An Authorization Method Based on CAN Communication Encryption

Abstract

The invention discloses an authorization method based on CAN communication encryption, comprising the following steps: a master device generates a random sequence code and broadcasts it to each node device, and at the same time, the master device is paired with a communication device to generate a first authorized random code and complete information exchange; and then The main device obtains the first authorization code according to the first authorized random code, the communication device ID, the main device barcode and the password book; at the same time, the communication device transmits its ID, the main device barcode and the first authorized random code to the cloud platform, and the cloud platform calculates The second authorization code, by comparing whether the two authorization codes are consistent, if they are consistent, encryption is allowed; then the master device authorizes and verifies the node device, and uses the random sequence code and the first authorization code to obtain the downlink encryption key to encrypt the data , the node device reversely decrypts and reads the information; the node device combines the regularly updated 32-bit random data and the basic key to form an uplink encryption key to encrypt the uplink information, and the master device receives and reversely decrypts and reads the information.

Description

technical field [0001] The invention belongs to the technical field of information communication encryption, and in particular relates to an authorization method based on CAN communication encryption. Background technique [0002] The existing elevator communication control includes multiple node devices, each node device obtains the signal input of each part of the system and is responsible for signal output and other functions. If these data are transmitted on the bus in a clear way, they are vulnerable to malicious attacks , causing the system to fail to operate normally, and it is also easy to be monitored and cracked to illegally copy the node device. In order to protect the system security and the intellectual property rights of the manufacturer, it is particularly urgent to use encryption authorization. [0003] At present, the commonly used CAN communication encryption methods mainly include software encryption, hardware encryption, and combination of software and ha...

AI Technical Summary

Problems solved by technology

[0002] The existing elevator communication control includes multiple node devices, each node device obtains the signal input of each part of the system and is responsible for signal output and other functions. If these data are transmitted on the bus in a clear way, they are vulnerable to malicious attacks , causing the system to fail to operate normally, and it is also easy to be monitored and cracked to illegally copy the node device. In order to protect the system security and the intellectual property rights of the manufacturer, it is particularly urgent to use encryption authorization

[0003] At present, the commonly used CAN communication encryption methods mainly include software encryption, hardware encryption, and combination of software and hardware encryption. The method involving hardware encryption will greatly increase the production cost and cannot adapt to the equipment that has been shipped without encryption hardware. At the same time, the production cost Higher, such as application number CN201810089531.0; and pure software encryption does not have the above problems. At present, most of the pure software encryption methods use multiple sets of encryption schemes preset inside the controller (MCU) (such as application number CN201710075183.7), However, this method has the following disadvantages: (1) the number of multiple schemes involved in this method is limited, and it is impossible to truly realize one key for one machine, and the encryption method is relatively fixed; (2) this method refers to the factory A set of encryption schemes is preset at the time, and if the node equipment is replaced later, the node equipment will be encrypted with another scheme, and each equipment needs two schemes to decrypt the received data, and the system overhead is relatively large; (3) This method adopts the The basic algorithm for reordering data frames is encrypted, and the sorting method of data frames needs to be obtained when decrypting. This method is not suitable for large-scale data transmission and takes up more bus resources.

In summary, this method is slightly insufficient in terms of encryption randomness and greatly increases the operating load of the MCU and takes up large storage resources, and the comprehensive income is low

Images