CN117941316A - Key sharing method and device, terminal and computer readable storage medium - Google Patents

Key sharing method and device, terminal and computer readable storage medium Download PDF

Info

Publication number
CN117941316A
CN117941316A CN202280003138.XA CN202280003138A CN117941316A CN 117941316 A CN117941316 A CN 117941316A CN 202280003138 A CN202280003138 A CN 202280003138A CN 117941316 A CN117941316 A CN 117941316A
Authority
CN
China
Prior art keywords
key
vehicle
information
public key
communication mode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202280003138.XA
Other languages
Chinese (zh)
Inventor
乔光军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Publication of CN117941316A publication Critical patent/CN117941316A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The disclosure relates to a key sharing method, a key sharing device, a terminal and a computer readable storage medium, wherein the key sharing method comprises the following steps: receiving digital key sharing information sent by second equipment through a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; transmitting a first public key of the first device to the second device through the first communication mode; receiving signature information sent by the second equipment through the first communication mode; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key. According to the method and the device, the situation that the information transmission speed is low due to network delay of a mobile network or the Internet can be avoided, and the efficiency and the success rate of key sharing are improved.

Description

Key sharing method and device, terminal and computer readable storage medium Technical Field
The disclosure relates to the technical field of communication, and in particular relates to a key sharing method, a key sharing device, a terminal and a computer readable storage medium.
Background
With the development of the vehicle intelligent system, the demand for replacing physical vehicle keys by intelligent devices such as mobile phones is stronger, and digital keys are more popular. In addition to the vehicle owner itself needing to use the digital key to control the vehicle, the vehicle owner sometimes needs to share the digital key to other users (e.g., friends of the vehicle owner) because the vehicle owner sometimes also needs to borrow the vehicle for other users. However, in the digital key sharing process, some problems of information transmission delay exist.
Disclosure of Invention
In view of the above, embodiments of the present disclosure provide a key sharing method, a key sharing device, a terminal and a computer readable storage medium, so as to solve the technical problems in the related art.
According to a first aspect of an embodiment of the present disclosure, a key sharing method is provided, which is executed by a first device, and the method includes: receiving digital key sharing information sent by second equipment through a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; transmitting a first public key of the first device to the second device through the first communication mode; receiving signature information sent by the second device through the first communication mode, wherein the signature information is determined by the second device through signature of the first public key through a second private key of the second device; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
According to a second aspect of the embodiments of the present disclosure, a key sharing method is provided, which is executed by a second device, and the method includes: transmitting digital key sharing information to first equipment in a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; receiving a first public key of the first device, which is sent by the first device through the first communication mode; signing the first public key according to a second private key of the second device to determine signature information; transmitting the signature information to the first device through the first communication mode; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
According to a third aspect of embodiments of the present disclosure, a key sharing apparatus is provided, which is executed by a first device, the apparatus includes:
The communication module is configured to receive digital key sharing information sent by the second device through the first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; transmitting a first public key of the first device to the second device through the first communication mode; receiving signature information sent by the second device through the first communication mode, wherein the signature information is determined by the second device through signature of the first public key through a second private key of the second device; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
According to a fourth aspect of embodiments of the present disclosure, there is provided a key sharing apparatus, performed by a second device, the apparatus comprising: the first communication module is configured to send digital key sharing information to the first device in a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; receiving a first public key of the first device, which is sent by the first device through the first communication mode; a processing module configured to sign the first public key according to a second private key of the second device to determine signature information; a second communication module configured to transmit the signature information to the first device through the first communication manner; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
According to a fifth aspect of embodiments of the present disclosure, there is provided a communication apparatus, including: a processor; a memory for storing processor-executable instructions; wherein the processor is configured to perform the key sharing method performed by the first device.
According to a sixth aspect of the embodiments of the present disclosure, a computer readable storage medium is provided for storing a computer program, which when executed by a processor, implements the steps of the key sharing method performed by the first device.
According to a seventh aspect of the embodiments of the present disclosure, there is provided a communication apparatus, including: a processor; a memory for storing processor-executable instructions; wherein the processor is configured to perform the key sharing method performed by the second device described above.
According to an eighth aspect of the embodiments of the present disclosure, a computer readable storage medium is provided for storing a computer program, which when executed by a processor, implements the steps of the key sharing method performed by the second device.
According to the embodiment of the disclosure, in a scene that the first device and the second device are closer, the first device can receive the digital key sharing information sent by the second device in a short-distance wireless communication mode to obtain the vehicle public key of the vehicle. After receiving the digital key sharing information, the digital key sharing device can send the first public key of the vehicle to the second device in a short-range wireless communication mode, and receive signature information which is sent by the second device and is determined by signing the first public key, so that the vehicle can determine the first public key of the first device according to the signature information, and the digital key between the first device and the vehicle can be generated on the basis that the first device and the vehicle mutually own the public keys of the other side.
Since the first device and the second device in this embodiment communicate by a short-range wireless communication method. Therefore, in the process of sharing the key, the first device and the second device can avoid the problems that the information transmission speed is low due to network delay of a mobile network or the Internet, even the information cannot be transmitted due to server failure of the Internet, and the like, and improve the key sharing efficiency and success rate.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings required for the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings may be obtained according to these drawings without inventive effort to a person of ordinary skill in the art.
Fig. 1 is a schematic flow chart diagram illustrating a key sharing method according to an embodiment of the present disclosure.
Fig. 2 is a schematic flow chart diagram illustrating another key sharing method according to an embodiment of the present disclosure.
Fig. 3 is a schematic flow chart diagram illustrating yet another key sharing method according to an embodiment of the present disclosure.
Fig. 4 is a schematic flow chart diagram illustrating a key sharing method according to an embodiment of the present disclosure.
Fig. 5 is a schematic flow chart diagram illustrating another key sharing method according to an embodiment of the present disclosure.
Fig. 6 is a schematic flow chart diagram illustrating yet another key sharing method according to an embodiment of the present disclosure.
Fig. 7 is a schematic block diagram illustrating an apparatus for key sharing according to an embodiment of the present disclosure.
Fig. 8 is a schematic block diagram illustrating an apparatus for key sharing according to an embodiment of the present disclosure.
Fig. 9 is a schematic block diagram of a terminal for key sharing, shown according to an embodiment of the present disclosure.
Detailed Description
The following description of the technical solutions in the embodiments of the present disclosure will be made clearly and completely with reference to the accompanying drawings in the embodiments of the present disclosure, and it is apparent that the described embodiments are only some embodiments of the present disclosure, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the disclosure, are within the scope of the disclosure.
The terminology used in the embodiments of the disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the embodiments of the disclosure. As used in this disclosure of embodiments and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in embodiments of the present disclosure to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of embodiments of the present disclosure. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "in response to a determination" depending on the context.
For purposes of brevity and ease of understanding, the terms "greater than" or "less than," "above," or "below" are used herein in describing the magnitude relationship. But it will be appreciated by those skilled in the art that: the term "greater than" also encompasses the meaning of "greater than or equal to," less than "also encompasses the meaning of" less than or equal to "; the term "above" encompasses the meaning of "above and equal to" and "below" also encompasses the meaning of "below and equal to".
All embodiments in the present disclosure are mainly applied to near field communication scenarios, for example, scenarios where a vehicle owner faces other users to be shared, and a second device held by the vehicle owner is closer to a first device held by the other users.
Near field communication NFC is a non-contact induction recognition technology and has the advantages of being short in distance, low in energy consumption, high in safety and the like. Bluetooth BT technology is an open global specification for wireless data communications, which is based on low cost short range wireless connections to establish a special wireless connection for the fixed and mobile device communication environment. Based on sharing the digital key by using the near field communication technology or the bluetooth technology, information (such as digital key sharing information, a first public key, signature information, etc.) transmitted in the process of sharing the digital key between the first device and the second device may not be forwarded by other devices, but may be directly communicated between the first device and the second device, so that the digital key sharing process is safely and conveniently implemented.
When the first device and the second device are in the same Wireless Local Area Network (WLAN) environment, the first device and the second device can access the wireless local area network simultaneously, and communicate through the wireless local area network.
In the related art, in order to facilitate control of a vehicle by other users when borrowing the vehicle of the vehicle owner, a first device held by the other users needs to communicate with a second device held by the vehicle owner to obtain a digital key shared by the second device.
Currently, communication between a first device and a second device is mainly dependent on the mobile network or the internet. Even in a scenario where the owner of the vehicle faces other users, when the first device acquires the digital key shared by the second device and used for controlling the vehicle, the first device needs to interact with the second device of the owner of the vehicle through a mobile network or the internet to share the required related information, such as the public key of the vehicle, the first public key of the first device, and the like.
However, when the mobile network or the internet server is used for communication, since the mobile network or the internet server needs to face a large number of terminals, a large amount of data may need to be processed and transmitted at the same time, delay is easy to generate, and the server in the internet may also have the conditions of failure, maintenance and the like, so that information interaction between the first device and the second device cannot be performed timely. Even the first device and the second device may go to sleep due to excessively long waiting time in the process of waiting for receiving data, so that the received data cannot be processed in time even if the data is received. The first device of other users cannot acquire the digital key of the vehicle in time, so that the vehicle cannot be controlled.
Fig. 1 is a schematic flow chart diagram illustrating a key sharing method according to an embodiment of the present disclosure. The key method shown in this embodiment may be executed by a first device, where the first device may communicate with a second device, where the first device and the second device include, but are not limited to, a mobile phone, a tablet computer, a wearable device, a sensor, an internet of things device, and other communication apparatuses.
As shown in fig. 1, the key sharing method may include the following steps:
In step S101, digital key sharing information sent by the second device through the first communication mode is received, where the digital key sharing information includes a vehicle public key of the vehicle;
In step S102, a first public key of the first device is sent to the second device through the first communication mode;
In step S103, signature information sent by the second device through the first communication manner is received, where the signature information is determined by the second device by signing the first public key with a second private key of the second device;
Wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key. It is understood that the short-range wireless Communication method in the present disclosure includes short-range Communication technology in a general sense, including, but not limited to WLAN (Wireless Local Area Network), NFC (NEAR FIELD Communication), bluetooth (Bluetooth), zigbee, and the like.
In one embodiment, the sharing digital key includes that the vehicle of the sharing party (second device) and the shared party (first device) can mutually confirm the identity of each other, and that the communication between the vehicle and the first device can be performed securely.
On the one hand, based on an asymmetric encryption technology, under the condition that the first equipment and the vehicle respectively generate own public and private key pairs, if the first equipment and the vehicle have the public key of the opposite party, the identity of the opposite party can be verified by verifying the signature mode of the private key of the opposite party; on the other hand, secure communication between the vehicle and the first device may be achieved by generating a session key by a key exchange algorithm, such as Diffie-Hellman algorithm, using its own private key and the public key of the counterpart. That is, the first device and the vehicle can recognize that the digital key is generated as long as they have the public key of each other.
In one embodiment, since the second device is a communication device held by the owner of the vehicle, the second device itself stores the digital key of the vehicle, i.e. the second device stores the vehicle public key of the vehicle and the vehicle stores the second public key of the second device, so that the owner can control the vehicle by the digital key.
For example, when the vehicle owner needs to unlock the door of the vehicle, the unlocking request signed by the private key of the second device may be sent to the vehicle through the second device. After the vehicle receives the signed unlocking request, the signed unlocking request can be checked by using the second public key of the second device stored in the vehicle. Only if the verification passes, the vehicle can determine that the unlocking request is sent by the second device, and since the vehicle stores the second public key of the second device, the vehicle can unlock the vehicle door according to the unlocking request by signing the unlocking request by using the private key of the second device.
In one embodiment, the first communication means includes at least one of: near field Communication NFC (NEAR FIELD Communication); bluetooth BT (Bluetooth); wireless local area network WLAN (Wireless Local Area Network).
According to the embodiment, in a scenario that the first device and the second device are closer, the first device may receive the digital key sharing information sent by the second device through a short-range wireless communication manner, so as to obtain a vehicle public key of the vehicle. After receiving the digital key sharing information, the first public key of the vehicle can be sent to the second device through other communication modes except mobile network communication and internet communication, and signature information which is sent by the second device and is determined by signing the first public key is received, so that the vehicle can determine the first public key of the first device according to the signature information, and the digital key between the first device and the vehicle can be generated on the basis that the first device and the vehicle mutually own public keys.
Since the first device and the second device in this embodiment communicate by a short-range wireless communication method. Therefore, in the process of sharing the key, the first device and the second device can avoid the problems that the information transmission speed is low due to network delay of a mobile network or the Internet, even the information cannot be transmitted due to server failure of the Internet, and the like, and improve the key sharing efficiency and success rate.
In one embodiment, the digital key sharing information further includes rights information and/or configuration information.
In one embodiment, the rights information may include functional rights information and lifetime information. Because the car owner can grant different functional authorities (such as car door unlocking authorities, engine starting authorities and the like) to different users according to actual conditions when sharing the digital key to other users, even can grant different digital key validity periods to different users according to requirements.
Therefore, after receiving the digital key sharing information sent by the second device, the first device can determine the control operation of the first device on the vehicle according to the function authority information carried in the digital key sharing information. And the validity period of the key shared by the second equipment can be determined according to the service life information carried in the digital key sharing information, and the key is automatically disabled after the service life of the digital key reaches the validity period set by the vehicle owner.
In one embodiment, the configuration information may include storage location information. After receiving the digital key sharing information sent by the second device, the first device may determine a storage location of the digital key according to configuration information carried in the digital key sharing information, so as to store a key related to the digital key or other information (such as authority information) in the storage location, so that when the first device uses the digital key function to control the vehicle, the vehicle may read related information of the digital key at the storage location according to a preset reading path.
In one embodiment, the first public key of the first device may be generated by the first device after receiving the digital key sharing information sent by the second device. The first device may generate an asymmetric key pair after receiving the digital key sharing information sent by the second device, and use a public key in the key pair as the second public key.
Fig. 2 is a schematic flow chart diagram illustrating another key sharing method according to an embodiment of the present disclosure. As shown in fig. 2, the method further includes:
in step S201, the signature information is stored in the trusted execution environment TEE and/or the secure element SE.
TEE (Trusted execution environment) is a block of space in mobile devices (smartphones, tablet computers, smart televisions) that provides security for the execution of data and code, which can guarantee confidentiality and integrity of data and code. SE (Secure Element) is typically provided in chip form, an Element that protects data security against external malicious parsing attacks.
In one embodiment, to ensure the security of the digital key, after receiving the digital key sharing information sent by the second device, the first device may store the public key of the vehicle carried in the digital key sharing information in the trusted execution environment TEE and/or the secure element SE. And after receiving the signature information sent by the second device, the signature information may also be stored in the trusted execution environment TEE and/or the secure element SE. The method and the device can avoid the first device from revealing the related information of the digital key under the condition of being attacked maliciously, and improve the safety of the digital key.
Fig. 3 is a schematic flow chart diagram illustrating yet another key sharing method according to an embodiment of the present disclosure. As shown in fig. 3, the method further includes:
In step S301, the signature information is sent to the vehicle, so that the vehicle performs signature verification on the signature information according to the stored second public key of the second device, so as to obtain the first public key of the first device.
In one embodiment, the first device may store the vehicle public key of the vehicle contained therein after receiving the digital key sharing information sent by the second device.
In one embodiment, the first device may read signature information stored by the first device from the first device and verify the signature information based on a second public key of a second device stored in the vehicle when the first device uses the digital key function to attempt to control the vehicle.
If the signature information is successfully checked by the vehicle, the vehicle can determine that the information contained in the signature information is trustworthy, the vehicle can store a first public key of the first device carried in the signature information, can verify the identity of the first device when the control request sent by the first device is received at this time and later according to the stored first public key, and realizes the safety information interaction between the vehicle and the first device based on the stored first public key and the private key of the vehicle.
If the vehicle does not successfully verify the signature information, the vehicle can determine that the information contained in the signature information is unreliable, the vehicle does not store the first public key of the first device carried in the signature information, and ignores the control request sent by the first device. Further, the vehicle may also send an alarm message to the second device (i.e., the user device held by the vehicle owner) to alert the second device that the digital key related information may leak.
Fig. 4 is a schematic flow chart diagram illustrating a key sharing method according to an embodiment of the present disclosure. The key method shown in this embodiment may be performed by a second device, where the second device may communicate with a first device, where the first device and the second device include, but are not limited to, a mobile phone, a tablet computer, a wearable device, a sensor, an internet of things device, and other communication apparatuses.
As shown in fig. 4, the key sharing method may include the following steps:
In step S401, digital key sharing information is sent to a first device through a first communication manner, where the digital key sharing information includes a vehicle public key of a vehicle;
in step S402, a first public key of the first device, which is sent by the first device through the first communication manner, is received;
In step S403, the first public key is signed according to a second private key of the second device, so as to determine signature information;
in step S404, the signature information is sent to the first device through the first communication manner;
wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
In one embodiment, the sharing digital key includes that the vehicle of the sharing party (second device) and the shared party (first device) can mutually confirm the identity of each other, and that the communication between the vehicle and the first device can be performed securely.
On the one hand, based on an asymmetric encryption technology, under the condition that the first equipment and the vehicle respectively generate own public and private key pairs, if the first equipment and the vehicle have the public key of the opposite party, the identity of the opposite party can be verified by verifying the signature mode of the private key of the opposite party; on the other hand, secure communication between the vehicle and the first device may be achieved by generating a session key by a key exchange algorithm, such as Diffie-Hellman algorithm, using its own private key and the public key of the counterpart. That is, the first device and the vehicle can recognize that the digital key is generated as long as they have the public key of each other.
In one embodiment, since the second device is a communication device held by the owner of the vehicle, the second device itself stores the digital key of the vehicle, i.e. the second device stores the vehicle public key of the vehicle and the vehicle stores the second public key of the second device, so that the owner can control the vehicle by the digital key.
For example, when the vehicle owner needs to unlock the door of the vehicle, the unlocking request signed by the private key of the second device may be sent to the vehicle through the second device. After the vehicle receives the signed unlocking request, the signed unlocking request can be checked by using the second public key of the second device stored in the vehicle. Only if the verification passes, the vehicle can determine that the unlocking request is sent by the second device, and since the vehicle stores the second public key of the second device, the vehicle can unlock the vehicle door according to the unlocking request by signing the unlocking request by using the private key of the second device.
In one embodiment, the first communication means includes at least one of: near field Communication NFC (NEAR FIELD Communication); bluetooth BT (Bluetooth); wireless local area network WLAN (Wireless Local Area Network).
Near field communication NFC is a non-contact induction recognition technology and has the advantages of being short in distance, low in energy consumption, high in safety and the like. Bluetooth BT technology is an open global specification for wireless data communications, which is based on low cost short range wireless connections to establish a special wireless connection for the fixed and mobile device communication environment. Based on sharing the digital key by using the near field communication technology or the bluetooth technology, information (such as digital key sharing information, a first public key, signature information, etc.) transmitted in the process of sharing the digital key between the first device and the second device can be directly communicated between the first device and the second device without being forwarded by other devices, so that the digital key sharing process is safely and conveniently realized.
When the first device and the second device are in the same Wireless Local Area Network (WLAN) environment, the first device and the second device can access the wireless local area network simultaneously, and communicate through the wireless local area network.
In the related art, when a vehicle owner borrows a vehicle to other users, in order to facilitate the other users to control the vehicle, a second device held by the vehicle owner needs to communicate with a first device held by the other users to share a digital key with the first device.
Currently, communication between a first device and a second device is mainly dependent on the mobile network or the internet. Even in a scenario where the owner of the vehicle faces other users, when the second device shares the digital key for controlling the vehicle with the first device, it is necessary to interact the digital key with the first device through a mobile network or the internet to share the required related information, such as the vehicle public key of the vehicle, the first public key of the first device, etc.
If a delay or even a fault occurs in a mobile network or an internet server, information interaction between the first device and the second device cannot be performed timely. Even the first device and the second device may go to sleep due to excessively long waiting time in the process of waiting for receiving data, so that the received data cannot be processed in time even if the data is received. The owner of the vehicle cannot share the digital key of the vehicle to other users in time, so that the other users cannot control the vehicle.
According to the embodiment, in a scenario that the first device is closer to the second device, the second device may share information with the digital key sent to the first device by using a short-range wireless communication manner, so that the first device obtains a vehicle public key of the vehicle, and receives a first public key of the first device sent by the first device according to the digital key sharing information. After receiving the first public key, the second device can sign the first public key by using its own second private key, and send the signature information determined after the signature to the first device by a short-range wireless communication mode. When the first device uses the digital key function, the vehicle can determine the first public key of the first device according to the signature information stored by the first device, so that the first device and the vehicle can generate the digital key between the first device and the vehicle on the basis of mutually owned public keys of the other side.
Since the first device and the second device in this embodiment communicate by a short-range wireless communication method. Therefore, in the process of sharing the key, the first device and the second device can avoid the problems that the information transmission speed is low due to network delay of a mobile network or the Internet, even the information cannot be transmitted due to server failure of the Internet, and the like, and improve the key sharing efficiency and success rate.
In one embodiment, the first public key of the first device may be generated by the first device after receiving the digital key sharing information sent by the second device. The first device may generate an asymmetric key pair after receiving the digital key sharing information sent by the second device, and use a public key in the key pair as the second public key.
Fig. 5 is a schematic flow chart diagram illustrating another key sharing method according to an embodiment of the present disclosure. As shown in fig. 5, the signing the first public key according to the second private key of the second device to determine signature information includes:
In step S501, configuration information and/or rights information for the second device is determined;
In step S502, the first public key, the configuration information and/or the authority information is signed according to a second private key of the second device, so as to determine signature information.
In one embodiment, the digital key sharing information further includes rights information and/or configuration information.
In one embodiment, the rights information may include functional rights information and lifetime information. Because the car owner can grant different functional authorities (such as car door unlocking authorities, engine starting authorities and the like) to different users according to actual conditions when sharing the digital key to other users, even can grant different digital key validity periods to different users according to requirements.
Thus, the second device can determine the authority information for the first device, and send the function authority information and the service life information carried in the digital key sharing information to the first device. After receiving the digital key sharing information sent by the second device, the first device determines own control operation capable of being performed on the vehicle according to the function authority information carried in the digital key sharing information, and the first device can determine the validity period of the key shared by the second device according to the service life information carried in the digital key sharing information, and when the own digital key is used, the first device automatically fails after reaching the validity period set by a vehicle owner.
In one embodiment, the configuration information may include storage location information. The second device may determine configuration information for the first device, and send the configuration information carried in the digital key sharing information to the first device. After receiving the digital key sharing information sent by the second device, the first device may determine a storage location of the digital key according to the configuration information carried in the digital key sharing information, so as to store a key related to the digital key or other information (such as authority information) in the storage location, so that when the first device uses the digital key function to control the vehicle, the vehicle may read the related information of the digital key at the storage location according to a preset reading path.
In one embodiment, after receiving the first public key of the first device sent by the first device, the second device may sign the determined configuration information and authority information for the first device together with the first public key of the first device when signing the first public key with its second private key. After the vehicle acquires the signature information from the first device, the second public key of the second device is utilized to check the signature information, and besides the first public key of the first device, the configuration information and the authority information, determined by the second device, for the first device can also be acquired, so that the configuration information and the authority information of the digital key are prevented from being changed privately by the first device.
Fig. 6 is a schematic flow chart diagram illustrating yet another key sharing method according to an embodiment of the present disclosure. As shown in fig. 6, the first communication manner includes near field communication NFC, and the method further includes:
In step S601, according to a triggering action of a user on a key sharing key in a preset application interface, a card reading mode of the NFC module is started.
In one embodiment, when the user (vehicle owner) needs to share the digital key with other users, the key sharing key in the preset application interface of the second device may be triggered. After the second device detects the triggering action, the second device can automatically start a card reading mode of the NFC module in the second device to initiate reading and writing. The first device may automatically start a card simulation mode of the NFC module in the first device after detecting a triggering action of the user on the key sharing key in a preset application interface of the first device, or after detecting information sent by the second device. And under the condition that one of the first equipment and the second equipment is determined to be in a card simulation mode and the other is determined to be in a card reading mode, the communication between the first equipment and the second equipment is successfully established.
In one embodiment, if the first communication mode adopted by the first device and the second device is bluetooth. The second device can automatically start the bluetooth function after detecting the triggering action of the key sharing key in the preset application interface, and search other nearby devices. Furthermore, in practical application, the vehicle owner only borrows the vehicle to the personal friends or families and other persons with relatively close relations, so that after the second device starts the Bluetooth function to search other nearby devices, connection can be automatically established with the other connected devices in a preferential mode, a user is prompted whether to share keys with the connected devices, and the key sharing efficiency is improved.
In one embodiment, the user controls the vehicle, typically through a portable and digital key enabled device such as a cell phone or tablet. Therefore, when the first communication mode adopted by the first device and the second device is bluetooth, the second device can screen the device types of other searched devices after starting the bluetooth function to search other nearby devices, preferentially establishes connection with the device type which is a mobile phone or a tablet, prompts a user whether to share a key with the connected device, and improves the key sharing efficiency.
Corresponding to the embodiment of the key sharing method, the disclosure further provides an embodiment of the key sharing device.
Fig. 7 is a schematic flow chart diagram of a key sharing device according to an embodiment of the disclosure. The key device shown in this embodiment may be executed by a first device, where the first device may communicate with a second device, where the first device and the second device include, but are not limited to, a communication device such as a mobile phone, a tablet computer, a wearable device, a sensor, an internet of things device, and the like.
As shown in fig. 7, the key sharing device may include:
A communication module 701 configured to receive digital key sharing information sent by the second device through the first communication manner, where the digital key sharing information includes a vehicle public key of a vehicle; transmitting a first public key of the first device to the second device through the first communication mode; receiving signature information sent by the second device through the first communication mode, wherein the signature information is determined by the second device through signature of the first public key through a second private key of the second device; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
In one embodiment, the first communication means includes at least one of: near field communication, NFC; bluetooth BT; a wireless local area network WLAN.
In one embodiment, the digital key sharing information further includes configuration information and/or rights information.
In one embodiment, the apparatus further comprises: a storage module 702 is configured to store the signature information in the trusted execution environment TEE and/or the secure element SE.
In one embodiment, the communication module is further configured to: and sending the signature information to the vehicle so that the vehicle performs signature verification on the signature information according to the stored second public key of the second device to acquire the first public key of the first device.
Fig. 8 is a schematic flow chart diagram illustrating a key sharing device according to an embodiment of the present disclosure. The key device shown in this embodiment may be executed by a second device, where the second device may communicate with the first device, where the first device and the second device include, but are not limited to, a communication device such as a mobile phone, a tablet computer, a wearable device, a sensor, an internet of things device, and the like.
As shown in fig. 8, the key sharing device may include:
a communication module 801 configured to send digital key sharing information to a first device through a first communication manner, wherein the digital key sharing information includes a vehicle public key of a vehicle; receiving a first public key of the first device, which is sent by the first device through the first communication mode;
A processing module 802 configured to sign the first public key according to a second private key of the second device to determine signature information;
The communication module is further configured to send the signature information to the first device through the first communication mode; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
In one embodiment, the first communication means includes at least one of: near field communication, NFC; bluetooth BT; a wireless local area network WLAN.
In one embodiment, the digital key sharing information further includes configuration information and/or rights information.
In one embodiment, the processing module is configured to: determining configuration information and/or rights information for the second device; and signing the first public key, the configuration information and/or the authority information according to a second private key of the second device so as to determine signature information.
In one embodiment, the first communication means comprises near field communication NFC, and the processing module is further configured to: and starting a card reading mode of the NFC module according to the triggering action of the key sharing key of the user in the preset application interface.
The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the related methods, and will not be described in detail herein.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The embodiment of the disclosure also provides a terminal, which comprises: a processor; a memory for storing a computer program; the key sharing method according to any of the above embodiments is implemented when the computer program is executed by a processor.
Embodiments of the present disclosure also provide a computer readable storage medium storing a computer program, which when executed by a processor, implements the steps of the key sharing method described in any of the above embodiments.
Fig. 9 is a schematic block diagram of a terminal 900 shown in accordance with an embodiment of the present disclosure. For example, terminal 900 may be a mobile phone, computer, digital broadcast terminal, messaging device, game console, tablet device, medical device, exercise device, personal digital assistant, or the like.
Referring to fig. 9, a terminal 900 may include one or more of the following components: a processing component 902, a memory 904, a power component 906, a multimedia component 908, an audio component 910, an input/output (I/O) interface 912, a sensor component 914, and a communication component 916.
The processing component 902 generally controls overall operation of the terminal 900, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing component 902 may include one or more processors 920 to execute instructions to perform all or part of the key sharing method steps described above. Further, the processing component 902 can include one or more modules that facilitate interaction between the processing component 902 and other components. For example, the processing component 902 can include a multimedia module to facilitate interaction between the multimedia component 908 and the processing component 902.
The memory 904 is configured to store various types of data to support operation at the terminal 900. Examples of such data include instructions for any application or method operating on terminal 900, contact data, phonebook data, messages, pictures, videos, and the like. The memory 904 may be implemented by any type of volatile or nonvolatile memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk, or optical disk.
The power supply component 906 provides power to the various components of the terminal 900. Power supply components 906 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for terminal 900.
The multimedia component 908 includes a screen between the terminal 900 and the user that provides an output interface. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from a user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may sense not only the boundary of a touch or slide action, but also the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 908 includes a front-facing camera and/or a rear-facing camera. The front camera and/or the rear camera may receive external multimedia data when the terminal 900 is in an operation mode, such as a photographing mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have focal length and optical zoom capabilities.
The audio component 910 is configured to output and/or input audio signals. For example, the audio component 910 includes a Microphone (MIC) configured to receive external audio signals when the terminal 900 is in an operation mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may be further stored in the memory 904 or transmitted via the communication component 916. In some embodiments, the audio component 910 further includes a speaker for outputting audio signals.
The I/O interface 912 provides an interface between the processing component 902 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: homepage button, volume button, start button, and lock button.
The sensor assembly 914 includes one or more sensors for providing status assessment of various aspects of the terminal 900. For example, sensor assembly 914 may detect the on/off state of terminal 900, the relative positioning of the components, such as the display and keypad of terminal 900, the sensor assembly 914 may also detect the change in position of terminal 900 or a component of terminal 900, the presence or absence of user contact with terminal 900, the orientation or acceleration/deceleration of terminal 900, and the change in temperature of terminal 900. The sensor assembly 914 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. The sensor assembly 914 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 914 may also include an acceleration sensor, a gyroscopic sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
Communication component 916 is configured to facilitate communication between terminal 900 and other devices, either wired or wireless. Terminal 900 can access a wireless network based on a communication standard, such as WiFi, 2G, 3G, 4G LTE, 5G NR, or a combination thereof. In one exemplary embodiment, the communication component 916 receives broadcast signals or broadcast-related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component 916 further includes a Near Field Communication (NFC) module to facilitate short range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, ultra Wideband (UWB) technology, bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the terminal 900 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic elements for performing the key sharing method described above.
In an exemplary embodiment, a non-transitory computer readable storage medium is also provided, such as a memory 904 including instructions executable by the processor 920 of the terminal 900 to perform the key sharing method described above. For example, the non-transitory computer readable storage medium may be ROM, random Access Memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing has outlined the detailed description of the method and apparatus provided by the embodiments of the present disclosure, and the detailed description of the principles and embodiments of the present disclosure has been provided herein with the application of the specific examples, the above examples being provided only to facilitate the understanding of the method of the present disclosure and its core ideas; meanwhile, as one of ordinary skill in the art will have variations in the detailed description and the application scope in light of the ideas of the present disclosure, the present disclosure should not be construed as being limited to the above description.

Claims (24)

  1. A key sharing method performed by a first device, the method comprising:
    Receiving digital key sharing information sent by second equipment through a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle;
    Transmitting a first public key of the first device to the second device through the first communication mode;
    Receiving signature information sent by the second device through the first communication mode, wherein the signature information is determined by the second device through signature of the first public key through a second private key of the second device;
    wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  2. The method of claim 1, wherein the first communication means comprises at least one of:
    Near field communication, NFC;
    Bluetooth BT;
    a wireless local area network WLAN.
  3. The method of claim 1, wherein the digital key sharing information further comprises configuration information and/or rights information.
  4. The method according to claim 1, wherein the method further comprises:
    The signature information is stored in the trusted execution environment TEE and/or the secure element SE.
  5. The method according to claim 1, wherein the method further comprises:
    and sending the signature information to the vehicle so that the vehicle performs signature verification on the signature information according to the stored second public key of the second device to acquire the first public key of the first device.
  6. A key sharing method performed by a second device, the method comprising:
    transmitting digital key sharing information to first equipment in a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle;
    Receiving a first public key of the first device, which is sent by the first device through the first communication mode;
    signing the first public key according to a second private key of the second device to determine signature information;
    transmitting the signature information to the first device through the first communication mode;
    wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  7. The method of claim 6, wherein the first communication means comprises at least one of:
    Near field communication, NFC;
    Bluetooth BT;
    a wireless local area network WLAN.
  8. The method of claim 6, wherein the digital key sharing information further comprises configuration information and/or rights information.
  9. The method of claim 6, wherein signing the first public key from the second private key of the second device to determine signature information comprises:
    Determining configuration information and/or rights information for the second device;
    And signing the first public key, the configuration information and/or the authority information according to a second private key of the second device so as to determine signature information.
  10. The method of claim 6, wherein the first communication means comprises near field communication, NFC, the method further comprising:
    And starting a card reading mode of the NFC module according to the triggering action of the key sharing key of the user in the preset application interface.
  11. A key sharing apparatus, performed by a first device, the apparatus comprising:
    The communication module is configured to receive digital key sharing information sent by the second device through the first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; transmitting a first public key of the first device to the second device through the first communication mode; receiving signature information sent by the second device through the first communication mode, wherein the signature information is determined by the second device through signature of the first public key through a second private key of the second device; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  12. The apparatus of claim 11, wherein the first communication means comprises at least one of:
    Near field communication, NFC;
    Bluetooth BT;
    a wireless local area network WLAN.
  13. The apparatus of claim 11, wherein the digital key sharing information further comprises configuration information and/or rights information.
  14. The apparatus of claim 11, wherein the apparatus further comprises:
    A storage module configured to store the signature information in the trusted execution environment TEE and/or the secure element SE.
  15. The apparatus of claim 11, wherein the communication module is further configured to: and sending the signature information to the vehicle so that the vehicle performs signature verification on the signature information according to the stored second public key of the second device to acquire the first public key of the first device.
  16. A key sharing apparatus, performed by a second device, the apparatus comprising:
    The first communication module is configured to send digital key sharing information to the first device in a first communication mode, wherein the digital key sharing information comprises a vehicle public key of a vehicle; receiving a first public key of the first device, which is sent by the first device through the first communication mode;
    A processing module configured to sign the first public key according to a second private key of the second device to determine signature information;
    A second communication module configured to transmit the signature information to the first device through the first communication manner; wherein the first communication mode comprises a short-range wireless communication mode; the vehicle public key and the first public key are used for the vehicle and the first device to generate a digital key.
  17. The apparatus of claim 16, wherein the first communication means comprises at least one of:
    Near field communication, NFC;
    Bluetooth BT;
    a wireless local area network WLAN.
  18. The apparatus of claim 16, wherein the digital key sharing information further comprises configuration information and/or rights information.
  19. The apparatus of claim 16, wherein the processing module is configured to: determining configuration information and/or rights information for the second device; and signing the first public key, the configuration information and/or the authority information according to a second private key of the second device so as to determine signature information.
  20. The apparatus of claim 16, wherein the first communication means comprises near field communication, NFC, the processing module further configured to: and starting a card reading mode of the NFC module according to the triggering action of the key sharing key of the user in the preset application interface.
  21. A terminal, comprising:
    A processor;
    a memory for storing a computer program;
    Wherein the key sharing method of any one of claims 1 to 5 is implemented when the computer program is executed by a processor.
  22. A computer readable storage medium storing a computer program, characterized in that the steps in the key sharing method of any one of claims 1 to 5 are implemented when the computer program is executed by a processor.
  23. A terminal, comprising:
    A processor;
    a memory for storing a computer program;
    Wherein the computer program, when executed by a processor, implements the key sharing method of any one of claims 6 to 10.
  24. A computer readable storage medium storing a computer program, characterized in that the steps of the key sharing method of any one of claims 6 to 10 are implemented when the computer program is executed by a processor.
CN202280003138.XA 2022-08-26 2022-08-26 Key sharing method and device, terminal and computer readable storage medium Pending CN117941316A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2022/115093 WO2024040564A1 (en) 2022-08-26 2022-08-26 Key sharing methods and apparatus, terminal, and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN117941316A true CN117941316A (en) 2024-04-26

Family

ID=90012089

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202280003138.XA Pending CN117941316A (en) 2022-08-26 2022-08-26 Key sharing method and device, terminal and computer readable storage medium

Country Status (2)

Country Link
CN (1) CN117941316A (en)
WO (1) WO2024040564A1 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10217304B2 (en) * 2017-06-12 2019-02-26 Ivtes Ltd. Intelligent vehicular electronic key system
CN111179470A (en) * 2018-10-24 2020-05-19 宝马股份公司 Virtual key sharing method, device, equipment, system and storage medium
CN114697898A (en) * 2020-12-14 2022-07-01 ***通信有限公司研究院 Digital vehicle key processing method, sharing method and device, SIM card and vehicle
CN112669491B (en) * 2020-12-16 2022-12-09 广州橙行智动汽车科技有限公司 Vehicle digital key distribution management method and device
CN114764956B (en) * 2021-01-04 2024-06-07 ***通信有限公司研究院 Control method and device for vehicle and readable storage medium

Also Published As

Publication number Publication date
WO2024040564A1 (en) 2024-02-29

Similar Documents

Publication Publication Date Title
WO2020103284A1 (en) Smart card authentication method, smart lock, smart card, system and device
US10608988B2 (en) Method and apparatus for bluetooth-based identity recognition
US10064000B2 (en) Method, apparatus, and storage medium for acquiring terminal information
US11485320B2 (en) Method and apparatus for vehicle function control, and storage medium
RU2674311C1 (en) Method and device for access to smart camera
CN106453052B (en) Message interaction method and device
US10313870B2 (en) Identity verification method and apparatus, and storage medium
US20160294805A1 (en) Method and terminal device for accessing network
EP3163834B1 (en) Method and device for equipment control
WO2019028746A1 (en) Unmanned aerial vehicle access method and device
EP3407278A1 (en) Method and apparatus for reporting loss of card or device associated with account number or stolen of account number
EP4203604A1 (en) Ranging capacity request method and apparatus, ranging capacity sending method and apparatus, and ranging capacity receiving method and apparatus
CN105511922A (en) Application startup controlling method and device
CN105809440B (en) Online payment method and device
US20220408238A1 (en) Verification information processing method and apparatus, terminal device and storage medium
US20220240247A1 (en) A time domain configuration method, device, and storage media
CN110008668B (en) Data processing method, device and storage medium
US20230037475A1 (en) Network connection method and device and readable storage medium
CN117941316A (en) Key sharing method and device, terminal and computer readable storage medium
CN114298709A (en) Data processing method and device for touch screen, terminal and storage medium
CN111786719A (en) Satellite communication method, device, equipment and storage medium
EP4231180A1 (en) Ranging method
CN114025011B (en) Device control method, device control apparatus, and storage medium
CN114612886B (en) Law enforcement information input method and device
CN110139230B (en) Method and device for forwarding short message and intelligent equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination