CN116074000A - Conversation key distribution method and system based on CAN bus - Google Patents
Conversation key distribution method and system based on CAN bus Download PDFInfo
- Publication number
- CN116074000A CN116074000A CN202310135840.8A CN202310135840A CN116074000A CN 116074000 A CN116074000 A CN 116074000A CN 202310135840 A CN202310135840 A CN 202310135840A CN 116074000 A CN116074000 A CN 116074000A
- Authority
- CN
- China
- Prior art keywords
- session key
- key
- bus
- ciphertext data
- gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Power Engineering (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a session key distribution method and a system based on a CAN bus, wherein a CAN gateway randomly generates a session key A after a vehicle is electrified; encrypting the randomly generated session KEY A through a preset symmetric KEY to generate ciphertext data, and broadcasting the ciphertext data on a CAN network; each ECU receives the ciphertext data and then decrypts the data through a preset symmetric KEY to obtain a session KEY A sent by the CAN network; the invention utilizes the central position of the CAN gateway in the CAN network, and safely derives the session key on the basis of presetting the symmetric key, thereby avoiding the plaintext transmission of the key on the bus, and improving the security level of CAN bus communication in a mode of regenerating the session key after each power-on.
Description
Technical Field
The invention belongs to the technical field of vehicle session key distribution, and particularly relates to a session key distribution method and system based on a CAN bus.
Background
Each ECU in the vehicle communicates through a CAN bus, and a symmetric key is required to be generated as a session key in order to ensure the safety of CAN communication in the vehicle. The technical framework of SecOC is defined in the AutoSAR technical specification to ensure the safety of CAN communication, but the management mode and encryption mode of the secret key are not defined; the industry typically uses unified preset symmetry the key enables secure communication between the ECUs. Because each ECU is designed and produced by different suppliers, the hardware safety capability and the running environment are greatly different, the hardware capability of each controller of the whole vehicle is different, and some controllers are not provided with a hardware encryption module for storing keys, so that the risk of key leakage exists, and once the symmetric keys are uniformly preset, the safety communication cannot be effectively ensured.
The ECDHE algorithm is currently the most widely used key exchange algorithm in the industry that exploits the characteristics of the ECC elliptic curve, and can calculate the public key, and ultimately the session key, with fewer computations. The private keys of both parties are randomly and temporarily generated and are not disclosed, and even according to the disclosed information (elliptic curve, public key and base point G), discrete logarithms (private keys) on the elliptic curve are difficult to calculate, but the private keys are only suitable for key exchange of both parties and are not suitable for key exchange among a plurality of controllers in a vehicle; and the calculation amount is large, the method is not suitable for various controllers in the vehicle, and some controllers may have insufficient performance and cannot perform a large amount of calculation.
Disclosure of Invention
In order to improve the safety of information interaction among ECUs of a vehicle CAN network on the premise of not depending on the performance configuration of a vehicle controller, the invention provides a session key distribution method and a session key distribution system based on a CAN bus.
The session key distribution method based on the CAN bus for realizing one of the purposes of the invention comprises the following steps:
s1, after a vehicle is electrified, a CAN gateway generates a session key A; the session key A is used for communication among the ECUs through a CAN bus, and is randomly generated when the vehicle is electrified;
s2, encrypting the randomly generated session KEY A through a preset symmetric KEY KEY to generate ciphertext data, and broadcasting the ciphertext data on a CAN network;
s3, after receiving the ciphertext data, each ECU decrypts the ciphertext data through a preset symmetric KEY to obtain a session KEY A sent by the CAN network.
Further, the step S3 further includes: each ECU encrypts the decrypted session key A according to the local session key SK2 and sends the encrypted session key A to the CAN gateway.
Further, after the CAN gateway receives the encrypted messages sent by each ECU, the encrypted messages are decrypted according to the local session key SK1 to obtain a session key C; and the session is used for comparing the session key C with the session key A, and if the session key C is consistent with the session key A, the session key A randomly generated by the CAN gateway is considered to be successfully distributed.
Further, the local session key SK2 is generated according to a random number and a hash algorithm.
Further, the local session key SK1 is generated according to a random number and a hash algorithm.
Still further, the method for generating the local session key SK2 includes:
SK2=LOW16_BIT[HMAC[KEY,random_A]]
wherein:
LOW16_BIT represents the lower 16 BITs of the value HMAC [ KEY, random_A ];
HMAC KEY, random_a, means that a 256-bit hash value, typically represented by a 16-ary number, is generated from the preset symmetric KEY and random_a;
the KEY is the preset symmetric KEY;
random_a represents a random number a.
Further, the method for generating the local session key SK1 includes:
SK1=LOW16_BIT[HMAC[KEY,random_B]]
wherein:
LOW16_BIT represents the lower 16 BITs of the value of the result [ HMAC [ KEY, random_B ];
SHA256 KEY, random_b, means that a 256-bit hash value, typically represented by a 16-ary number, is generated from the preset symmetric KEY and random_b.
Further, the step S3 further comprises
The second purpose of the invention is achieved by a session key distribution system based on a CAN bus, which comprises a session key generation module; the system comprises a ciphertext data generation module and a session key decryption module;
the session key generation module is used for randomly generating a session key A by the CAN gateway after the vehicle is electrified;
the ciphertext data generation module is used for encrypting the randomly generated session KEY A according to a preset symmetric KEY KEY to generate ciphertext data, and broadcasting the ciphertext data on the CAN network;
and the session KEY decryption module is used for carrying out data decryption through a preset symmetric KEY after the ECU receives the ciphertext data to obtain a session KEY A sent by the CAN network.
Further, the system also comprises a session key encryption module which is used for encrypting the session key A sent by the decrypted CAN network by the ECU and then sending the encrypted session key A to the CAN gateway.
Still further, the ECU encrypts the session key a sent by the decrypted CAN network according to the local session key SK2, wherein the local session key SK2 is generated according to a random number and a hash algorithm.
Further, the system also comprises a session key decryption module, which is used for decrypting the message received from the ECU by the CAN gateway to obtain a session key C.
Further, the CAN gateway decrypts the message received from the ECU according to the local session key SK1 to obtain a session key C, wherein the local session key SK1 is generated according to a random number and a hash algorithm.
Further, the system also comprises a session key checking module, which is used for checking the session key C obtained by decryption and the transmitted session key A by the CAN gateway, and if the session key C is consistent with the transmitted session key A, the session key is considered to be successfully transmitted.
The beneficial effects are that:
the invention utilizes the central position of the CAN gateway in the CAN network, safely derives the session key on the basis of presetting the symmetric key, avoids the plaintext transmission of the session key on the CAN bus, and improves the safety level of CAN bus communication in a mode of randomly generating the session key again after each power-on.
Drawings
FIG. 1 is a method of distributing CAN bus session keys;
fig. 2 is a flow chart of the method of the present invention.
Detailed Description
The following detailed description is presented to explain the claimed invention and to enable those skilled in the art to understand the claimed invention. The scope of the invention is not limited to the following specific embodiments. It is also within the scope of the invention to include the claims of the present invention as made by those skilled in the art, rather than the following detailed description.
An embodiment of the method according to the invention is described below in connection with fig. 1 and 2.
S1, after a vehicle is electrified, a CAN gateway randomly generates a session key A; the session key A is used for encrypting communication among the ECUs of the vehicle through the CAN bus, so that the communication safety is ensured;
in another embodiment, in order to verify whether the transmitted session key a is correctly tampered, as shown in fig. 2, the CAN gateway generates a local session key SK1 of the local end using a hash algorithm, and temporarily stores the local session key SK1 in the security chip, where the local session key SK1 is used for verification of the session key a in a subsequent process; the method for generating the local session key SK1 in this embodiment is:
SK1=LOW16_BIT[HMAC[KEY,random_B]]
wherein:
LOW16_BIT represents the lower 16 BITs of the value of the result [ HMAC [ KEY, random_B ];
HMAC KEY, random B, means that a 256-bit hash value, typically represented by a 16-ary number, is generated from the preset symmetric KEY and random number random B.
S2, encrypting a session KEY A, a fresh value and a message MAC according to a preset symmetric KEY KEY, generating ciphertext data and carrying out periodic broadcasting for 100ms on a CAN network, wherein the maximum broadcasting time is not longer than 2S;
s3, after receiving the ciphertext data, each ECU decrypts the data through a preset symmetric KEY to obtain a session KEY sent by the CAN network, and verifies the correctness of the MAC and the message freshness value;
when the ECU verifies that the decrypted data is valid, a session key is taken out of the decrypted data, and the session key is set as a session key B; because it cannot be guaranteed that no abnormality occurs in the distribution process and whether the value of the session key is illegally tampered or not, the correctness of the session key needs to be verified, in another embodiment, the ECU uses a hash algorithm to generate a local session key SK2 of the local end, encrypts the parsed session key B by using the local session key SK2, and uses respective cand nodes to respond with ciphertext data (TOKEN); after receiving ciphertext data (TOKEN) returned by the CAN ID node corresponding to the ECU, the CAN gateway adopts a local session key SK1 to decrypt to obtain a session key, is set as C, compares whether the session key C is consistent with a transmitted session key A, and considers that the session key distribution is successful if the session key C is consistent with the transmitted session key A.
And if the CAN gateway receives the responses of all the ECUs and the analysis is correct, stopping the transmission of the key distribution message.
In this embodiment, the method for generating the local session key SK2 includes:
SK2=LOW16_BIT[HMAC[KEY,random_A]]
wherein:
LOW16_BIT represents the lower 16 BITs of the value HMAC [ KEY, random_A ];
HMAC KEY, random_a, means that a 256-bit hash value, typically represented by a 16-ary number, is generated from the preset symmetric KEY and random_a;
the KEY is the preset symmetric KEY;
random_a represents a random number a.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way.
The embodiment of the application also provides a session key distribution system based on the CAN bus, which comprises a session key generation module; the system comprises a ciphertext data generation module and a session key decryption module;
the session key generation module is operated in a CAN gateway of the vehicle and is used for randomly generating a session key A by the CAN gateway after the vehicle is electrified;
the ciphertext data generation module is operated in a CAN gateway of the vehicle and used for encrypting the randomly generated session KEY A according to a preset symmetric KEY KEY to generate ciphertext data, and broadcasting the ciphertext data on the CAN network;
the session KEY decryption module is operated in the ECU of the vehicle and is used for carrying out data decryption through a preset symmetric KEY after the ECU receives the ciphertext data to obtain a session KEY A sent by the CAN network.
In another embodiment, the system further comprises a session key encryption module, which is operated in the ECU of the vehicle and is used for encrypting the session key A sent by the decrypted CAN network by the ECU and then sending the encrypted session key A to the CAN gateway.
In another embodiment, the ECU encrypts the session key a sent by the decrypted CAN network according to a local session key SK2, wherein the local session key SK2 is generated according to a random number and a hash algorithm.
In another embodiment, the system further comprises a session key decryption module, which is operated in a CAN gateway of the vehicle and is used for decrypting the message received from the ECU by the CAN gateway to obtain the session key C.
In another embodiment, the CAN gateway decrypts the message received from the ECU according to the local session key SK1 to obtain the session key C, where the session key SK1 is generated according to a random number and a hash algorithm.
In another embodiment, the system further comprises a session key checking module, configured to check the session key C obtained by decryption with the sent session key a by the CAN gateway, and if the session key C is consistent with the sent session key a, consider that the session key a is successfully distributed.
What is not described in detail in this specification is prior art known to those skilled in the art.
Claims (10)
1. The session key distribution method based on the CAN bus is characterized by comprising the following steps of:
s1, after a vehicle is electrified, a CAN gateway generates a session key A;
s2, encrypting the session KEY A according to a preset symmetric KEY to generate ciphertext data, and broadcasting the ciphertext data on a CAN network;
s3, after receiving the ciphertext data, each ECU decrypts the ciphertext data through a preset symmetric KEY to obtain a session KEY A sent by the CAN network.
2. The CAN bus-based session key distribution method according to claim 1, wherein the step S3 further comprises: each ECU encrypts the decrypted session key A according to the local session key SK2 and sends the encrypted session key A to the CAN gateway.
3. The session key distribution method based on the CAN bus as set forth in claim 2, wherein after the CAN gateway receives the encrypted message sent by each ECU, the encrypted message is decrypted according to the local session key SK1 to obtain the session key C; the session key C is used for comparing with the session key A, and if the session key C is consistent with the session key A, the session key A is considered to be successfully distributed.
4. A CAN bus based session key distribution method according to claim 2 or 3, characterized in that the local session key SK2 is generated according to a random number and a hash algorithm.
5. The CAN bus-based session key distribution method of claim 3, wherein the local session key SK1 is generated according to a random number and a hash algorithm.
6. A CAN bus-based session key distribution system according to the method of claim 1, comprising a session key generation module; the system comprises a ciphertext data generation module and a session key decryption module;
the session key generation module is used for randomly generating a session key A by the CAN gateway after the vehicle is electrified;
the ciphertext data generation module is used for encrypting the randomly generated session KEY A according to a preset symmetric KEY KEY to generate ciphertext data, and broadcasting the ciphertext data on the CAN network;
and the session KEY decryption module is used for carrying out data decryption through a preset symmetric KEY after the ECU receives the ciphertext data to obtain a session KEY A sent by the CAN network.
7. The session key distribution system based on CAN bus according to the method of claim 6, further comprising a session key encryption module for the ECU encrypting the session key a sent by the decrypted CAN network and sending the encrypted session key a to the CAN gateway.
8. The CAN bus based session key distribution system of the method of claim 7, wherein the ECU encrypts the decrypted CAN network transmitted session key a based on a local session key SK2, wherein the local session key SK2 is generated based on a random number and a hash algorithm.
9. The CAN bus-based session key distribution system of the method of claim 7, further comprising a session key decryption module configured to decrypt a message received from the ECU by the CAN gateway to obtain the session key C.
10. The CAN bus based session key distribution system of the method of claim 9, wherein the CAN gateway decrypts the message received from the ECU based on the local session key SK1 to obtain the session key C, wherein the session key SK1 is generated based on a random number and a hash algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310135840.8A CN116074000A (en) | 2023-02-20 | 2023-02-20 | Conversation key distribution method and system based on CAN bus |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310135840.8A CN116074000A (en) | 2023-02-20 | 2023-02-20 | Conversation key distribution method and system based on CAN bus |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116074000A true CN116074000A (en) | 2023-05-05 |
Family
ID=86181873
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310135840.8A Pending CN116074000A (en) | 2023-02-20 | 2023-02-20 | Conversation key distribution method and system based on CAN bus |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116074000A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116708031A (en) * | 2023-08-04 | 2023-09-05 | 晟安信息技术有限公司 | CAN bus data communication security configuration method and system |
CN117318941A (en) * | 2023-11-29 | 2023-12-29 | 合肥工业大学 | Method, system, terminal and storage medium for distributing preset secret key based on in-car network |
CN117395003A (en) * | 2023-12-11 | 2024-01-12 | 智极(广州)科技有限公司 | Low-cost high-reliability vehicle-mounted CAN bus safety communication method and safety communication system |
-
2023
- 2023-02-20 CN CN202310135840.8A patent/CN116074000A/en active Pending
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116708031A (en) * | 2023-08-04 | 2023-09-05 | 晟安信息技术有限公司 | CAN bus data communication security configuration method and system |
CN116708031B (en) * | 2023-08-04 | 2023-11-03 | 晟安信息技术有限公司 | CAN bus data communication security configuration method and system |
CN117318941A (en) * | 2023-11-29 | 2023-12-29 | 合肥工业大学 | Method, system, terminal and storage medium for distributing preset secret key based on in-car network |
CN117318941B (en) * | 2023-11-29 | 2024-02-13 | 合肥工业大学 | Method, system, terminal and storage medium for distributing preset secret key based on in-car network |
CN117395003A (en) * | 2023-12-11 | 2024-01-12 | 智极(广州)科技有限公司 | Low-cost high-reliability vehicle-mounted CAN bus safety communication method and safety communication system |
CN117395003B (en) * | 2023-12-11 | 2024-03-08 | 智极(广州)科技有限公司 | Low-cost high-reliability vehicle-mounted CAN bus safety communication method and safety communication system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111010410B (en) | Mimicry defense system based on certificate identity authentication and certificate signing and issuing method | |
US10218499B1 (en) | System and method for secure communications between controllers in a vehicle network | |
CN116074000A (en) | Conversation key distribution method and system based on CAN bus | |
CN105049401B (en) | A kind of safety communicating method based on intelligent vehicle | |
US7693286B2 (en) | Method of delivering direct proof private keys in signed groups to devices using a distribution CD | |
CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
CN112351037B (en) | Information processing method and device for secure communication | |
CN113852632B (en) | SM9 algorithm-based vehicle identity authentication method, system, device and storage medium | |
CN112636923B (en) | Engineering machinery CAN equipment identity authentication method and system | |
CN111614621A (en) | Internet of things communication method and system | |
Püllen et al. | Using implicit certification to efficiently establish authenticated group keys for in-vehicle networks | |
CN100495964C (en) | A light access authentication method | |
Carvajal-Roca et al. | A semi-centralized dynamic key management framework for in-vehicle networks | |
CN114091009A (en) | Method for establishing secure link by using distributed identity | |
Park et al. | A secure communication method for canbus | |
CN116132043B (en) | Session key negotiation method, device and equipment | |
CN114928503B (en) | Method for realizing secure channel and data transmission method | |
CN112906032B (en) | File secure transmission method, system and medium based on CP-ABE and block chain | |
WO2022110688A1 (en) | Field bus-based data transmission method and system, and field bus-based identity verification method and system | |
CN112055071B (en) | Industrial control safety communication system and method based on 5G | |
CN116633530A (en) | Quantum key transmission method, device and system | |
Dee et al. | Message integrity and authenticity in secure CAN | |
CN114584385A (en) | In-vehicle network safety communication method, computer equipment, medium and terminal | |
CN110086627B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and time stamp | |
Sun et al. | ECQV-GDH-Based Group Key Exchange Protocol for CAN Bus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |