Key pre-distribution based automobile ECU integrity authentication and encrypted communication method

Abstract

The invention discloses a key pre-distribution based automobile ECU (Electronic Control Unit) integrity authentication and encrypted communication method. The key pre-distribution based automobile ECU integrity authentication and encrypted communication method comprises the steps of providing a unique session key for each ECU by using KPS; carrying out identity authentication through comparing ECU firmware Hash values; judging whether one ECU is tampered; and adopting a two-step authentication mechanism which combines local authentication with remote authentication, wherein safety authentication comprises automobile factory initialization and automobile start self-inspection. As the remote authentication and the local authentication are combined in the key pre-distribution based automobile ECU integrity authentication and encrypted communication method, a communication channel is safe, session keys among the ECU are different, and extremely high safety is obtained; as the keys rather than an encryption algorithm are pre-distributed to the ECU, the difficulty in key distribution is greatly reduced; as the integrity of each ECU is detected by comparison of the Hash values, the efficiency is high, and the cost is low; as key data are stored at a safety module of each ECU, physic attacks can be resisted; and after one original ECU is replaced and one ECU firmware is updated, authentication and encrypted communication still can be carried out by applying the safety mechanism.

Description

technical field [0001] The invention belongs to the field of automobile intelligence, in particular to an automobile ECU integrity verification and encryption communication method based on key pre-distribution. Background technique [0002] Intelligent cars also bring various dangers. Each intelligent system installed on the car is controlled by the ECU (Electronic Control Unit, electronic control unit) in the car. Each intelligent system has its own ECU, and they communicate through the internal bus of the car. Now the most widely used CAN (Control AreaNetwork, Control Area Network) The bus did not consider the information security features at the beginning of the design. There is no authentication and encryption mechanism for sending / receiving data packets, so the data is transmitted in plain text. As long as hackers obtain the CAN bus authority, they can send data to the ECU. Send forged data packets, modify the behavior of the ECU, and even tamper with the ECU firmware ...

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to provide a car ECU integrity verification and encrypted communication method based on key pre-distribution, aiming to solve the problems that the control commands of the existing car control system are easily intercepted and forged, the ECU firmware is easily tampered, and there are security defects

Images