CN114760056B - Secure communication method and device for dynamically updating key - Google Patents

Secure communication method and device for dynamically updating key Download PDF

Info

Publication number
CN114760056B
CN114760056B CN202210675462.8A CN202210675462A CN114760056B CN 114760056 B CN114760056 B CN 114760056B CN 202210675462 A CN202210675462 A CN 202210675462A CN 114760056 B CN114760056 B CN 114760056B
Authority
CN
China
Prior art keywords
key
node
data
server
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210675462.8A
Other languages
Chinese (zh)
Other versions
CN114760056A (en
Inventor
刘曼
张奇惠
邱达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Wise Security Technology Co Ltd
Original Assignee
Guangzhou Wise Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Wise Security Technology Co Ltd filed Critical Guangzhou Wise Security Technology Co Ltd
Priority to CN202210675462.8A priority Critical patent/CN114760056B/en
Publication of CN114760056A publication Critical patent/CN114760056A/en
Application granted granted Critical
Publication of CN114760056B publication Critical patent/CN114760056B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention discloses a secure communication method and a device for dynamically updating a secret key, wherein the method comprises the following steps: when the key updating period is detected to be met, determining adjacent Internet of vehicles nodes in the current Internet of vehicles state; selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request; receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key; and after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission. According to the scheme, the safety of equipment communication is improved, and the leakage of privacy and important data is prevented.

Description

Secure communication method and device for dynamically updating key
Technical Field
The embodiment of the application relates to the technical field of communication security, in particular to a secure communication method and device for dynamically updating a key.
Background
With the popularization of networks and the development of hardware devices, networking communication is realized among devices to realize more and more applications of various complex functions. For example, in vehicle networking communications, vehicle devices interact with data of a server. How to ensure the safe communication between the devices is an important problem to be solved at present.
In the related art, patent document CN113573244A discloses a block chain-based security communication system for internet of vehicles, which includes a vehicle block chain node module, an edge block chain node module, a security communication evaluation module and a block chain service network, where the vehicle block chain node module is used to generate block chain data communication transmission nodes in units of vehicles, the edge block chain node module is used to generate block chain service communication nodes in units of base stations, the security communication evaluation module is used to evaluate the security of vehicles joining the security communication system of the internet of vehicles, the block chain service network is used to provide decentralized vehicle information block storage books, the vehicle block chain node module is connected with the edge block chain node module through the block chain service network, and the edge block chain node module is electrically connected with the security communication evaluation module, thereby implementing device security communication. However, the above scheme is only data transmission at a system level, and although there is safety evaluation on the joining vehicle, the safety in a specific communication process needs to be further ensured to avoid the problem of information leakage caused by cracking of vehicle devices therein.
Disclosure of Invention
The embodiment of the invention provides a secure communication method and a secure communication device for dynamically updating a secret key, which improve the security of equipment communication and prevent privacy and important data from being leaked.
In a first aspect, an embodiment of the present invention provides a secure communication method for dynamically updating a key, where the method includes:
when the condition that a key updating period is met is detected, determining adjacent Internet of vehicles nodes in the current Internet of vehicles state;
selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request;
receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key;
and after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission.
Optionally, when it is detected that the key update period is satisfied, the method includes:
when it is detected that the data transmission amount reaches the transmission threshold value and the usage cycle of the used encryption information exceeds a preset usage period.
Optionally, the determining the neighboring car networking nodes in the current networking state includes:
and acquiring each Internet of vehicles node in a networking state in the current area through a node state acquisition request sent to the server, wherein the networking state comprises a state of performing data interaction with the server within preset time.
Optionally, the selecting a key obtaining node from the car networking nodes includes:
determining the time for performing security authentication with a server in the Internet of vehicles node;
determining the vehicle networking node closest to the time of safety authentication of the server as a node to be selected;
and determining the communication transmission parameters of the nodes to be selected, determining the nodes to be selected as key acquisition nodes if the communication transmission parameters meet the set safe transmission conditions, and determining the nodes of the Internet of vehicles which are the second nearest to the time of safety authentication of the server as the nodes to be selected if the communication transmission parameters do not meet the set safe transmission conditions.
Optionally, the communication transmission parameter meeting the set secure transmission condition includes:
the attack behavior times detected in the communication parameters are smaller than the preset times, and the data interaction success rate is larger than the preset percentage threshold.
Optionally, after the data is encrypted by the encryption key, the encrypted data and the identifier are sent to a server for data transmission, including:
and performing data encryption through the encryption key, and respectively and independently sending the encrypted data and the identifier to a server for determining a corresponding decryption key according to the identifier and decrypting the encrypted data by using the decryption key.
Optionally, the secure communication method for dynamically updating the key further includes:
after each Internet of vehicles node is started, a security authentication request is sent to a server;
the server generates encryption keys of different Internet of vehicles nodes based on the security authentication request, sends the generated different encryption keys to corresponding Internet of vehicles nodes, and stores decryption keys corresponding to the encryption keys.
In a second aspect, an embodiment of the present invention further provides a secure communications apparatus for dynamically updating a key, including:
the vehicle networking node determining module is configured to determine adjacent vehicle networking nodes in the current networking state when detecting that the key updating period is met;
the key data acquisition module is configured to select a key acquisition node from the nodes of the Internet of vehicles, establish communication connection with the key acquisition node, and send a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request;
a key data receiving module configured to receive key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key;
and the encryption processing module is configured to encrypt data through the encryption key and then send the encrypted data and the identifier to a server for data transmission.
In a third aspect, an embodiment of the present invention further provides a secure communication device for dynamically updating a key, where the secure communication device includes:
one or more processors;
a storage device to store one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the secure communication method for dynamically updating a key according to the embodiment of the present invention.
In a fourth aspect, the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform the method for secure communication of dynamically updated keys according to the present invention.
In a fifth aspect, the present application further provides a computer program product, where the computer program product includes a computer program, where the computer program is stored in a computer-readable storage medium, and at least one processor of the device reads from the computer-readable storage medium and executes the computer program, so that the device executes the secure communication method for dynamically updating a key according to the present application.
In the embodiment of the invention, when the condition that a key updating period is met is detected, adjacent Internet-of-vehicles nodes in the current Internet-of-vehicles state are determined; selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request; receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key; and after data encryption is carried out through the encryption key, sending the encrypted data and the identifier to a server for data transmission. According to the scheme, the communication safety of the equipment is improved, and the privacy and the leakage of important data are prevented.
Drawings
Fig. 1 is a flowchart of a secure communication method for dynamically updating a key according to an embodiment of the present invention;
FIG. 2 is a flowchart of a secure communication method for determining dynamically updated keys of neighboring nodes in the Internet of vehicles according to an embodiment of the present invention;
fig. 3 is a flowchart of a secure communication method for dynamically updating a key for determining selection of a key acquisition node in an internet of vehicles according to an embodiment of the present invention;
fig. 4 is a block diagram of a secure communication device for dynamically updating a key according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a secure communication device for dynamically updating a key according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention will be described in further detail with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad invention. It should be further noted that, for convenience of description, only some structures related to the embodiments of the present invention are shown in the drawings, not all of them.
Fig. 1 is a flowchart of a secure communication method for dynamically updating a key according to an embodiment of the present invention, which may be executed by a node device having a secure communication module, such as a control device of a vehicle device in an internet of vehicles, where an embodiment of the present invention specifically includes the following steps:
and S101, when the condition that the key updating period is met is detected, determining adjacent Internet of vehicles nodes in the current Internet of vehicles state.
In one embodiment, when the device detects whether a key update period is satisfied in real time or periodically during communication, the key update period may be a set period time interval for determining whether to perform key update.
Optionally, an optimized detection method is as follows: when it is detected that the data transmission amount reaches the transmission threshold value and the usage cycle of the used encryption information exceeds a preset usage period, it is determined that it satisfies the key update cycle. The transmission threshold is used to determine the amount of data that has been encrypted using the current, i.e., old, encryption key when data transmission is performed. The old encryption key may be an encryption key generated by the current device or distributed by the server, or may be an encryption key of another device obtained dynamically.
In one embodiment, when it is detected that the rekeying period is satisfied, neighboring Internet of vehicles nodes in the current networking state are determined. Each vehicle device is connected to the server through the integrated control device, each vehicle device is equivalent to one vehicle networking node, and when the control device of the vehicle networking node is started or a networking instruction is received, the vehicle networking node is in a networking state and can perform data interaction with the server or other vehicle networking nodes. The adjacent Internet of vehicles nodes can be other Internet of vehicles nodes which are within a set unified area range with the current node. In one embodiment, when the car networking nodes are in a networking state, the car networking nodes can perform data interaction with the server in real time so as to send the positions of the car networking nodes to the server, and the server can determine the nodes in a preset range around a certain car networking node according to the positions of the car networking nodes.
And S102, selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request.
In one embodiment, after the adjacent Internet of vehicles nodes are determined, key acquisition nodes are selected from the adjacent Internet of vehicles nodes to acquire keys, so that dynamic updating of the keys is realized. After the key acquisition node is determined, establishing communication connection with the key acquisition node and sending a key data acquisition request, and after receiving the key data acquisition request, correspondingly feeding back the key data by the key acquisition node.
Step S103, receiving key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key.
In one embodiment, the key data sent by the key obtaining node is received, and the original encrypted data is replaced by the key data, so as to perform subsequent data encryption and sending. The key data comprises the identification of the key acquisition node and an encryption key, and the identification of the key acquisition node is used for distinguishing the key acquisition node and marking the identity; the encryption key included in the key data is used for encrypting the transmitted data when the current vehicle networking equipment node transmits the data with the server.
And step S104, after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission.
In one embodiment, when a key updating period is met, the obtained encryption key of the key obtaining node is used for encrypting data, the original expired encryption key is not used, and the situation that the current Internet of vehicles node is attacked for multiple times and then is cracked to invade an Internet of vehicles equipment system and steal important sensitive information is avoided.
According to the method, when the key updating period is detected to be met, the adjacent Internet of vehicles nodes in the current Internet state are determined; selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request; receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key; and after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission. According to the scheme, the safety of equipment communication is improved, and the leakage of privacy and important data is prevented.
Fig. 2 is a flowchart of a secure communication method for determining a dynamic update key of an adjacent car networking node according to an embodiment of the present invention. On the basis of the above technical solution, a specific method for determining an adjacent car networking node is provided, as shown in fig. 2, specifically including:
step S201, when it is detected that a key updating period is met, each Internet of vehicles node in a current area in an Internet state is obtained through a node state obtaining request sent to a server, wherein the Internet state comprises a state of data interaction with the server within preset time.
In one embodiment, in the process of determining the adjacent car networking nodes, each car networking node in the current area in the networking state is acquired through a node state acquisition request sent to the server, and the specific area size can be set according to actual conditions. Optionally, the nodes of the internet of vehicles are determined in a small range, for example, within 1 km, and if the number of the nodes of the internet of vehicles meeting the requirement in the range is insufficient, the area range is expanded, for example, the coverage range is expanded to within 5 km. Wherein, the preset time may be 10 minutes or 30 minutes, etc.
Step S202, selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request.
Step S203, receiving key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key.
And step S204, after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission.
Therefore, each Internet of vehicles node in the networking state in the current area is obtained through a node state obtaining request sent to the server, the networking state comprises a state of data interaction with the server within preset time, and selection of adjacent Internet of vehicles nodes is further limited, so that availability and safety of obtained key data are guaranteed.
Fig. 3 is a flowchart of a secure communication method for dynamically updating a key for determining selection of a key acquisition node in an internet of vehicles according to an embodiment of the present invention. On the basis of the above technical solution, a specific method for selecting a key acquisition node in a node in the internet of vehicles is provided, as shown in fig. 3, which specifically includes:
step S301, when it is detected that a key updating period is met, each Internet of vehicles node in the current area in the networking state is obtained through a node state obtaining request sent to the server, wherein the networking state comprises a state of data interaction with the server within preset time.
Step S302, determining the time of safety certification with a server in the nodes of the Internet of vehicles, determining the node of the Internet of vehicles closest to the time of safety certification with the server as a node to be selected, determining the communication transmission parameter of the node to be selected, determining the node to be selected as a key acquisition node if the communication transmission parameter meets the set safety transmission condition, and determining the node of the Internet of vehicles closest to the time of safety certification with the server as the node to be selected if the communication transmission parameter does not meet the set safety transmission condition.
In one embodiment, when the key acquisition node is obtained by selecting the car networking node, the time of performing security authentication with the server in the adjacent car networking nodes may be acquired from the server, and the car networking node closest to the time of performing security authentication with the server is determined as the node to be selected. Meanwhile, the node to be selected is further judged to determine whether the safe transmission condition is met. Optionally, the communication transmission parameter satisfies the set secure transmission condition, including: the attack behavior times detected in the communication parameters are smaller than the preset times, and the data interaction success rate is larger than the preset percentage threshold. Illustratively, the preset number of times is set to 10, for example, and the preset percentage threshold is 80%.
Step S303, the key obtaining node establishes a communication connection, and sends a key data obtaining request, which is used for the key obtaining node to send key data according to the key data obtaining request.
Step S304, receiving key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key.
Step S305, after data encryption is performed by the encryption key, sending the encrypted data and the identifier to a server for data transmission.
As can be seen from the above, in the determining of the time for performing security authentication with the server in the nodes in the internet of vehicles, the node in the internet of vehicles closest to the time for performing security authentication with the server is determined as the node to be selected, the communication transmission parameter of the node to be selected is determined, if the communication transmission parameter meets the set security transmission condition, the node to be selected is determined as the key acquisition node, and if the communication transmission parameter does not meet the set security transmission condition, the node in the internet of vehicles closest to the time for performing security authentication with the server is determined as the node to be selected.
On the basis of the above technical solution, after data encryption is performed by the encryption key, the encrypted data and the identifier are sent to a server for data transmission, including: and performing data encryption through the encryption key, and respectively and independently sending the encrypted data and the identifier to a server for determining a corresponding decryption key according to the identifier and decrypting the encrypted data by using the decryption key. Therefore, the safety of information transmission is further ensured, and the information is prevented from being intercepted and cracked once.
On the basis of the above technical solution, the secure communication method for dynamically updating the key further includes: after each Internet of vehicles node is started, a security authentication request is sent to a server; the server generates encryption keys of different Internet of vehicles nodes based on the security authentication request, sends the generated different encryption keys to corresponding Internet of vehicles nodes, and stores decryption keys corresponding to the encryption keys. The server stores the key data of each node, determines a unique key acquisition node according to the identifier after receiving the encrypted data and the identifier sent by the Internet of vehicles, and decrypts the encrypted data by using the stored decryption key of the key acquisition node.
Fig. 4 is a block diagram of a secure communication apparatus for dynamically updating a key according to an embodiment of the present invention, where the apparatus is used to execute a secure communication method for dynamically updating a key according to the embodiment of the data receiving end, and has functional modules and beneficial effects corresponding to the execution method. As shown in fig. 4, the apparatus specifically includes: a vehicle networking node determination module 101, a key data acquisition module 102, a key data reception module 103, and an encryption processing module 104, wherein,
the Internet of vehicles node determination module 101 is configured to determine an adjacent Internet of vehicles node in a current networking state when detecting that a key update cycle is met;
a key data acquisition module 102 configured to select a key acquisition node from the car networking nodes, establish communication connection with the key acquisition node, and send a key data acquisition request, where the key acquisition node is used to send key data according to the key data acquisition request;
a key data receiving module 103 configured to receive key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key;
and the encryption processing module 104 is configured to send the encrypted data and the identifier to the server for data transmission after data encryption is performed by the encryption key.
According to the scheme, when the key updating period is detected to be met, the adjacent Internet of vehicles nodes in the current Internet state are determined; selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request; receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key; and after data encryption is carried out through the encryption key, the encrypted data and the identification are sent to a server for data transmission. According to the scheme, the communication safety of the equipment is improved, and the privacy and the leakage of important data are prevented. Correspondingly, the functions executed by the modules are respectively as follows:
in a possible embodiment, the detecting that the key update period is satisfied includes:
when it is detected that the data transmission amount reaches the transmission threshold value and the usage cycle of the used encryption information exceeds a preset usage period.
In one possible embodiment, the determining neighboring car networking nodes in the current networking state includes:
and acquiring each Internet of vehicles node in a networking state in the current area through a node state acquisition request sent to the server, wherein the networking state comprises a state of performing data interaction with the server within preset time.
In one possible embodiment, the selecting a key obtaining node among the car networking nodes includes:
determining the time for performing security authentication with a server in the Internet of vehicles node;
determining the vehicle networking node closest to the time of safety authentication of the server as a node to be selected;
and determining the communication transmission parameters of the nodes to be selected, determining the nodes to be selected as key acquisition nodes if the communication transmission parameters meet the set safe transmission conditions, and determining the nodes of the Internet of vehicles which are the second nearest to the time of safety authentication of the server as the nodes to be selected if the communication transmission parameters do not meet the set safe transmission conditions.
In one possible embodiment, the communication transmission parameter satisfies a set secure transmission condition, including:
the attack behavior times detected in the communication parameters are smaller than the preset times, and the data interaction success rate is larger than the preset percentage threshold.
In a possible embodiment, after the data is encrypted by the encryption key, the sending the encrypted data and the identifier to a server for data transmission includes:
and performing data encryption through the encryption key, and respectively and independently sending the encrypted data and the identifier to a server for determining a corresponding decryption key according to the identifier and decrypting the encrypted data by using the decryption key.
In a possible embodiment, the method for secure communication of dynamically updated keys further includes:
after each Internet of vehicles node is started, sending a security authentication request to a server;
the server generates encryption keys of different Internet of vehicles nodes based on the security authentication request, sends the generated different encryption keys to corresponding Internet of vehicles nodes, and stores decryption keys corresponding to the encryption keys.
Fig. 5 is a schematic structural diagram of a secure communication apparatus for dynamically updating a key according to an embodiment of the present invention, as shown in fig. 5, the apparatus includes a processor 201, a memory 202, an input device 203, and an output device 204; the number of the processors 201 in the device may be one or more, and one processor 201 is taken as an example in fig. 5; the processor 201, the memory 202, the input device 203 and the output device 204 in the apparatus may be connected by a bus or other means, and fig. 5 illustrates the connection by a bus as an example. The memory 202 is a computer-readable storage medium for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the secure communication method for dynamically updating keys in the embodiments of the present invention. The processor 201 executes various functional applications of the device and data processing by running software programs, instructions and modules stored in the memory 202, that is, implements the above-described secure communication method of dynamically updating keys. The input device 203 may be used to receive input numeric or character information and generate key signal inputs relating to user settings and function controls of the apparatus. The output device 204 may include a display device such as a display screen.
Embodiments of the present invention also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method for secure communication for dynamically updating a key, the method comprising:
when the key updating period is detected to be met, determining adjacent Internet of vehicles nodes in the current Internet of vehicles state;
selecting a key acquisition node from the Internet of vehicles nodes, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request;
receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key;
and after data encryption is carried out through the encryption key, sending the encrypted data and the identifier to a server for data transmission.
From the above description of the embodiments, it is obvious for those skilled in the art that the embodiments of the present invention can be implemented by software and necessary general hardware, and certainly can be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions to make a computer device (which may be a personal computer, a service, or a network device) perform the methods described in the embodiments of the present invention.
It should be noted that, in the embodiment of the secure communication apparatus for dynamically updating a key, the included units and modules are merely divided according to functional logic, but are not limited to the above division as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the embodiment of the invention.
In some possible embodiments, various aspects of the methods provided by the present application may also be implemented in the form of a program product including program code for causing a computer device to perform the steps of the methods according to various exemplary embodiments of the present application described above in this specification when the program product runs on the computer device, for example, the computer device may perform the secure communication method for dynamically updating a key described in the embodiments of the present application. The program product may be implemented using any combination of one or more readable media.
It should be noted that the foregoing is only a preferred embodiment of the present invention and the technical principles applied. Those skilled in the art will appreciate that the embodiments of the present invention are not limited to the specific embodiments described herein, and that various obvious changes, adaptations, and substitutions are possible, without departing from the scope of the embodiments of the present invention. Therefore, although the embodiments of the present invention have been described in more detail through the above embodiments, the embodiments of the present invention are not limited to the above embodiments, and many other equivalent embodiments can be included without departing from the concept of the embodiments of the present invention, and the scope of the embodiments of the present invention is determined by the scope of the appended claims.

Claims (8)

1. A method for secure communication with dynamic key update, comprising:
when the condition that a key updating period is met is detected, each Internet of vehicles node in the current area in the networking state is obtained through a node state obtaining request sent to a server, wherein the networking state comprises a state of data interaction with the server within preset time;
determining the time of safety authentication with a server in the Internet of vehicles nodes, determining the Internet of vehicles node closest to the time of safety authentication with the server as a node to be selected, determining the communication transmission parameter of the node to be selected, determining the node to be selected as a key acquisition node if the communication transmission parameter meets the set safety transmission condition, determining the Internet of vehicles node second closest to the time of safety authentication with the server as the node to be selected if the communication transmission parameter does not meet the set safety transmission condition, establishing communication connection with the key acquisition node, and sending a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request;
receiving key data sent by the key obtaining node, wherein the key data comprises an identifier of the key obtaining node and an encryption key;
and after data encryption is carried out through the encryption key, sending the encrypted data and the identifier to a server for data transmission.
2. The method of claim 1, wherein the detecting that the rekeying period is satisfied comprises:
when it is detected that the data transmission amount reaches the transmission threshold value and the usage cycle of the used encryption information exceeds a preset usage period.
3. The method for secure communication of dynamically updated key according to claim 1, wherein the communication transmission parameter satisfying the set secure transmission condition comprises:
the attack behavior times detected in the communication transmission parameters are smaller than the preset times, and the data interaction success rate is larger than the preset percentage threshold.
4. The secure communication method for dynamically updating the key according to claim 1, wherein after the data is encrypted by the encryption key, the encrypted data and the identifier are sent to a server for data transmission, comprising:
and encrypting data through the encryption key, and respectively and independently sending the encrypted data and the identifier to a server for determining a corresponding decryption key according to the identifier and decrypting the encrypted data by using the decryption key.
5. The method for secure communication of dynamic update keys according to any one of claims 1-3, further comprising:
after each Internet of vehicles node is started, sending a security authentication request to a server;
the server generates encryption keys of different Internet of vehicles nodes based on the security authentication request, sends the generated different encryption keys to corresponding Internet of vehicles nodes, and stores decryption keys corresponding to the encryption keys.
6. A secure communications device for dynamically updating keys, comprising:
the Internet of vehicles node determination module is configured to obtain each Internet of vehicles node in a networking state in a current area through a node state obtaining request sent to the server when the condition that a key updating period is met is detected, wherein the networking state comprises a state of data interaction with the server within a preset time;
the key data acquisition module is configured to determine the time for performing security authentication with the server in the Internet of vehicles nodes, determine the Internet of vehicles node closest to the time for performing security authentication with the server as a node to be selected, determine the communication transmission parameter of the node to be selected, determine the node to be selected as a key acquisition node if the communication transmission parameter meets a set security transmission condition, determine the Internet of vehicles node second closest to the time for performing security authentication with the server as the node to be selected if the communication transmission parameter does not meet the set security transmission condition, establish communication connection with the key acquisition node, and send a key data acquisition request for the key acquisition node to send key data according to the key data acquisition request;
a key data receiving module configured to receive key data sent by the key obtaining node, where the key data includes an identifier of the key obtaining node and an encryption key;
and the encryption processing module is configured to send the encrypted data and the identifier to a server for data transmission after data encryption is performed through the encryption key.
7. A secure communications device that dynamically updates keys, the device comprising: one or more processors; storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the method of secure communication of dynamically updated keys as claimed in any one of claims 1 to 5.
8. A storage medium containing computer-executable instructions for performing the method of dynamically updating secure communications of keys of any of claims 1-5 when executed by a computer processor.
CN202210675462.8A 2022-06-15 2022-06-15 Secure communication method and device for dynamically updating key Active CN114760056B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210675462.8A CN114760056B (en) 2022-06-15 2022-06-15 Secure communication method and device for dynamically updating key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210675462.8A CN114760056B (en) 2022-06-15 2022-06-15 Secure communication method and device for dynamically updating key

Publications (2)

Publication Number Publication Date
CN114760056A CN114760056A (en) 2022-07-15
CN114760056B true CN114760056B (en) 2022-10-18

Family

ID=82336898

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210675462.8A Active CN114760056B (en) 2022-06-15 2022-06-15 Secure communication method and device for dynamically updating key

Country Status (1)

Country Link
CN (1) CN114760056B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115276991B (en) * 2022-09-28 2023-03-24 广州万协通信息技术有限公司 Secure chip dynamic key generation method, secure chip device, equipment and medium
CN115941182B (en) * 2023-02-21 2024-01-30 浙江国利信安科技有限公司 Method, computing device, and storage medium for network key update

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113923655A (en) * 2020-12-23 2022-01-11 技象科技(浙江)有限公司 Data decryption receiving method and device based on adjacent nodes
CN114364062A (en) * 2021-12-13 2022-04-15 广东电网有限责任公司 Method for accessing gateway safely in Internet of vehicles

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110708388B (en) * 2019-10-15 2022-09-23 大陆投资(中国)有限公司 Vehicle body safety anchor node device, method and network system for providing safety service
CN113497704A (en) * 2020-04-01 2021-10-12 罗伯特·博世有限公司 Vehicle-mounted key generation method, vehicle and computer-readable storage medium
CN114301611B (en) * 2020-09-22 2023-11-07 如般量子科技有限公司 Secret communication method of Internet of vehicles and Internet of vehicles system capable of conducting secret communication
CN112953939A (en) * 2021-02-20 2021-06-11 联合汽车电子有限公司 Key management method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113923655A (en) * 2020-12-23 2022-01-11 技象科技(浙江)有限公司 Data decryption receiving method and device based on adjacent nodes
CN114364062A (en) * 2021-12-13 2022-04-15 广东电网有限责任公司 Method for accessing gateway safely in Internet of vehicles

Also Published As

Publication number Publication date
CN114760056A (en) 2022-07-15

Similar Documents

Publication Publication Date Title
CN114760056B (en) Secure communication method and device for dynamically updating key
CN106790223B (en) Data transmission method, equipment and system
CN101404576B (en) Network resource query method and system
CN114637987B (en) Security chip firmware downloading method and system based on platform verification
CN111246481B (en) Micro base station authentication method and terminal
CN111246474B (en) Base station authentication method and device
CN117118763B (en) Method, device and system for data transmission
CN115208697A (en) Adaptive data encryption method and device based on attack behavior
CN113992427B (en) Data encryption sending method and device based on adjacent nodes
CN110730447B (en) User identity protection method, user terminal and core network
CN109005164B (en) Network system, equipment, network data interaction method and storage medium
CN113162928B (en) Communication method, communication device, ECU, vehicle and storage medium
CN114785618B (en) Data communication method and system based on adjacent node secondary authentication
CN114218598B (en) Service processing method, device, equipment and storage medium
CN114338132B (en) Secret-free login method, client application, operator server and electronic equipment
CN112995140B (en) Safety management system and method
CN110933028B (en) Message transmission method, device, network equipment and storage medium
CN111800791B (en) Authentication method, core network equipment and terminal
CN111885595B (en) Intelligent household appliance configuration networking method, device and system
CN107295015B (en) Traffic signal machine communication method
CN110830243A (en) Symmetric key distribution method, device, vehicle and storage medium
CN115208569B (en) Encryption and decryption method and device for dynamic key distribution
CN114760156B (en) Method and device for determining associated node of terminal equipment
CN111065099B (en) Base station selection method, terminal to be accessed and reference terminal
CN112637249B (en) Internet of things node identification authentication method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant