mode, the random code is obtained after the server end decrypts the random code, and the random code is used as the symmetric encryption secret key and applied to communication between the vehicle end and the server end.
In the process that the server transmits the upgrade package to the vehicle end, the upgrade package may lose data, so that the upgrade package is incomplete, the upgrade package itself may be tampered, the tampered upgrade package is unsafe, and the safety and integrity of the upgrade package itself cannot be guaranteed by the existing vehicle OTA upgrade technology. In order to ensure the safety and the integrity of the upgrade package, the service end signs the upgrade package firstly, then sends the upgrade package and the signature file of the upgrade package to the vehicle end, the vehicle end receives the upgrade package and the signature file of the upgrade package sent by the service end, and then checks the signature file, so that the safety and the integrity of the upgrade package are ensured.
In summary, example 1 of the present application is as follows:
example 1
As shown in fig. 1, the method includes:
s11, authenticating the validity of the server, and continuing to communicate if the authentication is passed;
before the vehicle end communicates with the server end, in order to ensure that the server end is legal, firstly, the legality of the server end needs to be authenticated, and the vehicle end continues to communicate with the server end after the authentication is passed.
S12, sending at least two pre-stored symmetric encryption schemes to the server for the server to select;
commonly used algorithms in symmetric encryption algorithms are DES and 3DESAnd the vehicle end sends the prestored symmetrical encryption schemes which can be supported to the vehicle end to the server end, and the server end selects one of the symmetrical encryption schemes which is the highest in encryption degree from the symmetrical encryption schemes supported by the vehicle end and transmits the scheme to the vehicle end.
S13, receiving a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generating a random code by using the target symmetric encryption scheme;
the server selects a symmetric encryption scheme with the highest encryption degree from all the symmetric encryption schemes as a target symmetric encryption scheme to be sent to the vehicle end, the vehicle end generates a random code by using the target symmetric encryption scheme after receiving the target symmetric encryption scheme, and the random code serves as a symmetric encryption key.
S14, transmitting the random code to the server side in an asymmetric encryption mode;
the server side is provided with a pair of public keys and private keys, when the vehicle side communicates with the server side, the server side can return the public keys to the vehicle side, the vehicle side can encrypt the random codes by using the server side public keys and then transmit the random codes to the server side, the server side receives the encrypted random codes, and the server side private keys are used for decrypting the encrypted random codes to obtain decrypted random codes.
And S15, performing symmetric encryption communication with the server by using the random code as a symmetric encryption key.
The server decrypts to obtain the decrypted random code, at the moment, the vehicle end and the server both have the same random code as a symmetric encryption key, and the vehicle end and the server perform symmetric encryption communication through the key to ensure high confidentiality of communication.
And authenticating the validity of the server, and if the authentication is passed, continuing to communicate, wherein the authentication comprises the following steps:
the method comprises the steps of sending the supported SS L protocol version number, encryption algorithm type and vehicle-end random number information to a server;
receiving SS L protocol version number, encryption algorithm type and server random number information selected by the server, and receiving a public key certificate returned by the server;
and verifying the legality of the server.
The vehicle end sends SS L protocol version numbers which can be supported by the vehicle end to the server end, such as a v1.0.0 version, a v1.1.0 version and a v1.2.0 version, the server end can obtain the lower one of the highest version number supported by the vehicle end and the highest version number supported by the server end, such as the highest version number supported by the vehicle end is the v1.2.0 version, the SS L highest protocol version number supported by the server end is the v1.1.0 version, the server end can select the v1.1.0 version to return to the vehicle end, the vehicle end sends the type of encryption algorithm which can be supported by the vehicle end to the server end, the server end can select one encryption algorithm to return to the vehicle end, the server end can also return a public key certificate of the server end to the vehicle end at the same time, and the legality of the server end is verified by using the public key certificate.
The verifying the validity of the server comprises the following steps:
verifying whether a public key certificate of the server is expired;
verifying whether a CA issuing a server public key certificate is reliable;
verifying whether the public key of the CA can correctly unlock the digital signature in the public key certificate;
and verifying whether the domain name on the public key certificate of the server side is matched with the actual domain name of the server side.
Whether the service end is legal or not is verified by verifying whether the use date on the public key certificate is expired or not, whether the CA of the certificate is reliable or not, whether the public key of the CA can correctly unlock the digital signature in the public key certificate or not and whether the domain name on the public key certificate of the service end is matched with the actual domain name of the service end or not.
The target symmetric encryption scheme is the symmetric encryption scheme with the highest encryption degree in all the symmetric encryption schemes.
Commonly used algorithms in symmetric encryption algorithms are DES and 3DESAnd according to AES, Blowfish and the like, the server side selects an encryption scheme with the highest encryption degree from the symmetric encryption schemes, and sends the encryption scheme to the vehicle side.
Transmitting the random code to the server side through an asymmetric encryption mode comprises the following steps:
encrypting the random code by using a server public key returned by the server, and sending the encrypted random code to the server, so that the server decrypts the encrypted random code by using a server private key to obtain a decrypted random code;
the server side is provided with a server side public key and a server side private key, the vehicle side encrypts the random code by using the returned server side public key and sends the encrypted random code to the server side, the server side decrypts the received encrypted random code by using the server side private key so as to obtain the decrypted random code, and the random code is used as a symmetric encrypted secret key in the communication between the vehicle side and the server side.
The symmetric encryption communication between the server and the server by using the random code as a symmetric encryption key comprises the following steps:
and in the process of communicating with the server, the random code is used as a symmetric encryption key to symmetrically encrypt the communication session.
The asymmetric encryption is high in safety, but the speed of transmitting information by using asymmetric encryption is low, so that the random code is transmitted by using asymmetric encryption, the safety of the random code is ensured, the symmetric encryption transmission speed is high, the random code is usually used when a message sender needs to encrypt a large amount of data, so that the communication session between a vehicle end and a service end can be encrypted symmetrically, and the high confidentiality of communication between the vehicle end and the service end is ensured because the random code is safe.
And receiving the upgrade package sent by the server and the signature file of the upgrade package generated by the signature server interface of the PKI called by the server, and verifying the signature of the signature file.
The server side takes the hash value of the upgrade package as a parameter, calls a signature server interface of the PKI to generate a signature file, sends the signature file to the vehicle side, and the vehicle side checks the signature of the signature file.
The signature file includes:
upgrading the signature of the package hash value;
the public key of the CA;
signature information of the CA public key.
PKI is short for public key infrastructure, a simple PKI system comprises a certificate authority CA, a registration authority RA and a corresponding PKI storage library, a server uses the hash value of an upgrade package as a parameter to call a signature server interface of the PKI to generate a signature file, a vehicle end checks the signature of the signature file to ensure the safety and integrity of the upgrade package,
example 2
Corresponding to the above method, as shown in fig. 2, embodiment 2 of the present application provides a communication encryption device in an OTA upgrade of an automobile, where the device includes:
the authentication unit 21 is used for authenticating the validity of the server side, and if the authentication is passed, the communication is continued;
before the vehicle end communicates with the server end, in order to ensure that the server end is legal, the authentication unit 21 is first required to authenticate the validity of the server end, and the vehicle end continues to communicate with the server end after the authentication is passed.
The sending unit 22 is configured to send at least two pre-stored symmetric encryption schemes to the server for the server to select;
commonly used algorithms in symmetric encryption algorithms are DES and 3DESIn AES, Blowfish, and the like, the sending unit 22 of the vehicle end sends the supported symmetric encryption schemes prestored in the vehicle end to the server end, and the server end selects one of the symmetric encryption schemes supported by the vehicle end with the highest encryption degree as a target symmetric encryption scheme and transmits the target symmetric encryption scheme to the vehicle end.
A random code generating unit 23, configured to receive a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generate a random code using the target symmetric encryption scheme;
after receiving the symmetric encryption scheme with the highest encryption degree selected by the service end, the random code generation unit 23 at the vehicle end generates a random code by using the symmetric encryption scheme, and the random code is used as a key for symmetric encryption.
The transmission unit 24 is configured to transmit the random code to the server in an asymmetric encryption manner;
the service end is provided with a pair of public key and private key, when the vehicle end communicates with the service end, the service end can return the public key to the vehicle end, the transmission unit 24 of the vehicle end can encrypt the random code by using the public key of the service end and then transmit the random code to the service end, the service end receives the encrypted random code and decrypts the encrypted random code by using the private key of the service end to obtain the decrypted random code.
And the communication unit 25 is configured to perform symmetric encryption communication with the server by using the random code as a symmetric encryption key.
The server decrypts to obtain the decrypted random code, at this time, the vehicle end and the server both have the same random code as a symmetric encryption key, and the communication unit 25 of the vehicle end and the server perform symmetric encryption communication through the key to ensure high confidentiality of communication.
Example 3
Corresponding to the above method and apparatus, embodiment 3 of the present application provides a computer system, including:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform method steps of embodiment one, such as performing the following:
the validity of the server is authenticated, and communication is continued if the authentication is passed;
sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select;
receiving a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generating a random code by using the target symmetric encryption scheme;
transmitting the random code to a server side in an asymmetric encryption mode;
and the server side performs symmetric encryption communication by using the random code as a symmetric encryption key.
Fig. 3 illustrates an architecture of a computer system, which may include, in particular, a processor 1510, a video display adapter 1511, a disk drive 1512, an input/output interface 1513, a network interface 1514, and a memory 1520. The processor 1510, video display adapter 1511, disk drive 1512, input/output interface 1513, network interface 1514, and memory 1520 may be communicatively coupled via a communication bus 1530.
The processor 1510 may be implemented by a general-purpose CPU (central processing unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits, and is configured to execute related programs to implement the technical solution provided by the present application.
The memory 1520 may be implemented in the form of a ROM (read only memory), a RAM (random access memory), a static storage device, a dynamic storage device, or the like. The memory 1520 may store an operating system 1521 for controlling the operation of the computer system 1500, a Basic Input Output System (BIOS) for controlling low-level operations of the computer system 1500. In addition, a web browser 1523, a data storage management system 1524, an icon font processing system 1525, and the like can also be stored. The icon font processing system 1525 may be an application program that implements the operations of the foregoing steps in this embodiment of the application. In summary, when the technical solution provided by the present application is implemented by software or firmware, the relevant program codes are stored in the memory 1520 and called for execution by the processor 1510.
The input/output interface 1513 is used for connecting an input/output module to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The network interface 1514 is used to connect a communication module (not shown) to enable the device to communicatively interact with other devices. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, Bluetooth and the like).
The bus 1530 includes a path to transfer information between the various components of the device, such as the processor 1510, the video display adapter 1511, the disk drive 1512, the input/output interface 1513, the network interface 1514, and the memory 1520.
In addition, the computer system 1500 may also obtain information of specific extraction conditions from the virtual resource object extraction condition information database 1541 for performing condition judgment, and the like.
It should be noted that although the above devices only show the processor 1510, the video display adapter 1511, the disk drive 1512, the input/output interface 1513, the network interface 1514, the memory 1520, the bus 1530, etc., in a specific implementation, the devices may also include other components necessary for proper operation. Furthermore, it will be understood by those skilled in the art that the apparatus described above may also include only the components necessary to implement the solution of the present application, and not necessarily all of the components shown in the figures.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, or the like, and includes several instructions for enabling a computer device (which may be a personal computer, a cloud server, or a network device) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The cache updating method, the cache updating device and the cache updating equipment provided by the application are introduced in detail, a specific example is applied in the text to explain the principle and the implementation of the application, and the description of the embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, the specific embodiments and the application range may be changed. In view of the above, the description should not be taken as limiting the application.

Claims (10)

1. A communication encryption method in OTA (over the air) upgrade of an automobile is characterized by comprising the following steps:
the validity of the server is authenticated, and communication is continued if the authentication is passed;
sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select;
receiving a target symmetric encryption scheme selected by the server from all the symmetric encryption schemes, and generating a random code by using the target symmetric encryption scheme;
transmitting the random code to a server side in an asymmetric encryption mode;
and the server side performs symmetric encryption communication by using the random code as a symmetric encryption key.
2. The communication encryption method for OTA upgrade of automobile according to claim 1, wherein the authentication of the validity of the server, and the communication is continued if the authentication is passed, comprises:
the method comprises the steps of sending the supported SS L protocol version number, encryption algorithm type and vehicle-end random number information to a server;
receiving SS L protocol version number, encryption algorithm type and server random number information selected by the server, and receiving a public key certificate returned by the server;
and verifying the legality of the server.
3. The communication encryption method for OTA upgrade of a vehicle according to claim 2, wherein the verifying the validity of the service end comprises:
verifying whether a public key certificate of the server is expired;
verifying whether a CA issuing a server public key certificate is reliable;
verifying whether the public key of the CA can correctly unlock the digital signature in the public key certificate;
and verifying whether the domain name on the public key certificate of the server side is matched with the actual domain name of the server side.
4. The communication encryption method in the OTA upgrade of the car according to claim 1, wherein: the target symmetric encryption scheme is the symmetric encryption scheme with the highest encryption degree in all the symmetric encryption schemes.
5. The communication encryption method for OTA upgrade of a vehicle according to claim 1, wherein transmitting the random code to the service end by asymmetric encryption comprises:
and encrypting the random code by using a server public key returned by the server, and sending the encrypted random code to the server, so that the server decrypts the encrypted random code by using a server private key to obtain a decrypted random code.
6. The communication encryption method for OTA upgrade of vehicle according to claim 1, wherein the performing symmetric encryption communication with the service end using the random code as a symmetric encryption key comprises:
and in the process of communicating with the server, the random code is used as a symmetric encryption key to symmetrically encrypt the communication session.
7. The communication encryption method in the OTA upgrade of the vehicle of claim 1, wherein the method further comprises:
and receiving the upgrade package sent by the server and the signature file of the upgrade package generated by the signature server interface of the PKI called by the server, and verifying the signature of the signature file.
8. The communication encryption method in the OTA upgrade of the vehicle of claim 7, wherein the signature file comprises:
upgrading the signature of the package hash value;
the public key of the CA;
signature information of the CA public key.
9. A communication encryption device in OTA (over the air) upgrading of an automobile is characterized by comprising:
the authentication unit is used for authenticating the validity of the server side, and the communication is continued if the authentication is passed;
the sending unit is used for sending at least two pre-stored symmetric encryption schemes to the server side for the server side to select;
a random code generating unit, configured to receive a target symmetric encryption scheme selected by a server from all the symmetric encryption schemes, and generate a random code using the target symmetric encryption scheme;
the transmission unit is used for transmitting the random code to the server side in an asymmetric encryption mode;
and the communication unit is used for carrying out symmetric encryption communication with the server by using the random code as a symmetric encryption key.
10. A computer system, the system comprising:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform the method of any of claims 1-6.
CN202010279600.1A 2020-04-10 2020-04-10 Communication encryption method, device and system in OTA (over the air) upgrade of automobile Pending CN111510448A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010279600.1A CN111510448A (en) 2020-04-10 2020-04-10 Communication encryption method, device and system in OTA (over the air) upgrade of automobile

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010279600.1A CN111510448A (en) 2020-04-10 2020-04-10 Communication encryption method, device and system in OTA (over the air) upgrade of automobile

Publications (1)

Publication Number Publication Date
CN111510448A true CN111510448A (en) 2020-08-07

Family

ID=71870853

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010279600.1A Pending CN111510448A (en) 2020-04-10 2020-04-10 Communication encryption method, device and system in OTA (over the air) upgrade of automobile

Country Status (1)

Country Link
CN (1) CN111510448A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113504771A (en) * 2021-07-16 2021-10-15 东风小康汽车有限公司重庆分公司 Controller upgrading method and system
CN115189925A (en) * 2022-06-22 2022-10-14 一汽奔腾轿车有限公司 OTA secure communication method based on TLS bidirectional authentication
CN117093245A (en) * 2023-10-18 2023-11-21 湖北芯擎科技有限公司 OTA upgrade package verification method, device, equipment and readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508796A (en) * 2017-07-28 2017-12-22 北京明朝万达科技股份有限公司 A kind of data communications method and device
US20190246267A1 (en) * 2018-01-12 2019-08-08 Telefonaktiebolaget Lm Ericsson (Publ) Managing identifier privacy
CN110708388A (en) * 2019-10-15 2020-01-17 大陆投资(中国)有限公司 Vehicle body safety anchor node device, method and network system for providing safety service
CN110929262A (en) * 2019-11-20 2020-03-27 上海钧正网络科技有限公司 Online upgrading method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508796A (en) * 2017-07-28 2017-12-22 北京明朝万达科技股份有限公司 A kind of data communications method and device
US20190246267A1 (en) * 2018-01-12 2019-08-08 Telefonaktiebolaget Lm Ericsson (Publ) Managing identifier privacy
CN110708388A (en) * 2019-10-15 2020-01-17 大陆投资(中国)有限公司 Vehicle body safety anchor node device, method and network system for providing safety service
CN110929262A (en) * 2019-11-20 2020-03-27 上海钧正网络科技有限公司 Online upgrading method and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113504771A (en) * 2021-07-16 2021-10-15 东风小康汽车有限公司重庆分公司 Controller upgrading method and system
CN115189925A (en) * 2022-06-22 2022-10-14 一汽奔腾轿车有限公司 OTA secure communication method based on TLS bidirectional authentication
CN117093245A (en) * 2023-10-18 2023-11-21 湖北芯擎科技有限公司 OTA upgrade package verification method, device, equipment and readable storage medium
CN117093245B (en) * 2023-10-18 2024-01-16 湖北芯擎科技有限公司 OTA upgrade package verification method, device, equipment and readable storage medium

Similar Documents

Publication Publication Date Title
JP5136012B2 (en) Data sending method
CN107743067B (en) Method, system, terminal and storage medium for issuing digital certificate
CN111131313B (en) Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile
CN109639427B (en) Data sending method and equipment
CN108566381A (en) A kind of security upgrading method, device, server, equipment and medium
US8495383B2 (en) Method for the secure storing of program state data in an electronic device
JP6471112B2 (en) COMMUNICATION SYSTEM, TERMINAL DEVICE, COMMUNICATION METHOD, AND PROGRAM
EP1712992A1 (en) Updating of data instructions
CN115396121B (en) Security authentication method for security chip OTA data packet and security chip device
CN111510448A (en) Communication encryption method, device and system in OTA (over the air) upgrade of automobile
JP5380583B1 (en) Device authentication method and system
CN113794734A (en) Vehicle-mounted CAN bus encryption communication method, control device and readable storage medium
CN110708388A (en) Vehicle body safety anchor node device, method and network system for providing safety service
CN107733652B (en) Unlocking method and system for shared vehicle and vehicle lock
CN103078742A (en) Generation method and system of digital certificate
US20120317626A1 (en) Network resource access control methods and systems using transactional artifacts
CN110611679A (en) Data transmission method, device, equipment and system
CN107241341B (en) Access control method and device
KR101256114B1 (en) Message authentication code test method and system of many mac testserver
CN112861156B (en) Secure communication method and device for display data, electronic equipment and storage medium
CN115242471A (en) Information transmission method and device, electronic equipment and computer readable storage medium
CN114301597A (en) Key verification method, device and readable storage medium
JP2008233965A (en) Portable terminal device and program thetreof, and alternation prevention system and alternation prevention method
CN114710358B (en) Security authentication information acquisition method, device, vehicle, system and storage medium
CN114726539B (en) Trusted Cryptography Module (TCM) -based offline upgrading method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200807